Scenario: Your program is developed around minimizing risk to information by focusing on people, technology, and operations. You have decided to deal with risk to information from people first.
How can you minimize risk to your most sensitive information before granting access?
A . Set your firewall permissions aggressively and monitor logs regularly.
B . Develop an Information Security Awareness program
C . Conduct background checks on individuals before hiring them
D . Monitor employee drowsing and surfing habits
Answer: C