Logical and Technical Controls: Protecting Access and Information

Logical and Technical Controls for Restricting Access and Protecting Information

Prev Question Next Question

Question

Logical or technical controls involve the restriction of access to systems and the protection of information.

Which of the following statements pertaining to these types of controls is correct?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

Logical or technical controls involve the restriction of access to systems and the protection of information.

Examples of these types of controls are encryption, smart cards, access lists, and transmission protocols.

Source: KRUTZ, Ronald L.

& VINES, Russel.

D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 33.

Logical or technical controls are a type of security control that is designed to protect information and restrict access to systems. Examples of these types of controls include policies and procedures, security awareness training, access lists, encryption, smart cards, and transmission protocols.

Option A is incorrect because it states that a review of vacation history and increased supervision are not examples of logical or technical controls. However, they are often used as part of these types of controls. Work habit checks may also fall under this category, but it depends on the specific context.

Option B is also incorrect because it states that encryption, smart cards, access lists, and transmission protocols are not examples of logical or technical controls. However, they are all examples of these types of controls and are commonly used to protect information and restrict access to systems.

Option C is correct because it correctly identifies encryption, smart cards, access lists, and transmission protocols as examples of logical or technical controls.

Option D is incorrect because it includes a review of vacation history and increased supervision as examples of logical or technical controls, which may not always be the case. However, policies and procedures, security awareness training, and background checks are all commonly used as part of these types of controls.