shieldCISSP Practice Domain 1 — Security and Risk Management Q42 of 120

Which is the BEST description of due care?

A CISSP practice question covering Domain 1: Security and Risk Management. Try answering before reading the explanation below.

▶ Show options & answer

Verifying that controls operate effectively

Acting reasonably to protect assets — what a prudent person would do

✓ Correct answer

Accepting all residual risk

Outsourcing security entirely

Why "Acting reasonably to protect assets — what a prudent person would do" is the right answer

Due care is the prudent-person standard: doing what's reasonable. Due diligence is the verification side — confirming the controls actually work. The two are companions but distinct.

Study videos for this topic

Want to go deeper on Domain 1? Watch the full breakdown — every video is free, no account, no upsell.

CISSP Domain 1: Ethics & the 5 Pillars (Canon Order)

Domain 1 — Security and Risk Management

CISSP Domain 1: Governance, Roles & Due Care (2026)

Domain 1 — Security and Risk Management

CISSP Domain 1: Laws, IP & GDPR (Compliance)

Domain 1 — Security and Risk Management

CISSP Domain 1: Investigation Types & Security Docs

Domain 1 — Security and Risk Management

Take the full CISSP practice test

120 questions, instant explanations, study-video links on every miss. No account.

Start full test →

Which is the BEST description of due care?

Study videos for this topic

Other practice tests