[CCCure CISSP] Qs2 Physical Security: cccure QuizEngn doubts

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

[CCCure CISSP] Qs2 Physical Security: cccure QuizEngn doubts

Amlan Deb
Hello everyone,
I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them. Request you to please provide a quick reply as I need to appear for the exam in the month of July.



1.     Question: 1428 | Difficulty: 3/5 | Relevancy: 3/3

Which of the following questions is less likely to help in assessing physical and environmental protection?

o      Are entry codes changed periodically?

o      Are appropriate fire suppression and prevention devices installed and working?

o     Are there processes to ensure that unauthorized individuals cannot read, copy, alter, or steal printed or electronic information?

o      Is physical access to data transmission lines controlled?

You did not provide any answer to this question. Please review details below.

Physical security and environmental security are part of operational controls, and are measures taken to protect systems, buildings, and related supporting infrastructures against threats associated with their physical environment. All the questions above are useful in assessing physical and environmental protection except for the one regarding processes that ensuring that unauthorized individuals cannot access information, which is more a production control.
Source: SWANSON, Marianne,
NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001 (Pages A-21 to A-24).

Last modified 07/02/2007, Ron Hehemann

Contributor: Christian Vezina


My doubt:  1. Even option ‘C’ (the correct answer) seems to be linked to Physical Security (cannot read, copy, alter or steal printed information)?

2. Where can I find an elaborate definition of Production controls and examples of the same?

3. Where can I find an elaborate definition of Operational controls and examples of the same?


You can find the list archive at:

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: