Mar 7 • 🙋♂️ CISSP
Practice Question
MedTech Innovations, a research and development company specializing in medical devices, is developing a new prototype that utilizes advanced artificial intelligence (AI) algorithms. The prototype contains highly sensitive intellectual property (IP) and patient data. The company is collaborating with several external research institutions and vendors, requiring data sharing and access to the prototype's systems. The CISO is concerned about the potential for unauthorized access, data leakage, and tampering with the prototype. The company has a limited budget for security controls.
Given the limited budget and the need to protect sensitive IP and patient data, which of the following asset security strategies is MOST critical for MedTech Innovations to implement?
a) Implement a comprehensive data encryption strategy for all data at rest and in transit, utilizing homomorphic encryption for data processing.
b) Conduct a thorough data classification exercise and implement strict access controls based on the principle of least privilege, with mandatory access control (MAC) for sensitive data.
c) Deploy a network intrusion detection system (NIDS) and intrusion prevention system (IPS) to monitor and block unauthorized network traffic, with a focus on anomaly detection.
d) Implement a robust vulnerability management program, including regular penetration testing and security assessments of the prototype's systems and applications.
5
11 comments
Practice Question
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+30
3
+30
4
+26
5
+15
Powered by