(ISC)2 Certified in Cybersecurity Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the (ISC)2 Certified in Cybersecurity Exam with comprehensive quizzes and extensive question banks. Enhance your skills with detailed explanations and practice tests designed to improve your expertise for the certification exam. Get exam-ready now!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What should be done to ensure that sensitive data is adequately protected?

Only encrypt it
Implement multi-layered security measures
Regularly audit user access
Only restrict physical access

The correct answer is: Implement multi-layered security measures

Implementing multi-layered security measures is crucial for ensuring that sensitive data is adequately protected. This approach, also known as defense-in-depth, involves using multiple security controls and strategies at different layers of an information system, providing a more robust and resilient protection mechanism against various threats. Relying solely on encryption, as indicated in one of the options, only protects data in transit or at rest but does not comprehensively address all potential vulnerabilities, such as unauthorized access or malware attacks. Meanwhile, regularly auditing user access is an essential practice but could be insufficient on its own without additional protective measures to secure the data from potential breaches. Lastly, restricting physical access is vital, particularly for servers and data storage; however, it does not apply to remote access or data transmitted over networks, leaving other channels potentially unprotected. Thus, a multi-layered approach that encompasses encryption, access controls, regular audits, and physical protections creates a more comprehensive and effective security posture to safeguard sensitive data against a variety of threats.