A company finds that an exposed repository permitted individuals to read internal documents. Which approach best reduces the possibility of unauthorized disclosures while allowing the IT department to add new data?
Use routine scanning tools to detect any abnormalities in file access
Remove the repository nightly and reload it from backups each morning
Encrypt all files with a local key known to the data owners
Enforce stricter permissions on the repository and enable auditing
Setting more restrictive permissions and enforcing auditing address misconfigurations directly. Encrypting files alone may not prevent access if the folder remains publicly exposed. Running scans is beneficial but without revised access settings, it may not solve the underlying issue. Deleting and restoring the repository each day disrupts operations and fails to address the original misconfiguration.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does enforcing stricter permissions mean in this context?
Open an interactive chat with Bash
How does enabling auditing improve security?
Open an interactive chat with Bash
Why is encryption alone not sufficient in this scenario?