As your company's security practitioner, you are responsible for host, storage, network, and application integration into the secure enterprise architecture. Your company's security policy states that you must ensure that the CIA of data is ensured across its entire life cycle. Which principle will provide this functionality?
A. least privilege
B. separation of duties
C. defense in depth
D. social engineering
C
Explanation: The principle of defense in depth ensures that the CIA of data is ensured across its entire life cycle.
None of other principles provides this. Least privilege ensures that users use a regular account to preform regular day-to-day duties and an administrative account to only perform administrative duties. Separation of duties ensures that the tasks within a transaction are split between multiple personnel to prevent fraud. Social engineering is a common attack method whereby attackers attempt to trick legitimate users into divulging confidential information.
You might also like to view...
NOS software is needed
a. on all computers in a client/server network. b. only on the servers in a client/server network. c. only if a communications server is deployed on a client/server network. d. only when configuring a network in a star topology.
Which of the following is not true about setw and width?
a. If the width set is not sufficient the output prints as wide as it needs. b. They are used to set the field width of output. c. Both of them can perform two tasks, setting the field width and returning the current field width. d. They only apply for the next insertion/extraction.