CAS-005 · Question #366
CAS-005 Question #366: Real Exam Question with Answer & Explanation
The correct answer is B: Assign labels to the files and require formal access authorization.. To meet the requirement of ensuring that data is protected at the clearance level of each personnel member and that access is based on the need to know, labeling the files according to their classification level is an effective method. Labels indicate the sensitivity of the data
Question
A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed. Data on this network must be protected at the same level of each clearance holder. The need to know must be verified by the data owner. Which of the following should the security officer do to meet these requirements?
Options
- ACreate a rule to authorize personnel only from certain IPs to access the files.
- BAssign labels to the files and require formal access authorization.
- CAssign attributes to each file and allow authorized users to share the files.
- DAssign roles to users and authorize access to files based on the roles.
Explanation
To meet the requirement of ensuring that data is protected at the clearance level of each personnel member and that access is based on the need to know, labeling the files according to their classification level is an effective method. Labels indicate the sensitivity of the data and ensure that only individuals with the appropriate clearance and need-to-know access are authorized to view or modify the files. By requiring formal access authorization from the data owner, the security officer ensures that access is explicitly verified before any personnel can access data at a given classification level.
Community Discussion
No community discussion yet for this question.