Question

A security analyst works for a defense contractor that produces classified research on drones. The contractor faces nearly constant attacks from sophisticated nation-state actors and other APIs.

Which of the following would help protect the confidentiality of the research data?

A. Use diverse components in layers throughout the architecture
B. Implement non-heterogeneous components at the network perimeter
C. Purge all data remnants from client devices' volatile memory at regularly scheduled intervals
D. Use only in-house developed applications that adhere to strict SDLC security requirements

Answer 1

To protect classified drone research data, purging all data remnants from client devices' volatile memory at set intervals is the most effective mentioned measure to maintain data confidentiality against nation-state actors.

Step-by-step explanation:

To protect the confidentiality of research data from sophisticated nation-state actors and other advanced persistent threats (APTs), the most effective measure mentioned is to purge all data remnants from client devices' volatile memory at regularly scheduled intervals. This approach ensures that even if a device is compromised, sensitive data is not easily retrievable by unauthorized parties. It's also important to implement a layered security strategy, ensure the use of robust software development life cycle (SDLC) security practices, and maintain network perimeter defenses, such as using non-heterogeneous components, to prevent successful cyber attacks.

Maintaining focus on a diverse and secure IT architecture is critical in this high-threat environment. While the options provided select one action, a comprehensive approach often combines multiple security measures including using in-house developed applications, maintaining diverse components, and properly purging data from memory on a regular basis.