Answer is D. Employee training, risk management, and data handling procedures and policies are all part of Administrative security measures. Preventative measures are closely aligned put with technical measures.
Administrative security measures involve the policies, procedures, and practices that govern how an organization manages and protects its information and systems. This includes employee training, risk management processes, and data handling procedures, all of which are aimed at ensuring the security of the organization through proper management practices and governance.
NOT A. Preventative controls are a category (like technical, physical, or administrative) but the question asks for the type of control, not its function.
Answer D) Administrative
There are three main types of IT security controls including technical, administrative, and physical. The primary goal for implementing a security control can be preventative, detective, corrective, compensatory, or act as a deterrent.
https://purplesec.us/security-controls/
D. Administrative........employee training can make it seem like A is the correct answer but all the other activities mentioned are administrative controls and Employee training can also fall under that categroy making D. Administrative the best answer.
Employee training, risk management, and data handling procedures and policies could be characterized as:
D. Administrative
These measures focus on managing and controlling security aspects within an organization, such as establishing policies, procedures, and training to ensure that security practices are followed and that risks are managed effectively.
correct answer is D:
Employee training, risk management, and data handling procedures and policies could be characterized as Administrative Security Measures.
A. is the correct!
Employee training - that means any one of the employee in the organization - not a particular employee.
Preventive is when the organization train or send awareness emails, or posters.
Administrative security controls refer to policies, procedures, or guidelines that define personnel or business practices in accordance with the organization's security goals.
Administrative Security consists of policies, procedures, and personnel controls including security policies, training, and audits, technical training, supervision, separation of duties, rotation of duties, recruiting and termination procedures, user access control, background checks, performance evaluations, and disaster recovery, contingency, and emergency plans. These measures ensure that authorized users know and understand how to properly use the system in order to maintain security of data.
It's D
This section is not available anymore. Please use the main Exam Page.CISSP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
krassko
Highly Voted 2 years, 2 months agojackdryan
1 year, 7 months agorc7
Highly Voted 2 years, 1 month agoa_kto_to
Most Recent 1 month, 2 weeks agoBigITGuy
2 months, 2 weeks agoYesPlease
12 months agoSoleandheel
1 year agobherto39
1 year, 2 months agoxxxBadManxxx
1 year, 4 months agoMoose01
1 year, 6 months agononame4
1 year, 9 months agoIvanchun
1 year, 11 months agoMann0302
2 years, 1 month agoJamati
2 years, 1 month agordy4u
2 years, 1 month agoNickolos
2 years, 1 month agoJAckThePip
2 years, 2 months agoRollizo
2 years, 2 months agothanhlb
1 year, 1 month ago