首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
The following scenario applies to questions 29, 30, and 31. Barry has just been hired as the company security officer at an inte
The following scenario applies to questions 29, 30, and 31. Barry has just been hired as the company security officer at an inte
admin
2013-12-19
113
问题
The following scenario applies to questions 29, 30, and 31.
Barry has just been hired as the company security officer at an international financial institution. He has reviewed the company’s data protection policies and procedures. He sees that the company stores its sensitive data within a secured database. The database is located in a network segment all by itself, which is monitored by a network-based intrusion detection system. The database is hosted on a server kept within a server room, which can only be accessed by personnel with the correct PIN value and smart card. Barry finds that the sensitive data backups are not being properly secured and requests that the company implement a secure courier service that moves backup tapes to a secured location. His management states that this option is too expensive, so Barry implements a local hierarchy storage management system that properly protects the sensitive data.
Which are the two most common situations that require the type of control covered in the scenario to be implemented?
选项
A、Defense-in-depth is required, and the current controls only provide one protection layer.
B、Primary control costs too much or negatively affects business operations.
C、Confidentiality is the highest concern in a situation where defense-in-depth is required.
D、Availability is the highest concern in a situation where defense-in-depth is required.
答案
B
解析
B正确。之所以实施补偿控制,是因为提议的主要控制太昂贵了但仍然是必需的。所以需要确定和实施能提供相同类型的保护但较为便宜一点的控制。需要补偿控制的另一种情况就是主要控制会负面影响业务运营。
A不正确。因为尽管补偿控制可以提供深度防御,但它并不是这种类型的控制加以实施的原因。
C不正确。因为补偿控制可能会也可能不会提供保密性。但是控制提供的保密性方面的服务并不是实施补偿控制的原因。补偿控制是一种替换控制类型。
D不正确。因为补偿控制可能会也可能不会提供可用性。但是控制提供的可用性方面的服务并不是实施补偿控制的原因。补偿控制是一种替换控制类型。
转载请注明原文地址:https://kaotiyun.com/show/LNhZ777K
0
CISSP认证
相关试题推荐
AsformercolonistsofGreatBritain,theFoundingFathersoftheUnitedStatesadoptedmuchofthelegalsystemofGreatBritai
TheTreasurycouldpocket20millionayearinextrafinesoncethecountry’sspeedcameranetworkisexpanded.Motoringorgani
Individualsandbusinesseshavelegalprotectionforintellectualpropertytheycreateandown.Intellectualproper【C1】______fro
DungtoDeathFieldsacrossEuropearecontaminatedwithdangerouslevelsoftheantibioticsgiventofarmanimals.Thedrug
[A]Whattodoasastudent?[B]Variousdefinitionsofplagiarism[C]Ideasshouldalwaysbesourced[D]Ignorancecanbeforgi
[A]Marketforglasscraftsisgrowing[B]Dependenceofcomputerdevelopmentonglass[C]Behindtheadaptabilityofglass[D]
VirtualDriverDrivinginvolvessharpeyesandkeenears,analyzingwithabrain,andcoordinationbetweenhands,feetandb
Howmenfirstlearnedtoinventwordsisunknown;inotherwords,theoriginoflanguageisamystery.Allwereallyknowistha
Thateveryone’stoobusythesedaysisacliche.Butonespecificcomplaintismadeespeciallymournfully:There’sneveranytim
随机试题
某村庄的村民,食用发霉粮食后,突发一过性发热、呕吐、厌食,随后出现黄疸、水肿,到医院检查有肝功能异常。患病村民可能是
A.归脾汤B.酸枣仁汤C.天王补心丹D.朱砂安神丸E.甘麦大枣汤
A.外毒素B.菌毛C.鞭毛D.荚膜E.芽胞肺炎链球菌的主要致病物质是
不能用其蒸气灭菌的是
以下属于无民事行为能力人的是()。
城镇职工基本医疗保险实行( )。
冲击疗法的治疗协议包括()。
劳动经济学的研究对象包括()。
根据下列材料回答问题。2012年,F省社会保险工作年度目标任务如下:城镇基本养老保险目标任务为725.00万人,城镇基本医疗保险目标任务为1260.00万人,失业保险目标任务为428.50万人,工伤保险目标任务为504.00万人,生育保险目标任务为453
Giventhechoice,youngerprofessionalsaremostinterestedinworkingattechcompanieslikeAppleandgovernmentagencieslike
最新回复
(
0
)