Secure Software Lifecycle Professional – CSSLP – Question170
Which of the following methods can be helpful to eliminate social engineering threat? Each correct answer represents a complete solution. Choose three. A. Password policies B. Data classification C. Data encryption D. Vulnerability assessments
Correct Answer: ABD
Explanation:
Explanation: The following methods can be helpful to eliminate social engineering threat: Password policies Vulnerability assessments Data classification Password policy should specify that how the password can be shared. Company should implement periodic penetration and vulnerability assessments. These assessments usually consist of using known hacker tools and common hacker techniques to breach a network security. Social engineering should also be used for an accurate assessment. Since social engineers use the knowledge of others to attain information, it is essential to have a data classification model in place that all employees know and follow. Data classification assigns level of sensitivity of company information. Each classification level specifies that who can view and edit data, and how it can be shared.
Please disable your adblocker or whitelist this site!