CISSP – Information Systems Security Management Professional (ISSMP) — Question 12
Which of the following are the examples of administrative controls? Each correct answer represents a complete solution. Choose all that apply.
Answer options
- A. Security awareness training
- B. Security policy
- C. Data Backup
- D. Auditing
Correct answer: A, B
Explanation
The correct answers, A and B, represent administrative controls that focus on managing security through policies and training. Options C and D, while important, refer to technical controls and processes rather than administrative measures.