A Chief Information Security Officer (CISO) has tasked a security analyst with assessing the security posture of an organization and which internal factors would contribute to a security compromise.
The analyst performs a walk-through of the organization and discovers there are multiple instances of unlabeled optical media on office desks.
Employees in the vicinity either do not claim ownership or disavow any knowledge concerning who owns the media.
Which of the following is the MOST immediate action to be taken?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
As per the scenario described, there are instances of unlabeled optical media found in the organization. This poses a potential security risk, as it is unclear what information is contained on the media or who owns it. To mitigate this risk, the security analyst must take immediate action.
Option A: Confiscate the media and dispose of it in a secure manner as per company policy. This option is the most appropriate immediate action to take. By confiscating the media, the analyst can ensure that it is not used inappropriately or maliciously. Disposing of the media in a secure manner, as per company policy, will also help to prevent any potential data breaches or leaks.
Option B: Confiscate the media, insert it into a computer, find out what is on the disc, and then label it and return it to where it was found. This option is not recommended, as inserting an unlabeled optical media into a computer may introduce malware or other security risks. Additionally, labeling the media and returning it to where it was found does not provide adequate security measures to prevent potential misuse or data breaches.
Option C: Confiscate the media and wait for the owner to claim it. If it is not claimed within one month, shred it. This option is not recommended, as waiting for the owner to claim the media can leave the organization vulnerable to potential security threats. Additionally, waiting for one month may give potential attackers ample time to retrieve the media and misuse it.
Option D: Confiscate the media, insert it into a computer, make a copy of the disc, and then return the original to where it was found. This option is not recommended, as inserting the media into a computer can introduce security risks, and making a copy of the disc without knowing its contents may also result in data breaches or leaks. Additionally, returning the original media to where it was found does not provide adequate security measures to prevent potential misuse or data breaches.
In summary, the most immediate action that the security analyst should take is to confiscate the media and dispose of it in a secure manner as per company policy (Option A). This will help to mitigate any potential security risks and prevent data breaches or leaks.