Question

An organization has a datacenter that processes highly sensitive information and is staffed 24 hours a day. The datacenter includes email servers, and administrators purge email older than six months to comply with the organization's security policy. Access to the datacenter is controlled, and all systems that process sensitive information are marked. Administrators routinely back up data processed in the datacenter. They keep a copy of the backups on site and send an unmarked copy to one of the company warehouses. Warehouse workers organize the media by date, and they have backups from the last 20 years. Employees work at the warehouse during the day and lock it when they leave at night and over the weekends. Recently a theft at the warehouse resulted in the loss of all of the offsite backup tapes. Later, copies of their data, including sensitive emails from years ago, began appearing on internet sites, exposing the organization's internal sensitive data. Which of the following administrator actions might have prevented this incident?

A. Mark the tapes before sending them to the warehouse.
B. Purge the tapes before backing up data to them.
C. Degauss the tapes before backing up data to them.
D. Add the tapes to an asset management database.

Answer 1

A. Mark the tapes before sending them to the warehouse.

Step-by-step explanation:

If they had marked the tapes as sensitive information before sending them to the warehouses, it would have been easier for the people to go and store them properly, and not having them as easily robbed, they could have put them into safes, in order to prevent that when a theft entered would steal it.