CISSP · Question #902
When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?
The correct answer is D. Employ strong access controls. When network management is outsourced to third parties, strong access controls are the most effective method of protecting critical data assets. Access controls define who can access what data and what actions they can perform, ensuring that only authorized personnel (whether int
Question
Options
- ALog all activities associated with sensitive systems
- BProvide links to security policies
- CConfirm that confidentially agreements are signed
- DEmploy strong access controls
How the community answered
(37 responses)- A24% (9)
- B5% (2)
- C14% (5)
- D57% (21)
Explanation
When network management is outsourced to third parties, strong access controls are the most effective method of protecting critical data assets. Access controls define who can access what data and what actions they can perform, ensuring that only authorized personnel (whether internal or from the third party) can access sensitive data and systems. Key points about strong access controls: Limit access: Ensure that third-party personnel only have access to the systems, applications, and data they need to perform their tasks. This is typically done through role-based access control (RBAC), least privilege principles, and segregation of duties. Authentication: Use strong authentication methods (e.g., multi-factor authentication) to verify the identity of individuals accessing sensitive data. Monitoring and auditing: Regularly monitor and audit access to critical systems to detect unauthorized access or suspicious activities. This approach is essential because third-party network managers will need some level of access to your systems, and strong access controls help mitigate the risk of unauthorized access, data breaches, or insider threats.
Topics
Community Discussion
No community discussion yet for this question.