Penetration testers with full physical access to our facility has found PHI hard copies laying around which of our policies are our employees not following?
A: Clean desk policy.
B: BYOD policy.
C: Wireless policy.
D: Shred policy.
CBK 6: Security Assessment and Testing
Source: ThorTeaches.com practice tests
A: Clean desk policy requires employees to not have sensitive (or any at all) paperwork on their desks unless they are at the desk. If they are done with the paperwork they should dispose of it, if not lock it away.