Difficulty: Medium

Average Score: 64%

In protecting information assets, an effective protection strategy begins with:

Rationale

a clear, practical policy that is shared with all relevant parties and enforced with fairness.

An effective protection strategy for information assets fundamentally starts with establishing a clear and practical policy. This policy serves as the framework within which all security measures and practices are developed, ensuring that everyone involved understands their roles and responsibilities in safeguarding information.

A (infrastructure countermeasures, multiple secure connections and firewalls.) YOUR ANSWER

While infrastructure countermeasures, such as firewalls and secure connections, are essential components of a security strategy, they are not the foundational starting point. These technical measures are built upon the policies and procedures that define how security should be implemented and managed.

C (administrative controls (e.g. access control lists) and a strictly enforced password policy.) YOUR ANSWER

Administrative controls are important for managing access and securing information, but they are effective only when guided by a comprehensive policy. Without a clear policy in place, the implementation of access controls and password protocols may lack consistency and clarity, diminishing their effectiveness.

D (physical controls such as biometric authentication and two-person rules for sensitive areas.""""""") YOUR ANSWER

Physical controls are vital for protecting information assets, particularly in sensitive environments. However, similar to technical and administrative measures, they must be supported by a robust policy that outlines how and when these controls should be applied. A policy ensures that physical security measures align with organizational objectives and risk management.

Conclusion

An effective protection strategy for information assets begins with a well-defined policy that is communicated to and enforced among all relevant stakeholders. This foundational policy ensures that all subsequent security measures—technical, administrative, and physical—are cohesive and effective in safeguarding information. Without such a policy, organizations risk implementing disjointed and ineffective security practices, undermining their overall protection strategy.

Related Questions

View all

Related Quizzes

View all

No related quizzes currently available.

PREMIUM

Unlock Everything

✓ 500+ Practice Questions
✓ Detailed Explanations
✓ Progress Analytics
✓ Exam Simulations

Get Premium Access →