CompTIA
CAS-003 · Question #58
CAS-003 Question #58: Real Exam Question with Answer & Explanation
The correct answer is D: Implement group policy objects. A Group Policy Object (GPO) can apply a common group of settings to all computers in Windows One GPO setting under the Removable Storage Access node is: All removable storage classes: Deny all access. This setting can be applied to all computers in the network and will disable al
Question
The Chief Information Security Officer (CISO) at a large organization has been reviewing some security-related incidents at the organization and comparing them to current industry trends. The desktop security engineer feels that the use of USB storage devices on office computers has contributed to the frequency of security incidents. The CISO knows the acceptable use policy prohibits the use of USB storage devices. Every user receives a popup warning about this policy upon login. The SIEM system produces a report of USB violations on a monthly basis; yet violations continue to occur. Which of the following preventative controls would MOST effectively mitigate the logical risks associated with the use of USB storage devices?
Options
- ARevise the corporate policy to include possible termination as a result of violations
- BIncrease the frequency and distribution of the USB violations report
- CDeploy PKI to add non-repudiation to login sessions so offenders cannot deny the offense
- DImplement group policy objects
Explanation
A Group Policy Object (GPO) can apply a common group of settings to all computers in Windows One GPO setting under the Removable Storage Access node is: All removable storage classes: Deny all access. This setting can be applied to all computers in the network and will disable all USB storage devices on the computers.
Community Discussion
No community discussion yet for this question.