nerdexam
CompTIA

SG0-001 · Question #38

Which of the following data security types would be used to enforce access management policies? (Select TWO)

The correct answer is B. ACL C. Physical security. Access Control Lists (ACLs) and robust Physical Security are essential data security types used to enforce access management policies for both digital and physical resources.

Storage Management

Question

Which of the following data security types would be used to enforce access management policies? (Select TWO)

Options

  • ADisk encryption
  • BACL
  • CPhysical security
  • DNetwork encryption
  • EChecksums

How the community answered

(23 responses)
  • A
    4% (1)
  • B
    91% (21)
  • E
    4% (1)

Why each option

Access Control Lists (ACLs) and robust Physical Security are essential data security types used to enforce access management policies for both digital and physical resources.

ADisk encryption

Disk encryption protects data at rest from unauthorized access if the physical disk is stolen but does not enforce ongoing access management policies for active users of the system.

BACLCorrect

Access Control Lists (ACLs) are fundamental for access management as they define granular permissions for users and groups to specific files, folders, network resources, or applications, thereby enforcing who can access what. By evaluating a user's identity against the ACL, the system determines whether to grant or deny access to the requested resource.

CPhysical securityCorrect

Physical security, encompassing measures like locked server rooms, biometric scanners, and security guards, directly enforces access management by restricting unauthorized personnel from physically accessing and interacting with critical data storage devices and network equipment. Without adequate physical security, digital access controls can be circumvented.

DNetwork encryption
EChecksums

Concept tested: Access management policy enforcement mechanisms

Source: https://learn.microsoft.com/en-us/windows/win32/secauthz/access-control-lists

Topics

#access control#ACL#physical security#data security

Community Discussion

No community discussion yet for this question.

Full SG0-001 Practice