CompTIA
CAS-003 · Question #464
CAS-003 Question #464: Real Exam Question with Answer & Explanation
Sign in or unlock CAS-003 to reveal the answer and full explanation for question #464. The question stem and answer options stay visible for context.
Question
A security analyst is classifying data based on input from data owners and other stakeholders. The analyst has identified three data types: 1. Financially sensitive data 2. Project data 3. Sensitive project data The analyst proposes that the data be protected in two major groups, with further access control separating the financially sensitive data from the sensitive project data. The normal project data will be stored in a separate, less secure location. Some stakeholders are concerned about the recommended approach and insist that commingling data from different sensitive projects would leave them vulnerable to industrial espionage. Which of the following is the BEST course of action for the analyst to recommend?
Options
- AConduct a quantitative evaluation of the risks associated with commingling the data and reject or
- BMeet with the affected stakeholders and determine which security controls would be sufficient to
- CUse qualitative methods to determine aggregate risk scores for each project and use the derived
- DIncrease the number of available data storage devices to provide enough capacity for physical
Unlock CAS-003 to see the answer
You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.