CompTIA Security+ (SY0-501) — Question 362

A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior.
Which of the following strategies is the security engineer executing?

Answer options

• A. Baselining
• B. Mandatory access control
• C. Control diversity
• D. System hardening

Correct answer: C

Explanation

The correct answer is Control diversity, as it involves implementing various security measures and policies to create a more robust defense. Baselining focuses on establishing a standard for system performance, Mandatory access control is about restricting access based on policies, and System hardening refers to securing a system by reducing its vulnerabilities, which does not encompass the broader strategy of combining technical and policy measures.