CISSP-ISSAP Exam: Examples of Technical Controls

Examples of Technical Controls

Question

Which of the following are the examples of technical controls? Each correct answer represents a complete solution.

Choose three.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

BCA.

Technical controls are a type of security control that uses technology to manage, monitor, and protect information systems and data. They are one of the three main categories of security controls, along with administrative and physical controls. Technical controls are used to prevent unauthorized access, detect and respond to security incidents, and ensure the confidentiality, integrity, and availability of information.

The following are the examples of technical controls:

B. Network architecture: Network architecture is a technical control that refers to the design, layout, and structure of a computer network. It includes elements such as routers, switches, firewalls, and other network devices. Network architecture controls are used to protect the network from unauthorized access, monitor network activity, and manage network resources. For example, network segmentation can be used to create different security zones, so that sensitive data is isolated from other parts of the network.

C. System access: System access controls are used to limit and manage the ability of users and processes to access resources and data on a system. These controls include authentication mechanisms, such as passwords and biometric identifiers, and authorization mechanisms, such as access control lists and role-based access control. System access controls are designed to prevent unauthorized access, enforce least privilege, and track user activity.

D. Data backups: Data backups are a technical control that is used to ensure the availability and integrity of data. Backup controls involve making copies of critical data and storing them in a separate location, so that they can be restored in the event of a disaster or data loss. Backup controls are used to protect against accidental deletion, hardware failure, and other events that can cause data loss.

Therefore, options B, C, and D are the examples of technical controls. Auditing (option A) is a type of administrative control used to monitor and review system activity to detect security incidents and ensure compliance with policies and regulations.