A company recently underwent an audit of its internal security measures and found that access to sensitive data was not adequately restricted. What is the best way to address this issue?
Enhance physical security measures around the data storage locations.
Ensure regular updates are applied to all software and systems used in the organization.
Increase data redundancy for sensitive information to ensure data availability.
Implement a least privilege access policy that restricts data access based on job function.
Implementing a policy of least privilege is effective in limiting access to sensitive data to only those individuals who require it for their job functions. This practice helps to minimize the potential for unauthorized access or data breaches. Other measures, like increasing data redundancy, do not directly solve access issues; they address data availability rather than access control. Ensuring system updates are applied regularly is important for security but does not mitigate access issues directly. Enhancing physical security measures might help in protecting premises, but if access controls to data are inadequate, it will not resolve the underlying issue.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a least privilege access policy?
Open an interactive chat with Bash
Why is restricting access based on job function important?
Open an interactive chat with Bash
What are the implications of not implementing a least privilege access policy?
Open an interactive chat with Bash
ISC2 CISSP
Security Operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access