[Cisspstudy] access controls
Andrea Gatta
andrea.gatta at gmail.com
Thu Oct 29 10:25:51 EDT 2009
Access control policies establish the 'who' can access 'what' and the
actions permitted. The policy taken by itself would be an administrative
control.
They key to this question is in the that it specifies the context adding
that the pairings 'use technology to enforce access control policies'. Which
in turn sets the focus on the 'instrument'.
I agree the question was a bit tricky but for the purpose of the exam you
must be able to reason through it and and don't let keywords put you off
track. Always look at the context of the question and try to understand what
the question is really asking.
Hope that helps.
Andrea
On Thu, Oct 29, 2009 at 1:19 PM, Gaurav C <gaurav_va at yahoo.com> wrote:
> I came across a questions ie.
> Question: 503
> Which of the following pairings uses technology to enforce access control
> policies?
>
> * Preventive/Administrative
> * ›Preventive/Technical
> * Preventive/Physical
> * Detective/Administrative
>
> I have marked answer Preventive/Administrative considering that since
> polices are dealt in Administrative part so Preventive/Administrative is the
> right answer
>
> But answer that is give is Preventive/Technical can anyone explain more
> about it
>
>
>
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20091029/4616a594/attachment.html>
More information about the cisspstudy
mailing list