An employee recently lost a USB drive containing confidential customer data. Which of the following
controls could be utilized to minimize the risk involved with the use of USB drives?
A.
DLP
B.
Asset tracking
C.
HSM
D.
Access control
Explanation:
Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and
networks) to make sure that key content is not deleted or removed. They also monitor who is using the
data (looking for unauthorized access) and transmitting the data.
Incorrect Answers:
B: Asset tracking can be as simple as a serial number etched in the device or as complex as a GPS locator.
Related to this is inventory control. A complete and accurate list of all devices is an integral part of mobile
device management. However in this case the USB drive is already lost.
C: HSM is a backup type – it provides continuous online backup using optical or tape jukeboxes.
D: Access Control refers to who has access to resources and clearly users should be granted access if they
require it to perform their duties.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 10, 419, 437
question does not mention that employee was not authorized to copy DATA on USB , then how DLP can stop that?
0
0
USB drives can be blocked with DLP…
https://kc.mcafee.com/corporate/index?page=content&id=KB60861
0
0
First for a few definitions:
A– DLP
Data loss prevention software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).
B–Asset tracking
Asset tracking refers to the method of tracking physical assets, either by scanning barcode labels attached to the assets or by using tags using GPS, BLE or RFID which broadcast their location
C– HSM
A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing.
D– Access control
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization.
There are three types of access control:
Discretionary Access Control (DAC) …
Mandatory Access Control (MAC) …
Role-Based Access Control Technology (RBAC)
Now for the wrong answers:
B–Asset tracking
If anyone one can develop an Asset Tracking software that can track an USB, that person shall become a billionaire
C– HSM
This module is completely unrelated to USBs
D– Access control
This is limited to “data” resources by means of “permission” and “authorization”.
This just leaves:
A—DLP
As mentioned by Anon , it is possible to to block all USB drives and set exclusions for specific USB drives using Data Loss Prevention. The best option is then to BLOCK access to all USBs (we have such policy in place at work and most banks do)
0
0