nerdexam
ExamsCAS-003Questions#339
CompTIA

CAS-003 · Question #339

CAS-003 Question #339: Real Exam Question with Answer & Explanation

The correct answer is C: Company policies and employee NDAs. When employees and customers publicly share content about the company, the most critical risk is the inadvertent disclosure of confidential, proprietary, or legally protected information. Company policies define what information may be shared externally, and NDAs establish legal

Question

The marketing department has developed a new marketing campaign involving significant social media outreach. The campaign includes allowing employees and customers to submit blog posts and pictures of their day-to-day experiences at the company. The information security manager has been asked to provide an informative letter to all participants regarding the security risks and how to avoid privacy and operational security issues. Which of the following is the MOST important information to reference in the letter?

Options

  • AAfter-action reports from prior incidents.
  • BSocial engineering techniques
  • CCompany policies and employee NDAs
  • DData classification processes

Explanation

When employees and customers publicly share content about the company, the most critical risk is the inadvertent disclosure of confidential, proprietary, or legally protected information. Company policies define what information may be shared externally, and NDAs establish legal obligations employees have agreed to. Referencing these documents makes participants aware of their binding commitments and the legal consequences of violations. While social engineering awareness and data classification are relevant security topics, they are secondary to ensuring participants understand the explicit legal and policy boundaries that govern what they can and cannot disclose.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice