SY0-501 Question #235: Real Exam Question with Answer & Explanation

Question

A Chief Executive Officer (CEO) suspects someone in the lab testing environment is stealing confidential information after working hours when no one else is around. Which of the following actions can help to prevent this specific threat?

Options

• AImplement time-of-day restrictions.
• BAudit file access times.
• CSecretly install a hidden surveillance camera.
• DRequire swipe-card access to enter the lab.

Explanation

To prevent a lab employee from stealing confidential information after hours, implementing a physical access control like swipe-card entry directly addresses the unauthorized physical presence threat.

Common mistakes.

• A. Implementing time-of-day restrictions typically applies to logical system access, not physical entry, and would not prevent an already physically present individual from accessing systems or data after hours if they are physically in the lab.
• B. Auditing file access times is a detective control that identifies when files were accessed, but it does not prevent the initial unauthorized access or theft of information.
• C. Secretly installing a hidden surveillance camera is a detective control that can record events but does not physically prevent the act of stealing information, and may have legal and privacy implications.

Concept tested. Physical access control for sensitive environments

Reference. https://learn.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credentials-access-threats

No community discussion yet for this question.