Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GCED Topic 8 Question 41 Discussion

Actual exam question for GIAC's GCED exam
Question #: 41
Topic #: 8
[All GCED Questions]

Which statement below is the MOST accurate about insider threat controls?

Show Suggested Answer Hide Answer
Suggested Answer: A

A company needs to classify its information as a key step in valuing it and knowing where to focus its protection.

Rotation of duties and separation of duties are both key elements in reducing the scope of information access and the ability to conceal malicious behavior.

Separation of duties helps minimize ''empire building'' within a company, keeping one individual from controlling a great deal of information, reducing the insider threat.

Security awareness programs can help other employees notice the signs of an insider attack and thus reduce the insider threat.

Detection is a reactive method and only occurs after an attack occurs. Only preventative methods can stop or limit an attack.


by Salley at Jun 03, 2024, 06:27 AM

Limited Time Offer

25%

Off

Get Premium GCED Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Terrilyn
6 months ago
E) Separation of duties? More like separation of sanity. That's just asking for trouble when it comes to insider threats.
upvoted 0 times
Katy
5 months ago
Detective and preventative controls are both important in preventing insider attacks.
upvoted 0 times
...
Katy
5 months ago
I think classification of information assets is crucial for identifying data to protect.
upvoted 0 times
...
Katy
5 months ago
I agree, separation of duties can definitely increase the risk of insider threats.
upvoted 0 times
...
...
Ludivina
6 months ago
Ha! D) Rotation of duties making an insider threat more likely? That's a good one. Nice try, but I don't think that's the right answer.
upvoted 0 times
...
Crista
6 months ago
C) Both detective and preventative controls are crucial to prevent insider attacks. Relying on just one type of control is not enough.
upvoted 0 times
...
Milly
6 months ago
A) Classification of information assets seems like the most important step to identify what needs to be protected. This is key for insider threat controls.
upvoted 0 times
Celia
5 months ago
A) I agree, knowing what data to protect is crucial for insider threat controls.
upvoted 0 times
...
Orville
5 months ago
C) Both detective and preventative controls prevent insider attacks.
upvoted 0 times
...
Brett
6 months ago
A) Classification of information assets seems like the most important step to identify what needs to be protected. This is key for insider threat controls.
upvoted 0 times
...
...
Ryan
6 months ago
I agree with Florinda. It makes sense that knowing what data needs protection is crucial in controlling insider threats.
upvoted 0 times
...
Florinda
7 months ago
I think the most accurate statement is A) Classification of information assets helps identify data to protect.
upvoted 0 times
...

Save Cancel