
Explanation:
Information control can be broadly classified into two categories: Behavioral controls and Technical controls. Behavioral controls involve the implementation of policies, procedures, and training programs that aim to influence the behavior of individuals who handle sensitive information. The primary objective of this category of information control is to minimize the potential for human error or deliberate misconduct that could compromise the confidentiality, integrity, or availability of information. This is achieved by addressing human behaviors related to the handling and protection of information. Behavioral controls are crucial in any information security framework as they directly deal with the human element, which is often considered the weakest link in the security chain.
Choice A is incorrect. "Protect" is not a category of information control but rather an action or measure taken within the framework of information control. It refers to the steps taken to safeguard sensitive data from unauthorized access, use, disclosure, disruption, modification, or destruction.
Choice B is incorrect. "Recover" also does not represent a category of information control. Instead, it's a part of disaster recovery planning which involves restoring operations critical for the resumption of business after a disaster or disruption in services.
Choice D is incorrect. "Detect" like protect and recover does not represent a category but rather an action within the framework of information control. It refers to identifying potential threats and vulnerabilities that could compromise data security.
Ultimate access to all questions.
Q.5117 A risk manager at a large bank claims that when talking about information control, it is important to consider the different types or categories of control that exist. These categories can provide a framework for understanding how information is being controlled, who has control over it, and what the implications of that control may be. Which of the following is a correct category of information control?
A
Protect
B
Recover
C
Behavioral
D
Detect
No comments yet.