During an internal penetration test, the security team discovers seven unbranded USB flash drives that have been intentionally left on an empty desk in a high-traffic area of the engineering office. Management fears this is a classic "USB drop" social-engineering tactic designed to tempt employees into plugging the devices into corporate workstations. Which of the following actions is the MOST effective way to minimize the risk that curious staff will insert the drives?
Store them in a common area so staff can review at their own discretion
Sanitize them with a standard cleanup tool and hand them back to employees
Implement a guideline requiring employees to hand over such items for forensic analysis in a secured environment
Recommend that staff verify the contents on personal machines before using them on company computers
Turning unknown USB media over to the incident response or security team-where it can be examined in an isolated, forensic laboratory-removes the temptation for end users and eliminates the possibility that the drive is inserted into a production system. The other approaches either still involve plugging the device into a computer that is not hardened, rely on incomplete cleaning utilities, or leave the media readily available, all of which continue to expose the organization to malware or data-exfiltration risks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a USB drop social-engineering tactic?
Open an interactive chat with Bash
Why is handing over unknown USB devices for forensic analysis safer than other options?
Open an interactive chat with Bash
How can organizations prevent employees from falling for USB drop tactics?