SSCP Exam: Physical and Environmental Protection Assessment

Assessing Physical and Environmental Protection

Prev Question Next Question

Question

Which of the following questions is less likely to help in assessing physical and environmental protection?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

C.

Physical security and environmental security are part of operational controls, and are measures taken to protect systems, buildings, and related supporting infrastructures against threats associated with their physical environment.

All the questions above are useful in assessing physical and environmental protection except for the one regarding processes that ensuring that unauthorized individuals cannot access information, which is more a production control.

Source: SWANSON, Marianne, NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001 (Pages A-21 to A-24).

All of the given options are related to physical and environmental protection, but one question is less likely to help in assessing physical and environmental protection.

Option C, "Are there processes to ensure that unauthorized individuals cannot read, copy, alter, or steal printed or electronic information?" is less likely to help in assessing physical and environmental protection.

The reason is that this question specifically relates to data security and access control rather than physical and environmental protection. While protecting printed and electronic information is important, it is not directly related to physical security measures such as preventing unauthorized access to a building, controlling access to data transmission lines, or installing fire suppression and prevention devices.

On the other hand, Options A, B, and D all focus on specific physical security measures. Option A addresses the importance of periodically changing entry codes to prevent unauthorized access to a building. Option B deals with fire prevention and suppression devices that are essential in safeguarding against damage to the building, equipment, and data due to fires. Finally, Option D emphasizes controlling physical access to data transmission lines to ensure that unauthorized individuals cannot interfere with the transmission of data.

Therefore, option C is the least relevant to assessing physical and environmental protection when compared to the other options.