CompTIA PenTest+ (PT0-001) — Question 161

During a physical security review, a detailed penetration testing report was obtained, which was issued to a security analyst and then discarded in the trash. The report contains validated critical risk exposures. Which of the following processes would BEST protect this information from being disclosed in the future?

Answer options

• A. Restrict access to physical copies to authorized personnel only.
• B. Ensure corporate policies include guidance on the proper handling of sensitive information.
• C. Require only electronic copies of all documents to be maintained.
• D. Install surveillance cameras near all garbage disposal areas.

Correct answer: B

Explanation

The correct answer is B because establishing corporate policies for the proper handling of sensitive information ensures that employees understand the significance of safeguarding such data. While option A is important, it doesn't address the need for guidance, and options C and D do not directly prevent mishandling of sensitive documents.