PrepAway - Latest Free Exam Questions & Answers

Which of the following is NOT an administrative control?

Which of the following is NOT an administrative control?

PrepAway - Latest Free Exam Questions & Answers

A.
Logical access control mechanisms

B.
Screening of personnel

C.
Development of policies, standards, procedures and guidelines

D.
Change control procedures

Explanation:
Administrative controls are security mechanisms that are management’s responsibility and referred to as “soft”
controls. These controls include the development and publication of policies, standards, procedures, and
guidelines; the screening of personnel; security-awareness training; the monitoring of system activity; and
change control procedures.
Logical access control mechanisms are not an example of administrative controls. They are an example of a
“Logical control” also known as a “Technical control”.
Incorrect Answers:
B: Screening of personnel is an example of an administrative control.
C: Development of policies, standards, procedures and guidelines is an example of an administrative control.
D: Change control procedures are an example of an administrative control.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 28


Leave a Reply