CompTIA CASP+ (CAS-003) — Question 176

A Chief Information Security Officer (CISO) needs to establish a KRI for a particular system. The system holds archives of contracts that are no longer in use. The contracts contain intellectual property and have a data classification of non-public. Which of the following be the BEST risk indicator for this system?

Answer options

• A. Average minutes of downtime per quarter
• B. Percent of patches applied in the past 30 days
• C. Count of login failures per week
• D. Number of accounts accessing the system per day

Correct answer: D

Explanation

The correct answer is D because monitoring the number of accounts accessing the system daily helps identify potential unauthorized access to sensitive information. Options A, B, and C are less relevant as they focus on system performance and security measures rather than directly tracking access to sensitive data.