PrepAway - Latest Free Exam Questions & Answers

Which of the following is NOT a component that achieves…

Physical security is accomplished through proper facility construction, fire and water protection, anti-theft
mechanisms, intrusion detection systems, and security procedures that are adhered to and enforced. Which of
the following is NOT a component that achieves this type of security?

PrepAway - Latest Free Exam Questions & Answers

A.
Administrative control mechanisms

B.
Integrity control mechanisms

C.
Technical control mechanisms

D.
Physical control mechanisms

Explanation:
Integrity controls are not one of the three defined security control types.
Controls are put into place to reduce the risk an organization faces, and they come in three main flavors:
administrative, technical, and physical. Administrative controls are commonly referred to as “soft controls”
because they are more management-oriented. Examples of administrative controls are security documentation,
risk management, personnel security, and training. Technical controls (also called logical controls) are software
or hardware components, as in firewalls, IDS, encryption, identification and authentication mechanisms. And
physical controls are items put into place to protect facility, personnel, and resources. Examples of physical
controls are security guards, locks, fencing, and lighting.
Incorrect Answers:
A: Security procedures are an example of administrative controls. Therefore, this answer is incorrect.
C: An intrusion detection system is an example of technical controls. Therefore, this answer is incorrect.
D: The facility construction, fire and water protection are examples of physical controls. Therefore, this answer
is incorrect.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, 2013, p. 28


Leave a Reply