Certified Information Systems Security Professional (CISSP) — Question 31

Which section of the assessment report addresses separate vulnerabilities, weaknesses, and gaps?

Answer options

• A. Findings definition section
• B. Risk review section
• C. Executive summary with full details
• D. Key findings section

Correct answer: A

Explanation

The Findings definition section is specifically designed to detail the various vulnerabilities, weaknesses, and gaps identified during the assessment. The other sections, while important, focus on broader risk analysis, summarization of findings, or overall key highlights rather than the detailed breakdown of issues.