Bit of a stupid question on the CISM Q&A Database

What's your views on this question... what do you think the best answer is? Answer in the next post....

Which of the following will BEST prevent an employee from using a USB drive to copy files from desktop computers?

A. Restrict the available drive allocation on all personal computers

B. Disable USB ports on all desktop devices

C. Conduct frequent awareness training with noncompliance penalties

D. Establish strict access controls to sensitive information

Find more posts tagged with

Comments

CyberCop123

I chose B ... to disable USB ports on desktop devices.

However, apparently this is wrong. The correct answer is A - Restrict the available drive allocation on personal computers.

Not quite sure I get this. Of course you can disable all USB ports from data sticks - my organisation does it and we can still use USB keyboard and mice. This is wrong in my view. The best way to prevent use of USB drives to copy files is to disable USB ports across the entire business.

Image: https://us.v-cdn.net/6030959/uploads/editor/d5/qy9zryeh3r4b.png

cyberguypr

Before reading the answer I was goign to say that you need to take this literally at face value as to "kill" the ports. My logic was exactly that if you disable all USB ports you can't connect keyboards, mice, biometric readers, etc. Disabling means interrupting/incapacitating something which in this context would imply some sort of denial of service or other major outage implication. Restricting means selectively limiting, which is the intended purpose of the control.

DntH8Me

If it makes you feel better from a 'technical' standpoint B does work but you are studying for a managerial exam. In this case I would say A is a more complete answer because there are other ways besides usb to attach mass storage devices. So "just" restricting the usb and relying on users to not attach a mass storage device by other means wouldn't be a good management choice.

paul78

Yup - I would agree with you. That seems like it's a technically incomplete question/answer. The choice of A is actually not accurate. For one thing, it doesn't apply to Macs and Linux based desktops which are increasingly common in certain industries. Also - it's actually possible to address a drive by using the volume ID instead of a drive letter in Windows.

kaiju

If you disable the USB port you will lose the ability to connect devices on all OS platforms.

An administrator can utilize GPO (in Windows systems) to restrict removable storage access. The GPO options can be specified to target CD/DVD, removable disks (HDD and thumb drives), tape drives, and so forth. Using this method would allow USB devices such as a keyboards,mice, printers and other peripherals to be connected without issue.