CRISC Certified in Risk and Information Systems Control – Question164
You are the project manager of GHT project. You have applied certain control to prevent the unauthorized changes in your project. Which of the following control you would have applied for this purpose? A. Personnel security control B. Access control C. Configuration management control D. Physical and environment protection control
Correct Answer: C
Explanation:
Explanation:
Configuration management control is a family of controls that addresses both configuration management and change management. Change control practices prevent unauthorized changes. They include goals such as configuring systems for least functionality as a primary method of hardening systems.
Incorrect Answers:
A: The Personal security control is family of controls that includes aspects of personnel security. It includes personnel screening, termination, and transfer.
B: Access control is the family of controls that helps an organization implement effective access control. They ensure that users have the rights and permissions they need to perform their jobs, and no more. It includes principles such as least privilege and separation of duties.
D: Physical and environment protection control are the family that provides an extensive number of controls related to physical security.
Please disable your adblocker or whitelist this site!