A USB dongle used by an engineer in the R&D department lost on the ground is found without a physical label identifying the sensitivity of the information contained. According to the data policy, all storage media shall be labeled. Which of the following action should be taken first?
A. Label the USB dongle at the highest level of sensibility
B. Classify and label the USB dongle as initial level
C. Examine the USB dongle on a secured workstation and label it based on the result
D. Inform the owner of the USB dongle and ask him to label it

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Label the USB dongle at the highest level of sensibility.

According to the CISSP CBK, 4th edition, “when media is found or discovered without a label, it should be immediately labeled at the highest level of sensitivity until the appropriate analysis reveals otherwise.”

Before any analysis or response (e.g. examine the USB dongle) is conducted, the USB dongle should be labeled at the highest level of sensibility.

The USB dongle needs to be examined to ensure it is not a phishing bait, and identify and inform the real owner. It may violate the authorization and lead to a data breach if the USB dongle actually contains data at the highest of sensibility, and the one assigned to examine the dongle doesn’t have the same or above level of sensibility.