When remote access to confidential information is granted to a vendor for analytic purposes, which of the following is the MOST important security consideration?
A.
The vendor must be able to amend data
B.
The vendor must agree to the organization's information security policy
C.
Data is encrypted in transit and at rest at the vendor site
I'd say B because it's the most comprehensive answer. When signing a contract with a vendor it's good to include security requirements (like agreeing to ISP and whatever is stated there).
The Data is not being transferred but ACCESS is given. Encryption is always good but knowing exactly what is being accessed is more critical. Sure you can have contracts and ask vendor to follow your security policy but you won't know if all of it is being followed unless there is an audit or issue which causes review. But access logs are crucial.
I think it's actually kind of a trick question, to where yes B should theoretically include C. But we don't know their current security policy therefore the most direct and apparent MOST important would be C.
Once again, they should really remove ambiguous questions like this that leave room for arguments at to what exactly they mean.
Totally agree, with your answer and regd the responses that leave room for arguments.
While it is true that the vendor has to agree with the security policy this is broadly applicable to all contracts.
The question is specifically referring to remote access to sensitive data, and therefore encryption of data in transit and at rest is best choice.
B because encrypting data in transit and in rest, must be a part of the security policy. Then security policy is higher level so this is the managers answer.
The MOST important security consideration when remote access to confidential information is granted to a vendor for analytic purposes is that the vendor must agree to the organization's information security policy.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
richck102
Highly Voted 1 year, 5 months agoxcjxcj
Highly Voted 9 months, 1 week agoshootnot
Most Recent 8 months, 2 weeks agoAlexJacobson
10 months, 4 weeks agoCyberbug2021
1 year agoAlexJacobson
10 months, 4 weeks agoCyberbug2021
1 year agooluchecpoint
1 year, 3 months ago[Removed]
1 year, 4 months agoCISSPST
1 year, 2 months agorbg8
1 year, 6 months agoDERCHEF2009
1 year, 7 months agoSouvik124
1 year, 10 months ago