Certified in Risk and Information Systems Control (CRISC) — Question 33

You are the project manager of HJT project. Important confidential files of your project are stored on a computer. Keeping the unauthorized access of this computer in mind, you have placed a hidden CCTV in the room, even on having protection password. Which kind of control CCTV is?

Answer options

• A. Technical control
• B. Physical control
• C. Administrative control
• D. Management control

Correct answer: B

Explanation

The CCTV is classified as a physical control because it involves a tangible security measure designed to monitor and restrict access to the physical environment where the confidential files are stored. Technical controls typically refer to software or hardware solutions, while administrative and management controls involve policies and procedures rather than physical devices.