Certified Information Security Manager (CISM) — Question 22

Which of the following is the MOST effective defense against malicious insiders compromising confidential information?

Answer options

• A. Regular audits of access controls
• B. Strong background checks when hiring staff
• C. Prompt termination procedures
• D. Role-based access control

Correct answer: D

Explanation

Role-based access control (RBAC) is the best defense as it limits access to sensitive information based on the user's role within the organization, thereby minimizing the risk of insider threats. While regular audits, background checks, and prompt termination procedures are important, they do not directly manage ongoing access to sensitive data as effectively as RBAC does.