CompTIA CASP+ (CAS-004) — Question 610

A security officer is requiring all personnel working on a special project to obtain a security clearance requisite with the level of all information being accessed. Data on this network must be protected at the same level of each clearance holder. The need to know must be verified by the data owner. Which of the following should the security officer do to meet these requirements?

Answer options

• A. Create a rule to authorize personnel only from certain IPs to access the files.
• B. Assign labels to the files and require formal access authorization.
• C. Assign attributes to each file and allow authorized users to share the files.
• D. Assign roles to users and authorize access to files based on the roles.

Correct answer: B

Explanation

The correct answer is B because labeling files and requiring formal access authorization ensures that access aligns with the clearance levels necessary for the sensitive data. Option A does not address the clearance requirement, option C focuses on sharing rather than access control, and option D does not specifically relate to clearance levels and formal authorization for sensitive information.