GIAC Exam GCED Topic 5 Question 3 Discussion

Actual exam question for GIAC's GCED exam

Question #: 3
Topic #: 5

A legacy server on the network was breached through an OS vulnerability with no patch available. The server is used only rarely by employees across several business units. The theft of information from the server goes unnoticed until the company is notified by a third party that sensitive information has been posted on the Internet. Which control was the first to fail?

ASecurity awareness

BAccess control

CData classification

DIncident response

Show Suggested Answer

Suggested Answer: C

The legacy system was not properly classified or assigned an owner. It is critical that an organization identifies and classifies information so proper controls and measures should be put in place. The ultimate goal of data classification is to make sure that all information is properly protected at the correct level.

This was not a failure of incident response, access control or security awareness training.

by Sheron at May 03, 2022, 04:32 PM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!