I have some doubts regarding some cccure Quiz questions and concepts mentioned below. Would really appreciate it if you could take out some time and help me with them. Request you to please provide a quick reply as I need to appear for the exam in the month of July.
Physical security and environmental security are part of operational controls, and are measures taken to protect systems, buildings, and related supporting infrastructures against threats associated with their physical environment. All the questions above are useful in assessing physical and environmental protection except for the one regarding processes that ensuring that unauthorized individuals cannot access information, which is more a production control. Source: SWANSON, Marianne,
NIST Special Publication 800-26, Security Self-Assessment Guide for Information Technology Systems, November 2001 (Pages A-21 to A-24).
Last modified 07/02/2007, Ron Hehemann
Contributor: Christian Vezina
My doubt:1. Even option ‘C’ (the correct answer) seems to be linked to Physical Security (cannot read, copy, alter or steal printed information)?
2. Where can I find an elaborate definition of Production controls and examples of the same?
3. Where can I find an elaborate definition of Operational controls and examples of the same?