Certified Information Systems Security Professional (CISSP) — Question 359

When network management is outsourced to third parties, which of the following is the MOST effective method of protecting critical data assets?

Answer options

• A. Confirm that confidentiality agreements are signed
• B. Employ strong access controls
• C. Log all activities associated with sensitive systems
• D. Provide links to security policies

Correct answer: B

Explanation

Employing strong access controls is crucial because it restricts unauthorized access to sensitive information, thereby minimizing the risk of data breaches. While confidentiality agreements and logging activities are important, they do not provide the same level of proactive protection as strong access controls. Providing links to security policies is also not sufficient on its own to protect critical data assets.