Question

Which mitigation plan/control is most appropriate to limit the risk of unauthorized access to workstations? Justify your answer

a. Password protection
b. Patching and Antivirus software
c. Securing workstation, USB ports, and hard drive
d. Vulnerability scanning

Answer 1

c. Securing workstation, USB ports, and hard drive.

Justification:
While all the options mentioned can contribute to mitigating the risk of unauthorized access to workstations, securing workstations, USB ports, and hard drives is the most appropriate control in this scenario. Here's the justification for choosing this option:

a. Password protection: Password protection is an essential security measure, but it primarily guards against unauthorized access to user accounts. It may not prevent physical access to workstations or protect against unauthorized use of USB ports or hard drives.

b. Patching and Antivirus software: Patching and antivirus software are crucial for maintaining the security of workstations and protecting against malware and known vulnerabilities. However, they are not directly focused on preventing unauthorized access to workstations.

c. Securing workstation, USB ports, and hard drive: Securing workstations, USB ports, and hard drives involves physical security measures that limit access to the physical components of the workstation. This includes using lockable cabinets, access controls, and encryption to protect against unauthorized access to sensitive data stored on the hard drive or unauthorized use of USB ports. By implementing these measures, the risk of physical tampering or unauthorized data transfers can be significantly reduced.

d. Vulnerability scanning: Vulnerability scanning is an important security practice that helps identify weaknesses in software and systems. It can help in identifying potential vulnerabilities that could be exploited for unauthorized access. However, vulnerability scanning alone does not directly address the risk of unauthorized access to workstations.

Considering the specific risk of unauthorized access to workstations, securing workstations, USB ports, and hard drives provides a comprehensive approach that covers both physical and data security aspects. It ensures that unauthorized individuals are unable to physically tamper with or gain access to workstations or steal sensitive data through USB ports or hard drives.