Question 115 - PK0-005 discussion

Operational security (OPSEC) is a process that prevents sensitive information from getting into the wrong hands by viewing operations from the perspective of an adversary1. Facility access is a form of OPSEC that controls who can enter and exit a physical location where sensitive data or equipment is stored or processed. Facility access can include measures such as locks, alarms, badges, biometrics, guards, and cameras. The other options are not correct because:

Mobile device compliance is a policy that ensures that mobile devices used by employees or contractors meet certain security standards and requirements, such as encryption, password protection, antivirus, and remote wipe. Mobile device compliance is not a form of OPSEC, but rather a form of data security or device management.

Background screening is a process that checks the criminal, financial, and employment history of a potential employee or contractor before hiring them. Background screening is not a form of OPSEC, but rather a form of human resource management or risk mitigation.

Multifactor authentication is a method that requires users to provide two or more pieces of evidence to verify their identity before accessing a system or service, such as a password, a code, a token, or a biometric. Multifactor authentication is not a form of OPSEC, but rather a form of access control or identity management.Reference=CompTIA Project+ Study Guide: Exam PK0-005, 3rd Edition, Chapter 10: Executing and Closing Projects, page 314;CompTIA Project+ Certification Exam Objectives, Domain 3: Project Execution, Objective 3.2: Given a scenario, execute and monitor project tasks using traditional methodologies;What is Operational Security? The Five-Step Process, Best Practices, and More