Penetration testers with full physical access to our facility has found PHI hard copies laying around which of our policies are our employees not following?
A: Clean desk policy.
B: BYOD policy.
C: Wireless policy.
D: Shred policy.
CISSP Certification 2018 Domain 6: Security Assessment and Testing
Source: https://thorteaches.com/ daily CISSP practice exam questions for the 2018 CISSP exam version.
A: Clean desk policy requires employees to not have sensitive (or any at all) paperwork on their desks unless they are at the desk. If they are done with the paperwork they should dispose of it, if not lock it away.