CERTIFIED-IN-CYBERSECURITY · Question #523
CERTIFIED-IN-CYBERSECURITY Question #523: Real Exam Question with Answer & Explanation
The correct answer is B: Require a minimum of two individuals to be together in high-security areas. The two-person rule is a security measure designed to prevent unauthorized access to sensitive or secure areas. It requires the presence of two authorized individuals at all times when accessing these areas, thereby reducing the risks of unauthorized action or security breaches (
Question
What is the purpose of the two-person rule in a security strategy?
Options
- AEnsuring that all tasks are completed twice for verification
- BRequire a minimum of two individuals to be together in high-security areas
- CReduce workload by dividing security tasks between two individuals
- DLimiting access to high-security areas to two individuals only
Explanation
The two-person rule is a security measure designed to prevent unauthorized access to sensitive or secure areas. It requires the presence of two authorized individuals at all times when accessing these areas, thereby reducing the risks of unauthorized action or security breaches (see the ISC2 Study Guide, Chapter 3, Module 1). For example, in a data center that houses sensitive information, the two-person rule would require that no individual can access the data center alone. This ensures that there is always a second person to verify actions, prevent unauthorized activity, and provide assistance in case of a medical emergency. The other options do not accurately reflect the purpose of the two-person rule. The rule is not designed to reduce workload by dividing security tasks between two people, nor does it limit access to high-security areas to only two people. Finally, while the two-person rule adds a layer of verification, its primary purpose is not to ensure that all verification tasks are performed twice.
Topics
Community Discussion
No community discussion yet for this question.