Exam CS0-002 topic 1 question 191 discussion

Even ChatGPT doesn't know. LOL Both Option B and Option C could be considered valid depending on the specific context and focus of managerial control. In the realm of information security, Option C might be more specific to the security domain, whereas Option B encompasses a broader range of managerial control functions, including those related to security awareness and training. Therefore, both Option B and Option C could be correct, and the choice may depend on the emphasis or perspective within the context of managerial control.

CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Chapter 21 "Managerial controls are those that enable the overarching administration of the security of an organization. Examples of managerial controls are planning, risk assessment, security assessments, and systems acquisition processes."

Per the Comptia CySA+ Student Guide: "Managerial—The control gives oversight of the information system. Examples could include risk identification or a tool allowing the evaluation and selection of other security controls."

Managerial control is about security design and implementation, which is A. B mentions awareness programs, which is a part of operational controls.

After looking at professormesser's SY0-601 Security+ 5.1 video he mentions "We put security controls into three major categories. The first category is a managerial control. This is a control that focuses on the design of the security or the policy implementation associated with the security. We might have a set of security policies for our organization or set of standard operating procedures that everyone is expected to follow." With the key words design of security or policy implementation A. would be the most likely as it uses the same key words "design and implement".

management controls are actions taken to manage the development, maintenance, and use of the system, including system-specific policies, procedures, and rules of behavior, individual roles and responsibilities, individual accountability and personnel security decisions. -NIST Website With that being said, i interpret "B" as the correct answer.

Of the options provided, D. To ensure tactical design, selection of technology to protect data, logical access reviews, and the implementation of audit trails, best explains the function of managerial control. Managerial control refers to the process of monitoring and regulating activities within an organization to ensure that goals are achieved effectively and efficiently. It involves various activities related to planning, organizing, directing, and controlling resources to accomplish organizational objectives

Managerial controls are those that enable the overarching administration of the security of an organization.Managerial controls are those that enable the overarching administration of the security of an organization. Examples of managerial controls are planning, risk assessment, security assessments, and systems acquisition processes.

Answer is B management controls are actions taken to manage thedevelopment, maintenance, and use of the system, including system-specific policies, procedures, and rules of behavior, individual roles and responsibilities, individual accountability and personnel security decisions. Source(s): NIST SP 800-16 under Management Controls

Another close question. I lean towards C.

I taked from book; Managerial—The control gives oversight of the information system. Examples couldinclude risk identification or a tool allowing the evaluation and selection of othersecurity controls. i am confusing going with B and C. contingency planning in C does not coming logical but also i going with C. i hope its correct

A & B aren't really controls. D is out, and C it is. The addition of Risk Assessment in C makes it much more likely to the answer they are after

The answer is C, but I only know through grammatical process of elimination. To help, to guide, to ensure are all similar. To create is the odd one out. Now to learn why...

Managerial controls ensure the organization's security policies and procedures are effectively implemented and adhered to. They play a role in overseeing the development and delivery of security training, education, and awareness programs, as well as ensuring the proper maintenance of security systems.

Managerial controls are not synonymous with administrative controls. Going with B

Managerial controls are procedural mechanisms that focus on the mechanics of the risk management process. Examples of administrative controls include periodic risk assessments, security planning exercises, and the incorporation of security into the organization's change management, service acquisition, and project management practices.