Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes
to the cipher locks of secure areas in the building. Sara should immediately implement which of the
following?
![PrepAway - Latest Free Exam Questions & Answers](https://www.briefmenow.org/img/pa5.jpg)
A.
Acceptable Use Policy
B.
Physical security controls
C.
Technical controls
D.
Security awareness training
Explanation:
Security awareness and training include explaining policies, procedures, and current threats to both users
and management. A security awareness and training program can do much to assist in your efforts to
improve and maintain security. A good security awareness training program for the entire organization
should cover the following areas: Importance of security; Responsibilities of people in the organization;
Policies and procedures; Usage policies; Account and password-selection criteria as well as Social
engineering prevention.
Incorrect Answers:
A: Companies generally have acceptable use policies regarding how computers can be used within the
organization.
B: Physical security controls refers to actual physical barriers such as an external entrance to a building
(perimeter), locked doors and entrance to the secure/computer room itself. In this scenario the
unauthorized personnel already have access codes to the cipher locks of secure areas.
C: Technical Controls are usually implements using technology such as firewalls, IDS, IPS, etc.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 399-404, 420