Which statement below is the MOST accurate about insider threat controls?
A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.
Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.
Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.
Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.
Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.
The creation of a filesystem timeline is associated with which objective?
Which of the following applies to newer versions of IOS that decrease their attack surface?
Recent versions of IOS have less services enabled by default, older versions vary but generally have more services (even those not needed) enabled by default; this increases the attack surface on the device.
Which statement below is the MOST accurate about insider threat controls?
A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.
Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.
Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.
Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.
Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!