Which of the following is a preventive security measure?

Which of the following is a preventive security measure?
A . Installing logging and monitoring software
B . Shutting down the Internet connection after an attack
C . Storing sensitive information in a data save

Answer: C

Explanation:

A preventive security measure is a measure that aims to prevent or deter potential incidents from occurring, or to reduce their likelihood or impact. A preventive security measure can be a policy, a procedure, a device, a technique or an action that reduces the exposure to threats and vulnerabilities. Storing sensitive information in a data safe is an example of a preventive security measure, because it protects the information from unauthorized access, disclosure, modification or destruction by physical means, such as theft, fire, flood, etc. ISO/IEC 27001:2022 defines preventive control as “control that modifies risk by avoiding an unwanted incident” (see clause 3.19).

Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC 27001:2022 Information technology ― Security techniques ― Information security management systems ― Requirements, [What is Preventive Security?]

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments