CISA Certified Information Systems Auditor – Question1026

An organization has suffered a number of incidents in which USB flash drives with sensitive data have been lost. Which of the following would be MOST effective in preventing loss of sensitive data?

A.
Modifying the disciplinary policy to be more stringent
B. Implementing a check-in/check-out process for USB flash drives
C. Issuing encrypted USB flash drives to staff
D. Increasing the frequency of security awareness training

Correct Answer: C