CISSP – Information Systems Security Architecture Professional (ISSAP) — Question 53
An access control secures the confidentiality, integrity, and availability of the information and data of an organization. In which of the following categories can you deploy the access control? Each correct answer represents a part of the solution. Choose all that apply.
Answer options
- A. Detective access control
- B. Corrective access control
- C. Administrative access control
- D. Preventive access control
Correct answer: D, A, B
Explanation
The correct answers are Preventive, Detective, and Corrective access controls as they all play a role in protecting data. Preventive access control aims to prevent security incidents, Detective access control identifies and detects incidents, while Corrective access control aims to rectify the damage caused by security breaches. Administrative access control, however, is more about management policies and does not directly secure data.