Which of the following is NOT an administrative control?
A . Logical access control mechanisms
B . Screening of personnel
C . Development of policies, standards, procedures and guidelines
D . Change control procedures
Answer: A
Explanation: It is considered to be a technical control.
Logical is synonymous with Technical Control. That was the easy answer.
There are three broad categories of access control: Administrative, Technical, and Physical.
Each category has different access control mechanisms that can be carried out manually or automatically. All of these access control mechanisms should work in concert with each other to protect an infrastructure and its data.
Each category of access control has several components that fall within it, as shown here:
Administrative Controls
Policy and procedures
Personnel controls
Supervisory structure
Security-awareness training
Testing
Physical Controls
Network segregation Perimeter security Computer controls Work area separation Data backups
Technical Controls
System access Network architecture Network access Encryption and protocols Control zone Auditing
The following answers are incorrect :
Screening of personnel is considered to be an administrative control
Development of policies, standards, procedures and guidelines is considered to be an administrative control
Change control procedures is considered to be an administrative control. Reference : Shon Harris AIO v3 , Chapter – 3 : Security Management Practices , Page : 52-54
Latest SSCP Dumps Valid Version with 1074 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund