Which of the following technical controls would be the BEST choice to immediately prevent this from happening again?

– by 6

A copy of a highly confidential salary report was recently found on a printer in the IT department. The human resources department does not have this specific printer mapped to its devices, and it is suspected that an employee in the IT department browsed to the share where the report was located and printed it without authorization. Which of the following technical controls would be the BEST choice to immediately prevent this from happening again?
A. Implement a DLP solution and classify the report as confidential, restricting access only to human resources staff
B. Restrict access to the share where the report resides to only human resources employees and enable auditing
C. Have all members of the IT department review and sign the AUP and disciplinary policies
D. Place the human resources computers on a restricted VLAN and configure the ACL to prevent access from the IT department

How To Pass SY0-601 Exam?

CompTIA SY0-601 PDF dumps.

High quality SY0-601 pdf and software. VALID exam to help you pass.
comptia-exams

6 thoughts on “Which of the following technical controls would be the BEST choice to immediately prevent this from happening again?

  1. Other reasons it’s “B” is that the permissions weren’t right or this incident wouldn’t have happened, and they asked for a technical control, not an administrative control.

    Reply

  3. C – Can you set file permissions to deny the Systems Administrators access? Sure. Can the Systems Administrators change it so they have access? Sure. Can it be set up to tell you who changed the access or who accessed the folder? Sure. Who are you going to have set this up and check the logs? Oh yeah, the Systems Administrators. An AUP is the best you can do.

    1
    Reply

  4. C. sign an AUP. Systems Administrators have complete access to all folders and files – and the Windows Server OS gives them permission to take ownership of any folder or file that may have tried to restrict their access. They have the authority to run the utility program “TAKEOWN” to do it. Since you can’t restrict them from accessing the share – then all you can do is get them to sign an AUP.

    1
    Reply

  5. B. Restrict access to the share where the report resides to only human resources employees and enable auditing

    correct answer

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.