Mark works as a Security Officer for TechMart Inc. The company has a Windows-based network. He
has bees assigned a project for ensuring the safety of the customer’s money and information, not to
mention the company’s reputation. The company has gone through a security audit to ensure that it
is in compliance with industry regulations and standards. Mark understands the request and has to
do his due diligence for providing any information the regulators require as they are targeting
potential security holes. In this situation, his major concern is the physical security of his company’s
system. Which of the following actions will Mark take to ensure the physical security of the
company’s desktop computers?
A.
Call a team member while behaving to be someone else for gaining access to sensitive
information.
B.
Develop a social awareness of security threats within an organization.
C.
Use group policies to disable the use of floppy drives or USB drives.
D.
Provide protection against a Distributed Denial of Services attack.
Explanation:
The group policies are used to disable the use of floppy drives or USB drives to ensure physical
security of desktop computers. Several computers are able to use the mechanism of attaching a
locking device to the desktops, but disabling USB and floppy drives can disable a larger set of threats.Answer D is incorrect. While stressing the Con?dentiality, Integrity, and Availability triangle in the
training of users, the process of providing availability is related to security training to ensure the
protection against a Distributed Denial of Services attack.