CompTIA CySA+ (CS0-002) — Question 104

Which of the following BEST explains the function of a managerial control?

Answer options

• A. To scope the security planning, program development, and maintenance of the security life cycle
• B. To guide the development of training, education, security awareness programs, and system maintenance
• C. To implement data classification, risk assessments, security control reviews, and contingency planning
• D. To ensure tactical design, selection of technology to protect data, logical access reviews, and the implementation of audit trails

Correct answer: C

Explanation

The correct answer, C, highlights the managerial control's role in executing critical security processes such as data classification and risk assessments. Options A, B, and D focus on different aspects of security management that are not the primary focus of managerial control, which is more about implementation and evaluation rather than planning or training.