Which type of control would password management classify as?

A.
Compensating control

B.
Detective control

C.
Preventive control

D.
Technical control

Explanation:
Preventive technical controls are used to prevent unauthorized personnel or programs from gaining
remote access to computing resources. Examples of these controls include: • Access control
software. • Antivirus software. • Library control systems. • Passwords and Password management. •
Smart cards. • Encryption. • Dial-up access control and callback systems. About Passwords:
Passwords are used to verify that the user of an ID is the owner of the ID. The ID-password
combination is unique to each user and therefore provides a means of holding users accountable for
their activity on the system. Fixed passwords that are used for a defined period of time are often
easy for hackers to compromise; therefore, great care must be exercised to ensure that these
passwords do not appear in any dictionary. Fixed passwords are often used to control access to
specific data bases. In this use, however, all persons who have authorized access to the data base
use the same password; therefore, no accountability can be achieved. Currently, dynamic or onetime passwords, which are different for each log-on, are preferred over fixed passwords. Dynamic
passwords are created by a token that is programmed to generate passwords randomly. The
management of those passwords is part of Preventive control.