New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCED Exam - Topic 3 Question 25 Discussion

Actual exam question for GIAC's GCED exam
Question #: 25
Topic #: 3
[All GCED Questions]

Which statement below is the MOST accurate about insider threat controls?

Show Suggested Answer Hide Answer
Suggested Answer: A

A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.

Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.

Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.

Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.

Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.


by Nichelle at Aug 07, 2023, 01:30 AM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Reuben
3 months ago
E is misleading, separation actually reduces risk!
upvoted 0 times
...
Vivan
3 months ago
Wait, D seems off, how can rotation increase threats?
upvoted 0 times
...
Luisa
4 months ago
C sounds right, both types of controls are needed.
upvoted 0 times
...
Denise
4 months ago
I disagree with B, awareness can really help!
upvoted 0 times
...
Afton
4 months ago
A is definitely true, classification is key!
upvoted 0 times
...
Elmer
4 months ago
D seems odd to me; I thought rotation of duties was meant to reduce insider threats, not increase them.
upvoted 0 times
...
Mindy
4 months ago
I feel like C could be misleading because while both controls are important, I don't think they can fully prevent insider attacks.
upvoted 0 times
...
Lettie
5 months ago
I'm not sure about B; I thought security awareness programs were actually effective in reducing insider threats.
upvoted 0 times
...
Raelene
5 months ago
I remember studying how classification of information assets is crucial for protecting sensitive data, so I think A might be correct.
upvoted 0 times
...
Aleta
5 months ago
This looks like a question about data persistence mechanisms. I think I know the answer, but I'll double-check my notes to be sure.
upvoted 0 times
...
Theola
5 months ago
I think I know this one - skimming is when you set a high price to quickly recover your costs, right? That sounds like option C to me.
upvoted 0 times
...
Iola
5 months ago
Hmm, I'm a bit unsure about this one. I think I need to review my notes on IT process management to determine the best approach.
upvoted 0 times
...

Save Cancel