Based on the controls classification, which of the following controls would BEST meet these requirements?

An organization has established the following controls matrix:

The following control sets have been defined by the organization and are applied in aggregate fashion:

✑ Systems containing PII are protected with the minimum control set.

✑ Systems containing medical data are protected at the moderate level.

✑ Systems containing cardholder data are protected at the high level.

The organization is preparing to deploy a system that protects the confidentially of a database containing PII and medical data from clients.

Based on the controls classification, which of the following controls would BEST meet these requirements?
A . Proximity card access to the server room, context-based authentication, UPS, and full-disk encryption for the database server.
B . Cipher lock on the server room door, FDE, surge protector, and static analysis of all application code.
C . Peer review of all application changes, static analysis of application code, UPS, and penetration testing of the complete system.
D . Intrusion detection capabilities, network-based IPS, generator, and context-based authentication.

Answer: D

Latest CAS-003 Dumps Valid Version with 509 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments