Exam 220-1102 topic 1 question 89 discussion

How could D not be the BEST way to prevent data theft here?

I believe the answer is "C". Locking the screen after a period of inactivity is great practice, but while an employee is away from the workstation, the potential shoulder surfer can still have 5 minutes of access to the available PII before the screen-lock timer kicks in, whereas with a privacy screen that would not be possible from a distance.

I chose "C" because in this question, it doesn't specify that employees are leaving their computers for extended periods of time. To me, this seems like a question of being able to clearly see information, and not a question of it someone will have access to use the actual workstation in the employees absence. This is why i think that simply using a privacy screen seems more likely for this question.

I sort of hate every option here to be honest. Option B only works after 5 minutes. Option C prevents people from discretely glancing at the screen. Option D seems way too extreme and Option A is obviously pointless. I would guess C.

I thought D would be a good answer five minutes is still a pretty long time . Anything can happen in 5-min I would say Bor D accomplish the same thing. Because D did not mentioned time, I would favour D

This should be the right answer it mentions the agent walking away , so a privacy screen wouldn't prevent someone walking up to the computer and steal data , so locking the screen definitely the best answer

Privacy screens block visibility of anyone not looking directly at the screen. Locking the workstations only works after 5 minutes. It is definitely C.

What is the difference between this and the Police Officer question? It has the same cintext?

Why cant it be C? Having a privacy screen eliminates all the shoulder surfing attacks.

Answer is B. It says call centre agentS, does the security analyst really want to log off all the agents' account manually when each of them leave?

why i have to walk to user device and lock his computer ? what about if there are many of htem there ? so i will go for B :(

It's a poorly worded answer because D almost sounds like the administrator would have to personally log off the users if they noticed unattended systems but I still think it's the correct answer due to the information below. Log off when not in use—A lunchtime attack is where a threat actor is able to access a computer that has been left unlocked. Policies can configure screensavers that lock the desktop after a period of inactivity. Users should not depend on these, however. In Windows, START+L locks the desktop. Users must develop the habit of doing this each time they leave a computer unattended.

Locking the workstations after five minutes of inactivity still leaves a 5 minute window for data theft. I'll go with D.

B anD should be on one sentence haha weird choices

ChatGPT says: The BEST option to prevent data theft within the call center is to lock the workstations after five minutes of inactivity. This ensures that unauthorized individuals cannot access the patient data when the agents are away from their workstations. Encrypting the workstation hard drives and installing privacy screens can also provide some level of protection, but they do not address the issue of agents leaving their workstations unattended. Logging off users when their workstations are not in use may also provide some level of protection, but it can be inconvenient for the agents to have to log in every time they return to their workstation. Therefore, locking the workstations after a period of inactivity is the most effective and practical solution to prevent data theft.

The best solution here is to lockout the screen after 5 minutes of inactivity.

I think it's privacy screens since the question seems to emphasize being able to see the screens while they are away. But locking out after 5 minutes still leaves 5 minutes of downtime where anyone can see their screens walking by.