A company has five individual buildings in one business complex. During the assessment, the Assessment Team sees people entering and exiting the buildings and notices that none of the buildings have keypads or locks. The Assessment Team needs to determine how physical access is managed and controlled.
Which artifact BEST describes how access to these buildings is managed?
ESPs are exceptionally common today, given that many organizations are turning to secure cloud offerings to establish and maintain compliance. Integral to these relationships is a responsibility matrix, which defines who is responsible for specific items such as security. This can be a very complex assortment of taskings associated with federal compliance, but what is the MOST important thing to remember?
An OSC has a large multi-building facility. One building is used as the OSC’s data center. A guard is stationed at the entrance to the data center. A vendor engineer comes onsite to perform maintenance on the storage array in the data center. The guard knows the engineer well and has the engineer fill out the visitor log with the contact person’s name and phone number, the reason for the visit, and the date and time. Since the guard has known the engineer for many years, what is the BEST step the guard should take?
An OSC has built an enclave for its production environment. The enclave sits behind a firewall, with all equipment connected through a switch. There is a shipping workstation and physically connected label printer (used for the sales system, which does not process CUI) that the OSC claims are Contractor Risk Managed Assets (CRMA). Other than showing that the shipping workstation and label printer are not intended to store or transmit CUI, and documenting them in the SSP,
how BEST would the OSC show that the shipping workstation and label printer are Contractor Risk Managed Assets?
Copyright © 2021-2025 CertsTopics. All Rights Reserved
