CompTIA Security Plus Mock Test Q331

Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss?

A. Record time offset
B. Clean desk policy
C. Cloud computing
D. Routine log review


Correct Answer: B
Section: Compliance and Operational Security

Explanation:
Clean Desk Policy Information on a desk—in terms of printouts, pads of note paper, sticky notes, and the like—can be easily seen by prying eyes and taken by thieving hands. To protect data and your business, encourage employees to maintain clean desks and to leave out only those papers that are relevant to the project they are working on at that moment. All sensitive information should be put away when the employee is away from their desk. This will mitigate the risk of data loss when applied.

Incorrect Answers:
A: Record time offset is usually critical in the event of forensic investigations.
C: Cloud computing means hosting services and data on the Internet instead of hosting it locally. This poses a security risk and you will need to apply measures to mitigate the risk.
D: Routine log reviews, albeit system logs or event logs, or audit logs, security log or access logs, are used to monitor and diagnose networks.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 196, 453