Domain 1

Question 1

What are the three categories of controls?

Answer 1

Managerial, Operational, Technical

Managerial controls include security training, Operational controls are executed by people (e.g., backup media, facility design), and Technical controls involve technology.

Question 2

What is the purpose of Preventive Controls?

Answer 2

To prevent incidents

Examples of Preventive Controls include locks and guards.

Question 3

What do Detective Controls do?

Answer 3

Identify unauthorized behaviors

Detective Controls help in monitoring and alerting to security breaches.

Question 4

What are Compensating Controls?

Answer 4

Satisfy security requirements when primary controls are impractical

These controls serve as alternative measures to maintain security.

Question 5

Fill in the blank: _______ controls are executed by people.

Answer 5

Operational controls

Operational controls involve actions taken by individuals to maintain security.

Question 6

True or False: Technical controls involve human intervention.

Answer 6

False

Technical controls involve technology rather than human intervention.

Question 7

What is an example of a Preventive Control?

Answer 7

Locks, guards

Preventive Controls are designed to deter security incidents before they occur.

Question 8

What is the primary function of Detective Controls?

Answer 8

To identify unauthorized behaviors

Detective Controls are crucial for monitoring and responding to security threats.

Question 9

Fill in the blank: _______ controls are used when primary controls are impractical.

Answer 9

Compensating controls

Compensating controls provide alternative solutions to meet security requirements.