GIAC Exam GCED Topic 3 Question 36 Discussion

Actual exam question for GIAC's GIAC Certified Enterprise Defender exam

Question #: 36
Topic #: 3

[All GIAC Certified Enterprise Defender Questions]

Which statement below is the MOST accurate about insider threat controls?

AClassification of information assets helps identify data to protect.

BSecurity awareness programs have a minimal impact on reducing the insider threat.

CBoth detective and preventative controls prevent insider attacks.

DRotation of duties makes an insider threat more likely.

ESeparation of duties encourages one employee to control a great deal of information.

Show Suggested Answer

Suggested Answer: A

A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.

Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.

Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.

Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.

Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.

by Stevie at Apr 09, 2024, 06:09 PM

Limited Time Offer

25%

1 months ago

Oh, this is a tricky one! I think the MOST accurate statement is A) - classification of information assets helps identify data to protect. That's key for mitigating insider threats, isn't it?

upvoted 0 times

...