CompTIA SecurityX (CAS-005) — Question 82

An ISAC supplied recent threat intelligence information about pictures used on social media that provide reconnaissance of systems in use in secure facilities. In response, the Chief Information Security Officer (CISO) wants several configuration changes implemented via the MDM to ensure the following:

• Camera functions and location services are blocked for corporate mobile devices.
• All social media is blocked on the corporate and guest wireless networks.

Which of the following is the CISO practicing to safeguard against the threat?

Answer options

• A. Adversary emulation
• B. Operational security
• C. Open-source intelligence
• D. Social engineering

Correct answer: B

Explanation

The correct answer, Operational security, involves implementing measures to protect sensitive information and prevent unauthorized access, which is what the CISO is doing by blocking camera features and social media. Adversary emulation is a testing technique, open-source intelligence refers to gathering publicly available information, and social engineering involves manipulating individuals to gain confidential information, none of which directly address the specific actions taken by the CISO.