An organization’s threat team is creating a model based on a number of incidents in which systems in an air-gapped location are compromised. Physical access to the location and logical access to the systems are limited to administrators and select, approved, on-site company employees. Which of the following is the BEST strategy to reduce the risks of data exposure?
Mandatory access control (MAC) is the best strategy to reduce the risks of data exposure in a highly secure, air-gapped location. MAC enforces restrictions on data access by assigning security levels to users and data, ensuring that only authorized individuals with the necessary clearance can access sensitive information. This controlled access minimizes the risk of unauthorized data exposure, which is crucial in environments where physical and logical access is already highly restricted.
Mandatory Access Control (MAC) Mandatory Access Control (MAC) is based on the idea of security clearance levels. Rather than defining ACLs on resources, each object and each subject is granted a clearance level, referred to as a label. If the model used is a hierarchical one (that is, high clearance users are trusted to access low clearance objects), subjects are only permitted to access objects at their own clearance level or below. The labelling of objects and subjects takes place using pre-established rules. The critical point is that these rules cannot be changed by any subject account, and are therefore non-discretionary. Also, a subject is not permitted to change an objectʼs label or to change his or her own label.
I'm going to say Security Awareness Training. NDA covers the legal ramifications of disclosure of information, not relevant. MAC is a technical control based on clearance levels and preventing unauthorized users from accessing information. However, logical controls are already in place. In addition, the concern is on compromising of systems. NIPS do not apply as it is airgapped. Security Awareness Training can better educate users which may be how incidents are occurring causing compromise of air-gapped systems.
Key point in the question: "reduce the risk of data exposure". From the options, MAC is the best control to address that issue.
It's D. Mandatory Access Control. Just because they have good physical security doesn't stop someone without need to know from accessing the data. MAC would prevent that.
BEST strategy! What is the largest vulnerability in security... humans. Train your humans or bad things will happen.
I'm going with security awareness training. Question 211 discussion makes a good case for training to also be the answer here.
the question says "BEST" just because you have training education programs doesn't mean employees are going fail to human error. You want to primarily focus on physical devices and protocols. Training should ALWAYS be last when implementing and enhancing security
CompTIA CertMaster: Mandatory Access Control (MAC) is based on the idea of security clearance levels. Rather than defining ACLs on resources, each object and each subject is granted a clearance level, referred to as a label. If the model used is a hierarchical one (that is, high clearance users are trusted to access low clearance objects), subjects are only permitted to access objects at their own clearance level or below. The labelling of objects and subjects takes place using pre-established rules. The critical point is that these rules cannot be changed by any subject account, and are therefore non-discretionary. Also, a subject is not permitted to change an object's label or to change his or her own label.
After reviewing this again, it has to be Security Awareness Training. The system is limited to few staffs with specific roles. what is the need for MAC again when it is already limited to a niche? Well i will take the exam this thursday, and i al selecting "Security Awareness Training"
D as B and A are probably in place.
In an air-gapped environment with limited physical and logical access, implementing Mandatory Access Control (MAC) is the best strategy to reduce the risks of data exposure. MAC enforces strict access controls based on the sensitivity of the information and the clearance level of the users, ensuring that only authorized individuals can access sensitive data. This approach provides a robust technical solution to protect against data breaches and unauthorized access.
B. Mandatory access control Mandatory access control (MAC) enforces restrictions on data access based on the security level assigned to users and the sensitivity of the information they are trying to access. It ensures that only authorized individuals can access specific data, even in highly restricted environments like air-gapped locations. This strategy complements the existing restrictions on physical and logical access and provides an additional layer of protection against unauthorized data exposure.
Physical and logical access is already controlled, so MAC is a useless answer. Because the systems are already so secure and air-gapped, the only way to move forward from here is to use Security Awareness Training. D.