CERTIFIED-IN-CYBERSECURITY · Question #181
CERTIFIED-IN-CYBERSECURITY Question #181: Real Exam Question with Answer & Explanation
The correct answer is C: By using multiple layers of access control, such as a combination of electronic access control and. Layering different physical access controls can provide increased security by requiring multiple forms of authentication or verification before granting access to sensitive areas (see ISC2 Study Guide, Module 2, under Monitoring). This approach ensures that only authorized indivi
Question
How can organizations effectively combine different types of physical access controls to enhance security?
Options
- ABy allowing unrestricted access to all areas to promote a sense of trust among employees
- BBy implementing a single, universal access control mechanism for all areas
- CBy using multiple layers of access control, such as a combination of electronic access control and
- DBy eliminating the use of physical access controls and relying solely on employee vigilance
Explanation
Layering different physical access controls can provide increased security by requiring multiple forms of authentication or verification before granting access to sensitive areas (see ISC2 Study Guide, Module 2, under Monitoring). This approach ensures that only authorized individuals are granted access and that their movements within the facility are appropriately restricted and monitored. Implementing a single, universal access control mechanism for all areas would not provide the same level of security as layering different physical access controls, as it would not require multiple forms of authentication or verification. Imagine a high-security research lab that implements a multi-layered access control system. At the main entrance of the lab complex, an electronic access control system is used. Each employee is issued a smart card, which they need to swipe to gain entry. Next, for entry into the actual lab room where the sensitive work takes place, an additional layer of biometric authentication is used (this could be a fingerprint scanner, a facial recognition system, or an iris scanner). This additional layer ensures that only authorized individuals can access the most sensitive areas of the facility, and it also prevents anyone from using a lost or stolen smart card to gain entry. Regarding the other options, eliminating physical access controls and relying solely on employee vigilance would be ineffective, as it would not provide any form of authentication or verification. Allowing unrestricted access to all areas would also be ineffective, as it would not provide any form of authentication or verification and would not restrict the movements of individuals within the facilit
Topics
Community Discussion
No community discussion yet for this question.