CISSP-ISSAP · Question #10
Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.
The correct answer is A. Auditing B. Network acchitecture C. System access. Technical controls (also called logical controls) are security measures enforced through technology and automated systems. Auditing (A) qualifies because it uses software/system mechanisms to record and monitor activity trails. Network architecture (B) qualifies because it encomp
Question
Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.
Options
- AAuditing
- BNetwork acchitecture
- CSystem access
- DData backups
How the community answered
(30 responses)- A77% (23)
- D23% (7)
Explanation
Technical controls (also called logical controls) are security measures enforced through technology and automated systems. Auditing (A) qualifies because it uses software/system mechanisms to record and monitor activity trails. Network architecture (B) qualifies because it encompasses technical implementations like firewalls, VLANs, and segmentation that enforce security through infrastructure design. System access (C) qualifies because authentication, authorization, and access control lists are technology-enforced mechanisms that restrict who can interact with systems.
Data backups (D) is the distractor - backups are generally classified as an operational control, because they represent a process or procedure (recovery planning, backup schedules) rather than a mechanism that directly enforces or detects security policy through technology.
Memory tip: Think "A-N-S = technology you can point to on a screen" - Auditing generates logs you view in a SIEM, Network architecture is configured in routers/firewalls, and System access is managed in IAM tools. Data backups, by contrast, are something you do on a schedule, making them procedural/operational.
Topics
Community Discussion
No community discussion yet for this question.