Which of the following is NOT true concerning Application Control?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
Source: TIPTON, Harold.
F.
& KRAUSE, MICKI, Information Security Management Handbook, 4th Edition, Volume 2, Auerbach.
Application Control is a type of security control that limits the use of applications on an endpoint device. The control aims to protect the device from malicious or unauthorized applications, restrict access to sensitive applications and data, and prevent application execution and installation.
The correct answer to the question is option A: "It limits end-users use of applications in such a way that only particular screens are visible" is NOT true concerning Application Control.
Option A is incorrect because Application Control does not necessarily limit the visibility of screens in an application. Instead, it controls the use of the application itself, such as the ability to execute, install, or access certain features of the application.
Option B is true because Application Control can restrict the use of specific records within an application. For example, it can restrict users from accessing or modifying sensitive records within an application.
Option C is also true because Application Control can record the usage of an application for audit purposes. This feature helps administrators monitor and track user activity within an application and identify potential security threats.
Option D is partially true. Application Control can be transparent or non-transparent to endpoint applications, depending on the implementation method used. In a transparent implementation, no changes are needed to the applications or databases involved. However, in a non-transparent implementation, changes may be required to integrate the control with the applications and databases.
In summary, Application Control is a valuable security control that restricts the use of applications on endpoint devices. It can limit access to specific records, record usage for audit purposes, and be implemented transparently or non-transparently depending on the implementation method used. The incorrect statement is that Application Control limits end-users use of applications in such a way that only particular screens are visible.