Exam SY0-501 topic 1 question 181 discussion

B not C why? because there are companies who have a policy of 'don't leave your desk without locking your pc' (even if it wasn't stated in here). Also, B (being aware of shoulder surfing) also includes locking your computer whenever you are not using it and not letting your computer open to everyone when you are processing confidential data.

Answer is A because the key word is left unattended meaning what should be done when an emplee take 15 mint meal or smoking break? Screensaver do not exclusively solve the problem because you still have insider malicious people out there. Yes clear screen policy is also part of clear desk polic A clean desk policy (CDP) is a corporate directive that specifies how employees should leave their working space when they leave the office. Most CDPs require employees to clear their desks of all papers at the end of the day.

The k word here is "to reduce" So, the answer is C.

E All of the above

Answer is correct...SYS admin controls technical and logical controls like group policy time outs on screens....PS Should surfing is NOT relegated to mobile phones like Nikki says! But that is not what is at issue here....issue here is unattended screen...in a mobile device, we would implement lock screen policy on paper but enforce with MDM....youre welcome

Shouldn't the answer be D, installing privacy screens? It isn't shoulder surfing because someone needs to be present looking over your shoulder. It isn't clean desk policy because that's at the end of the day. A screen saver timeout does lessen the risk of information being left on the screen but a screen privacy filter does a better job of this. If there's a screensaver there's a timer on it which doesn't kick in automatically. If someone walks away from their desk and the timer is 3 minutes, that's 3 minutes the information is left on screen for anyone to see. A privacy filter is always active and someone has to go and sit in front of the computer to see the information. Also in the case of a screen saver, if I walk over to the desk and flick the mouse to turn the screen saver off and walk away, that's another few minutes the information is left on the screen for people to see. A privacy filter is always on.

The complete answer should be B & C. C alone can't solve this one.

privacy screen monitors it's a prevention of shoulder surfing and it's not shoulder surfing in this case.

This should be B. Security awareness training to prevent shoulder surfing As for C. Enable group policy based screensaver timeouts => tey usually kick-in after 5 or 10 mins inactivity (by this time, many things can happen)

Code left unattended during the course of the day.

Clean desk is concerned with people having p-words with sticky notes on them, names and account numbers, etc.. Shoulder surfing is more concerned with mobile phones, implies two people looking at one screen, privacy screens on monitors do no reduce risk of employees leaving unattended workstation.

Does clean desk policy include screen saver timeout ? Shouldn't the answer be reducd the timeout threshold ? Maybe that is what C trying to say ?