nerdexam
(ISC)2

CISSP · Question #911

A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device. Which of the following is MOST effective to mitigate future infections?

The correct answer is C. Implement centralized technical control of USB port connections. The most effective way to mitigate future infections from USB devices is to implement centralized technical control of USB port connections. This means controlling whether USB ports can be used on devices at all and restricting or managing which USB devices can be connected to co

Submitted by ngozi_ng· Mar 5, 2026Security Architecture and Engineering

Question

A user has infected a computer with malware by connecting a Universal Serial Bus (USB) storage device. Which of the following is MOST effective to mitigate future infections?

Options

  • ADevelop a written organizational policy prohibiting unauthorized USB devices
  • BTrain users on the dangers of transferring data in USB devices
  • CImplement centralized technical control of USB port connections
  • DEncrypt removable USB devices containing data at rest

How the community answered

(26 responses)
  • A
    15% (4)
  • B
    4% (1)
  • C
    54% (14)
  • D
    27% (7)

Explanation

The most effective way to mitigate future infections from USB devices is to implement centralized technical control of USB port connections. This means controlling whether USB ports can be used on devices at all and restricting or managing which USB devices can be connected to computers. This can be achieved through the following measures: Disabling USB ports entirely, or for non-authorized users, on machines where USB connections Using endpoint security solutions that restrict or monitor USB access, ensuring only approved devices can be used. Implementing whitelisting software that only allows specific, authorized USB devices to connect. By centrally controlling USB port access, you can prevent the risk of future malware infections that may occur from connecting unauthorized or infected USB devices.

Topics

#USB security#Malware prevention#Endpoint security#Technical controls

Community Discussion

No community discussion yet for this question.

Full CISSP Practice