Certified Information Systems Security Professional (CISSP) — Question 294

Which of the following would be the BEST guideline to follow when attempting to avoid the exposure of sensitive data?

Answer options

• A. Monitor mail servers for sensitive data being exfiltrated.
• B. Educate end-users on methods of attacks on sensitive data.
• C. Establish report parameters for sensitive data.
• D. Store sensitive data only when necessary.

Correct answer: D

Explanation

The best approach to minimize the risk of exposing sensitive data is to store it only when necessary, as this reduces the potential attack surface. While monitoring mail servers, educating users, and establishing reporting parameters are important practices, they do not directly reduce the amount of sensitive data at risk like limiting storage does.