CGRC · Question #544
CGRC Question #544: Real Exam Question with Answer & Explanation
The correct answer is D: Common. The door lock and PIN securing a shared computer room are examples of common security controls. They are implemented once to protect a resource or environment shared by multiple systems or components.
Question
Colvine-Tech hardware (10 computers) are located in a single computer room and access to the room is permitted only to the few system users who have the required privileges. To access the computer room which is restricted by door locks, proximity cards and personal identification pins are required. Relative to the hardware in the computer room, the doorlock and the PIN are examples of what type of security control? Response:
Options
- AManagerial
- BTechnical
- CSystem specific
- DCommon
Explanation
The door lock and PIN securing a shared computer room are examples of common security controls. They are implemented once to protect a resource or environment shared by multiple systems or components.
Common mistakes.
- A. Managerial controls are policies, procedures, and guidelines, not physical or logical access mechanisms like a door lock and PIN.
- B. While a PIN has a technical aspect, classifying the doorlock and PIN together as 'technical' broadly describes their nature, but 'common' specifically describes how these controls are applied across multiple systems in this context.
- C. System specific controls are unique to a particular information system, whereas these controls protect a shared environment for multiple systems.
Concept tested. Types of security controls - common
Reference. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
Topics
Community Discussion
No community discussion yet for this question.