During a penetration testing contract, the client has specifically requested an evaluation of existing physical security measures. Your assessment reveals that the current video surveillance system only covers entry and exit points but does not monitor the server room, which houses critical infrastructure. When compiling your findings report, how should this observation be presented to the client?
Reducing the hours of surveillance to conserve resources during business hours
Maintaining the current surveillance setup since it adequately covers all necessary areas
A recommendation for increasing surveillance to include critical areas such as the server room
Upgrading the resolution of current cameras to capture clearer imagery
The correct answer is A recommendation for increasing surveillance to include critical areas such as the server room. A comprehensive security program includes surveillance of all sensitive areas, not just entry/exit points. By highlighting the lack of coverage in the server room, you align the physical security recommendation with the protective needs of critical infrastructure. The other options are incorrect because they either do not address the issue identified (maintaining the current surveillance setup), contradict best practices (reducing usage during business hours), or are unrelated to the issue (upgrading the resolution on existing cameras is not the main concern if critical areas are not under surveillance).
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are physical security measures?
Open an interactive chat with Bash
Why is it important to monitor server rooms specifically?
Open an interactive chat with Bash
What best practices should be included in a comprehensive security program?