Which of the following measures serves as the BEST means for protecting data on computers, smartphones, and external storage devices when traveling to high- risk countries?
Which of the following measures serves as the BEST means for protecting data on computers, smartphones, and external storage devices when traveling to high- risk countries?
When traveling to high-risk countries, reviewing applicable destination country laws, forensically cleaning devices prior to travel, and only downloading sensitive data over a virtual private network (VPN) upon arriving at the destination serves as the best means for protecting data on computers, smartphones, and external storage devices. This approach ensures compliance with local regulations, minimizes the risk of sensitive data being accessed by unauthorized parties before and during travel, and secures the data in transit.
The answer is D because of the last object in the sentence -> external storage devices.
D is correct
“A” is probably applicable at the point of getting through customs without issues. But downloading sensitive data via VPN when arriving at the destination, without protecting the data at rest while in a high-risk country is unacceptable. D is the best answer
"BEST means for protecting data ON computers" - not in transit/while downloading.
The question is about protecting the data that is carried along with the traveller. D is the best answer.
Using multi-factor authentication (MFA) to gain access to data stored on laptops or external storage devices can be a good security measure, but it does not provide complete protection for data when traveling to high-risk countries. MFA only protects against unauthorized access to the device, but it does not protect against data theft or data compromise. If a device is lost or stolen, the data stored on it can still be accessed and compromised, even with MFA in place. Therefore, additional measures, such as using a VPN to download data and forensically cleaning devices before travel, should also be employed to fully protect sensitive data when traveling to high-risk countries.
D is a little more specific for mobile equipments.
The best means for protecting data on computers, smartphones, and external storage devices when traveling to high-risk countries is to review applicable destination country laws, forensically clean devices prior to travel, and only download sensitive data over a virtual private network (VPN) upon arriving at the destination (Option A). This approach combines multiple security measures to protect data from potential risks, such as legal issues, data theft, and unauthorized access. Reviewing destination country laws helps to ensure compliance with local regulations, and forensically cleaning devices before travel helps to remove any sensitive data that could potentially be accessed by unauthorized parties. Using a VPN to download sensitive data upon arrival at the destination helps to secure the data in transit and prevent any potential interception or tampering. Option D, using MFA and biometric access control mechanisms, can help to improve the security of devices and data, but it does not address the legal issues or data theft risks.
The Customs of most countries (not necessarily high-risk) have the authorities to confiscate or request to unlock the electronic devices bring into their countries when in doubt of National Security. Failed to comply might result in jail or get killed (in high-risk countries).
D provides the best ways to protect DaR on devices. This is also used in CSfC models/frameworks.
Many people answer D, but D is focused on general security principles without considering the aspect of traveling to sensitive countries ! One important aspect is the local laws indeed. When you pass through the customs of some countries, you can be asked to show an unlocked computer/device, USA for instance can force you to disclose your Social Network data.
According to this article it's "A"
https://www.colorado.edu/researchinnovation/compliance/export-controls/international-travel/High-Risk-Country-Guidance
When traveling to high-risk countries, option A is the BEST means for protecting data on computers, smartphones, and external storage devices.
Think like a manager. It's also limiting access to data.
Answer A) https://www.colorado.edu/researchinnovation/compliance/export-controls/international-travel/High-Risk-Country-Guidance
Option A combines legal awareness, proactive measures to clean devices, and secure data transfer practices, making it a comprehensive approach to safeguarding data when traveling to high-risk countries.
Cant be A, what does local law have anything to do with securing devices? At most is embargo law that you cant import certain crtypography capablities but those are not local laws. Also how does using TLS to download sensitive data be helpful when the sensitive data are in your devices and there is no mention of securing the devices to protect the newly downloaded sensitive data.
C.... to not get robbed! unfortunately, not a good answer for the CISSP exam but a good answer in real life. through this question out. Best answer then would be D. D offers the most COMPREHENSIVE security strategy for this specific scenario.