CompTIA Security+ (SY0-501) — Question 437

The Chief Information Security Officer (CISO) in a company is working to maximize protection efforts of sensitive corporate data. The CISO implements a `100% shred` policy within the organization, with the intent to destroy any documentation that is not actively in use in a way that it cannot be recovered or reassembled.
Which of the following attacks is this deterrent MOST likely to mitigate?

Answer options

• A. Dumpster diving
• B. Whaling
• C. Shoulder surfing
• D. Vishing

Correct answer: A

Explanation

The `100% shred` policy effectively mitigates dumpster diving, as it ensures that sensitive documents are thoroughly destroyed and cannot be retrieved from trash or recycling bins. Whaling targets high-level individuals for phishing attacks, shoulder surfing involves observing someone directly, and vishing is voice phishing; none of these are specifically addressed by shredding documents.