2. 计算机
  3. Fred is a new security officer who wants to implement a control for detecting and preventing users who attempt to exceed their a

Fred is a new security officer who wants to implement a control for detecting and preventing users who attempt to exceed their a

admin2013-12-19  22
问题 Fred is a new security officer who wants to implement a control for detecting and preventing users who attempt to exceed their authority by misusing the access rights that have been assigned to them. Which of the following best fits this need?
选项 A、Management review
B、Two-factor identification and authentication
C、Capturing this data in audit logs
D、Implementation of a strong security policy
答案A
解析 A正确。这个问题的目标是想让你意识到管理层和主管的参与对确保这种事情不发生,或者被恰当检测到,或者在发生时正确应对是至关重要的。如果用户知道若他们胡作非为,管理层会采取行动,那么就能起到预防作用。这些行为只有在它们发生之后才能被了解,这意味着在通知管理层之前,安全办公室必须实施一些检测活动。
B不正确。因为身份识别和身份验证具有预防性,而非检测性。
C不正确。因为审计日志具有检测性而非预防性。然而,为了具有检测性,安全管理员必须审核审计日志。虽然某些最有力的安全保护来自于预防性控制,但是像审核审计日志这样的检测性控制也是需要的。
D不正确。因为安全策略具有预防性,而非检测性。安全策略的开发和实施是为了让用户知道他们应该怎么做,以及如果他们不遵循这个策略的构建会有什么样的潜在后果。
转载请注明原文地址:https://kaotiyun.com/show/dAhZ777K
0

CISSP认证

相关试题推荐
随机试题
最新回复(0)