Certified Information Systems Security Professional (CISSP) — Question 301

Which of the following is a benefit of implementing data-in-use controls?

Answer options

• A. If the data is lost, it must be decrypted to be opened.
• B. When the data is being viewed, it can only be printed by authorized users.
• C. When the data is being viewed, it can be accessed using secure protocols.
• D. If the data is lost, it may not be accessible to unauthorized users.

Correct answer: B

Explanation

The correct answer, B, highlights that data-in-use controls restrict printing to authorized users during data access, enhancing security. Options A and D discuss aspects of data loss rather than data-in-use controls, while option C focuses on secure access methods, which is not the primary benefit of data-in-use controls.