Which of the following measures would be MOST effective against insider threats to confidential
information?
A.
Role-based access control
B.
Audit trail monitoring
C.
Privacy policy
D.
Defense-in-depth
Explanation:
Role-based access control provides access according to business needs; therefore, it reduces
unnecessary- access rights and enforces accountability. Audit trail monitoring is a detective
control, which is ‘after the fact.’ Privacy policy is not relevant to this risk. Defense-in-depth primarily
focuses on external threats