The following scenario is to be used for questions 27, 28, and 29. Mike is the new CSO of a large pharmaceutical company. He has

admin2013-12-19  12

问题 The following scenario is to be used for questions 27, 28, and 29.
Mike is the new CSO of a large pharmaceutical company. He has been asked to revamp the company’s physical security program and better align it with the company’s information security practices. Mike knows that the new physical security program should be made up of controls and processes that support the following categories: deterrent, delaying, detection, assessment, and response.
Mike’s team has decided to implement stronger locks on the exterior doors of the new company’s facility. Which of the categories listed in the scenario does this countermeasure map to?

选项 A、Deterrent
B、Delaying
C、Detection
D、Assessment

答案B

解析 B正确。锁、深度防卫措施和访问控制通常用于拖延潜在的入侵者。物理安全项目应该在以下每个类别中都包含控制机制:阻止、延迟、检测、评估和响应。
A不正确。因为围栏、警告标示和保安都是用于阻止未授权进入的对策的例子。这些类型控制机制的目的是让潜在攻击者一开始不会发起攻击。
C不正确。因为检测工具的实施不是为了阻止恶意的个体,而是为了检测他们的行为。检测工具可以是入侵检测系统、探测器或PIDAS围栏。
D不正确。因为评估控制与如何确定和评估不同的场景有关。这个类别中最常见的控制手段就是保安,因为他能够将不同的场景片段联系到一起,进而确定下一个步骤可能发生的事情。确保实施事故评估和根据事故评估结果进行的过程的控制至关重要。
转载请注明原文地址:https://kaotiyun.com/show/SfhZ777K
0

最新回复(0)