CompTIA CASP+ Practice Test

What security measure could reduce the risk of data exfiltration in a vendor-operated data center?

• A. Regular inspections of vendor practices
• B. Physical security controls for racks
• C. Network monitoring for unusual activity
• D. Utilizing third-party security audits

The correct answer is: Physical security controls for racks

The choice of physical security controls for racks is a significant measure to mitigate the risk of data exfiltration in a vendor-operated data center. By implementing physical security controls, organizations can prevent unauthorized access to sensitive data stored within server racks. This includes measures such as locked racks, access control systems, and surveillance cameras, which help ensure that only authorized personnel can physically access the hardware where data is stored. Physical security is crucial because even the most secure digital systems can be compromised if an attacker can gain physical access to the servers. With proper physical controls, the risk of someone physically removing servers or accessing sensitive data directly is greatly reduced. This approach establishes a fundamental layer of protection that complements other cybersecurity measures. In contrast, regular inspections of vendor practices, network monitoring for unusual activity, and utilizing third-party security audits are all valuable strategies in creating a comprehensive security posture. However, they primarily address operational and digital security aspects rather than the immediate risk posed by physical access to data storage. Thus, while all these options contribute to an organization's security strategy, the emphasis on physical security controls for racks directly tackles the issue of unauthorized physical access, making it a particularly relevant choice for reducing the risk of data exfiltration.