A company finds that an exposed repository permitted individuals to read internal documents. Which approach best reduces the possibility of unauthorized disclosures while allowing the IT department to add new data?
Remove the repository nightly and reload it from backups each morning
Enforce stricter permissions on the repository and enable auditing
Encrypt all files with a local key known to the data owners
Use routine scanning tools to detect any abnormalities in file access
Setting more restrictive permissions and enforcing auditing address misconfigurations directly. Encrypting files alone may not prevent access if the folder remains publicly exposed. Running scans is beneficial but without revised access settings, it may not solve the underlying issue. Deleting and restoring the repository each day disrupts operations and fails to address the original misconfiguration.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is auditing in the context of IT security?
Open an interactive chat with Bash
Why are stricter permissions important for securing repositories?
Open an interactive chat with Bash
How do routine scans differ from auditing in mitigating security risks?