CompTIA CASP+ (CAS-004) — Question 161

An organization’s threat team is creating a model based on a number of incidents in which systems in an air-gapped location are compromised. Physical access to the location and logical access to the systems are limited to administrators and select, approved, on-site company employees. Which of the following is the BEST strategy to reduce the risks of data exposure?

Answer options

• A. NDAs
• B. Mandatory access control
• C. NIPS
• D. Security awareness training

Correct answer: B

Explanation

Mandatory access control (B) is the most effective strategy because it enforces strict permissions and access policies, limiting who can access sensitive systems and data. While NDAs (A) and security awareness training (D) help in reducing risks, they do not provide the same level of control over system access as mandatory access control. NIPS (C) is focused on network intrusion prevention rather than controlling access to systems.