Bit of a stupid question on the CISM Q&A Database
CyberCop123
Member Posts: 338 ■■■■□□□□□□
in CISM
What's your views on this question... what do you think the best answer is? Answer in the next post....
Which of the following will BEST prevent an employee from using a USB drive to copy files from desktop computers?
B. Disable USB ports on all desktop devices
Which of the following will BEST prevent an employee from using a USB drive to copy files from desktop computers?
A. Restrict the available drive allocation on all personal computers
B. Disable USB ports on all desktop devices
C. Conduct frequent awareness training with noncompliance penalties
D. Establish strict access controls to sensitive information
My Aims
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
Comments
-
CyberCop123
Member Posts: 338 ■■■■□□□□□□
I chose B ... to disable USB ports on desktop devices.
However, apparently this is wrong. The correct answer is A - Restrict the available drive allocation on personal computers.
Not quite sure I get this. Of course you can disable all USB ports from data sticks - my organisation does it and we can still use USB keyboard and mice. This is wrong in my view. The best way to prevent use of USB drives to copy files is to disable USB ports across the entire business.
My Aims
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully) -
cyberguypr
Mod Posts: 6,928 Mod
Before reading the answer I was goign to say that you need to take this literally at face value as to "kill" the ports. My logic was exactly that if you disable all USB ports you can't connect keyboards, mice, biometric readers, etc. Disabling means interrupting/incapacitating something which in this context would imply some sort of denial of service or other major outage implication. Restricting means selectively limiting, which is the intended purpose of the control. -
DntH8Me
Member Posts: 73 ■■■□□□□□□□
If it makes you feel better from a 'technical' standpoint B does work but you are studying for a managerial exam. In this case I would say A is a more complete answer because there are other ways besides usb to attach mass storage devices. So "just" restricting the usb and relying on users to not attach a mass storage device by other means wouldn't be a good management choice.2019 Certification Goals: CEH | PenText + | CISM? | stop procrastinating -
paul78
Member Posts: 3,016 ■■■■■■■■■■
Yup - I would agree with you. That seems like it's a technically incomplete question/answer. The choice of A is actually not accurate. For one thing, it doesn't apply to Macs and Linux based desktops which are increasingly common in certain industries. Also - it's actually possible to address a drive by using the volume ID instead of a drive letter in Windows.
-
kaiju
Member Posts: 453 ■■■■■■■□□□
If you disable the USB port you will lose the ability to connect devices on all OS platforms.An administrator can utilize GPO (in Windows systems) to restrict removable storage access. The GPO options can be specified to target CD/DVD, removable disks (HDD and thumb drives), tape drives, and so forth. Using this method would allow USB devices such as a keyboards,mice, printers and other peripherals to be connected without issue.Work smarter NOT harder! Semper Gumby!