CERTIFIED-IN-CYBERSECURITY · Question #496
CERTIFIED-IN-CYBERSECURITY Question #496: Real Exam Question with Answer & Explanation
The correct answer is D: A policy, defining the rules that assign access to authorized individuals. A policy defines the rules that assign access to authorized individuals. Administrative controls in a data center are typically non-technical measures used to manage and control access to data. They include policies, procedures, and guidelines that define who has access to data a
Question
Which of the following can be considered an administrative control in a data center?
Options
- ASecurity dogs owned by the data center administration
- BAccess Control List, preventing access to data via the network
- CA barrier, providing a physical obstacle to data storage devices
- DA policy, defining the rules that assign access to authorized individuals
Explanation
A policy defines the rules that assign access to authorized individuals. Administrative controls in a data center are typically non-technical measures used to manage and control access to data. They include policies, procedures, and guidelines that define who has access to data and under what conditions. For example, a policy might say that only network administrators can access certain servers, and only during certain hours (see the ISC2 Study Guide, Chapter 3, Module 1). The other options are incorrect because they are not administrative controls. A barrier is a physical control used to prevent unauthorized physical access to data storage devices. An access control list is a technical control that prevents unauthorized network access to data. Security dogs, is also a physical control used to prevent unauthorized access to the data center.
Topics
Community Discussion
No community discussion yet for this question.