PECB Lead Implementer (ISO/IEC 27001) — Question 3

According to scenario 2, Beauty has reviewed all user access rights. What type of control is this?

Answer options

• A. Detective and administrative
• B. Corrective and managerial
• C. Legal and technical

Correct answer: A

Explanation

The correct answer is A because reviewing user access rights is a preventive measure that can help identify unauthorized access, thus acting as a detective control. Options B and C do not accurately describe the nature of this action, as they pertain to other control types that do not involve the assessment of access permissions.