There are three main types of IT security controls including technical, administrative, and physical. The primary goal for implementing a security control can be preventative, detective, corrective, compensatory, or act as a deterrent. Controls are also used to protect people as is the case with social engineering awareness training or policies.
https://purplesec.us/security-controls/
The three MAIN categories of security controls refer to how the controls are implemented or applied in a system:
Administrative Controls – Policies, procedures, training, and guidelines (e.g., security awareness training, hiring practices).
Technical Controls – Also known as logical controls, these use technology to reduce risk (e.g., firewalls, encryption, access control lists).
Physical Controls – Controls that prevent or deter physical access (e.g., locks, security guards, fences).
This section is not available anymore. Please use the main Exam Page.CISSP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
rdy4u
Highly Voted 1 year, 1 month agojackdryan
7 months agoa_kto_to
Most Recent 1 month, 2 weeks agoWilsonge1
3 months, 3 weeks agoDJOEK
11 months, 1 week ago