Exam CISSP topic 1 question 484 discussion

Good luck everyone for the Exam too

Good luck everyone for the Exam =D!

Hi guys, good luck on your exams. Wish me well on Monday :)

Finished all questions, lets gooooo. Got my exam tomorrow!

Definitely go with B, Access management Policies and Procedure, even for migration to cloud, you implement access management policies to secure the data in storage account.

B. Develop and implement access management policies and procedures. To protect access to sensitive information stored on network drives, the best approach is to develop and implement access management policies and procedures. This involves defining who has access to what resources, setting up proper authentication and authorization mechanisms, and enforcing access controls. Access management policies and procedures ensure that only authorized individuals can access the sensitive information, reducing the risk of data breaches or unauthorized access.

B. Develop and implement access management policies and procedures. While all of the options may contribute to protecting access to information stored on network drives, developing and implementing access management policies and procedures is the BEST recommendation for achieving the objective. Access management policies and procedures define who has access to what information and under what circumstances, and they can help prevent unauthorized access or use of sensitive information. Developing and implementing a security information and event monitoring system, a security operations center (SOC), or data center access policies and procedures are also important measures, but they are more focused on monitoring and responding to security incidents rather than preventing them. Therefore, these measures can be considered as complementary to access management policies and procedures.

Out of the given options, the recommendation that is best for protecting the access to information stored on network drives in a small business that supports several government agencies managing highly sensitive information is to develop and implement access management policies and procedures (Option B). Access management policies and procedures are a critical component of information security, and they help to ensure that only authorized individuals are able to access sensitive information. By developing and implementing access management policies and procedures, the small business can control who has access to sensitive information, and can ensure that access is only granted on a need-to-know basis. This can include measures such as password policies, multi-factor authentication, and role-based access controls.