Preventing Unauthorized Changes in the GHT Project
Question
You are the project manager of GHT project.
You have applied certain control to prevent the unauthorized changes in your project.
Which of the following control you would have applied for this purpose?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Configuration management control is a family of controls that addresses both configuration management and change management.
Change control practices prevent unauthorized changes.
They include goals such as configuring systems for least functionality as a primary method of hardening systems.
Incorrect Answers: A: The Personal security control is family of controls that includes aspects of personnel security.
It includes personnel screening, termination, and transfer.
B: Access control is the family of controls that helps an organization implement effective access control.
They ensure that users have the rights and permissions they need to perform their jobs, and no more.
It includes principles such as least privilege and separation of duties.
D: Physical and environment protection control are the family that provides an extensive number of controls related to physical security.
Of the options presented, the control that would be most relevant to prevent unauthorized changes in a project is "Access control."
Access control refers to the practice of restricting access to certain resources or information only to authorized individuals or groups. Access control can be implemented using a variety of methods, including authentication (i.e., verifying the identity of the user), authorization (i.e., granting permission to access certain resources), and encryption (i.e., securing the data from unauthorized access).
In the context of a project, access control might involve implementing password policies, requiring users to log in with a username and password, and restricting access to certain parts of the project to only those users who have been granted permission.
While personnel security controls, configuration management controls, and physical and environmental protection controls may also be relevant to a project, they may not necessarily be focused on preventing unauthorized changes specifically. For example, personnel security controls might be concerned with ensuring that employees are properly trained and vetted, while physical and environmental protection controls might be concerned with protecting the physical assets of the project.
Overall, access control is the most appropriate control to prevent unauthorized changes in a project.
