nerdexam
ExamsCAS-003Questions#839
CompTIA

CAS-003 · Question #839

CAS-003 Question #839: Real Exam Question with Answer & Explanation

The correct answer is A: Limit the ability to transfer data via Bluetooth connections.. When mobile and wearable devices are used as insider data exfiltration vectors and USB is already controlled, limiting Bluetooth connections closes the next most accessible wireless data transfer channel.

Question

A security engineer needs to implement controls that will prevent the theft of data by insiders who have valid credentials. Recent incidents were carried out with mobile and wearable devices that were used as transfer vectors. In response, USB data transfers are now tightly controlled and require executive authorization. Which of the following controls will further reduce the likelihood of another data theft?

Options

  • ALimit the ability to transfer data via Bluetooth connections.
  • BMove the enterprise to a BYOD or COPE policy.
  • CDeploy strong transit encryption across the enterprise.
  • DImplement time-based restrictions on data transfers.

Explanation

When mobile and wearable devices are used as insider data exfiltration vectors and USB is already controlled, limiting Bluetooth connections closes the next most accessible wireless data transfer channel.

Common mistakes.

  • B. Adopting a BYOD or COPE policy changes device ownership and management models but does not technically prevent authorized insiders from using Bluetooth or other wireless protocols on those devices to transfer data.
  • C. Strong transit encryption protects data from interception by unauthorized third parties during transmission but does not prevent an authorized insider from deliberately copying data to a personal mobile or wearable device via a local wireless channel.
  • D. Time-based transfer restrictions limit the window in which data transfers can occur but do not block the use of Bluetooth or other wireless protocols on mobile and wearable devices during those permitted windows.

Concept tested. Wireless protocol control for insider threat mitigation

Reference. https://csrc.nist.gov/publications/detail/sp/800-121/rev-2/final

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice