Access Control Question.

16 views
Skip to first unread message

VT

unread,
Aug 10, 2018, 10:03:01 PM8/10/18
to CISSP Study Mailing List
What type of access control system is deployed to physically deter unwanted or unauthorized activity and access?

A. Preventive access control

B. Deterrent access control

C. Directive access control

D. Compensation access control

Anil Kumar K

unread,
Aug 11, 2018, 3:01:09 AM8/11/18
to cissp...@googlegroups.com
Preventive. Access controls r preventive in nature.

From: cissp...@googlegroups.com <cissp...@googlegroups.com> on behalf of VT <mgr...@gmail.com>
Sent: Saturday, August 11, 2018 7:33:01 AM
To: CISSP Study Mailing List
Subject: [CCCure_CISSP_Talks] Access Control Question.
 
--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.
To post to this group, send email to cissp...@googlegroups.com.
Visit this group at https://groups.google.com/group/cissptalks.
To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/642d07a0-d5a7-4f09-a1b2-c6077e89c990%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

lead...@gmail.com

unread,
Aug 11, 2018, 4:32:12 AM8/11/18
to cissp...@googlegroups.com
For me B. Deterrent Access control. 

BR//
Josepha HODE.

Anil Kumar K

unread,
Aug 11, 2018, 1:42:29 PM8/11/18
to cissp...@googlegroups.com
Hmm.  But I doubt if any controls r designed just to deter. I mean there is no point when the same fictionally can be used to prevent.

Let us know the answer Venky

From: cissp...@googlegroups.com <cissp...@googlegroups.com> on behalf of lead...@gmail.com <lead...@gmail.com>
Sent: Saturday, August 11, 2018 2:02:08 PM
To: cissp...@googlegroups.com
Subject: Re: [CCCure_CISSP_Talks] Access Control Question.
 

Clement Dupuis

unread,
Aug 12, 2018, 8:38:48 AM8/12/18
to cissp...@googlegroups.com
Great discussion!

It all comes back to:  What is the question?   You must find out which answer matches BEST with the question.

It is well known that most of the controls will work in more than one way.  A surveillance camera can deter a crime,  but it can also be used as a detective mechanism later on when you watch the recording.

Let's review the question and use the process of elimination to see what could be the right answer:

What type of access control system is deployed to physically deter unwanted or unauthorized activity and access?

A. Preventive access control

B. Deterrent access control

C. Directive access control

D. Compensation access control
Choice D, does not match very well with the question.  There is nowhere in the question they mention that another control failed and you need another control to compensate for the one that failed.  We can easily eliminate D as not a valid choice.

Choice C, a directive control is usually in the form of policies, procedures, guidelines, baseline, etc...    So this can be eliminated as well considering the question specifically talks about PHYSICALLY deter.

Now we are left with two choices.   Preventive and Deterrent.

Preventive controls are hard controls that can stop someone attempting to commit a crime or a crime from being committed (hard controls).    I don't see this being describe anywhere in the question.

This is why I would also go with B as the best choice for this specific question.  The word DETER kind of gives it away.

Best regards

Clement






---------------------------------------------------------------------------------------------

Clement Dupuis, CD
CCCure Owner and Founder
Chief Learning Officer (CLO) and Security Evangelist
Owner and Founder of the CCCure Family of Portals
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

For support or queries send an email to:  Sup...@CCCure.Com

----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Learning Portal  -  Find the best Security Tutorials

The **NEW** CCCure Quiz Engine
 
Knowledge sharing and giving back to the community


DO YOU WANT VIDEO RECORDING FROM WITHIN YOUR CHROME BROWSER?

Use LOOM a great video recording tool that is easy to use and integrated within Chrome:


To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+unsubscribe@googlegroups.com.

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+unsubscribe@googlegroups.com.

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+unsubscribe@googlegroups.com.

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+unsubscribe@googlegroups.com.

To post to this group, send email to cissp...@googlegroups.com.
Visit this group at https://groups.google.com/group/cissptalks.
To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CY4PR03MB24216BE08CA114C170016CAFAB3B0%40CY4PR03MB2421.namprd03.prod.outlook.com.

Venky T

unread,
Aug 12, 2018, 11:21:22 AM8/12/18
to cissp...@googlegroups.com
Thank you for your comments Clement. I also marked that answer B - Deterrent Access Control...but got answer feedback for that question stating that it was wrong with the explanation mentioned below  stating that A - Preventive Access control is correct (which I feel its not the right answer) as the question asked about - physically deter unwanted or unauthorized activity and access

Answer feedback from practice question - 

Preventive access control is deployed to stop unwanted or unauthorized activity from occurring.

-- V.T.


To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.

To post to this group, send email to cissp...@googlegroups.com.
Visit this group at https://groups.google.com/group/cissptalks.
To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CY4PR03MB24216BE08CA114C170016CAFAB3B0%40CY4PR03MB2421.namprd03.prod.outlook.com.
For more options, visit https://groups.google.com/d/optout.

--
===========================================================
Another resource brought to you by CCCure for our Learners
 
Having any issues, contact us at: sup...@cccure.com
 
Visit our NEW quiz at: https://cccure.education/
 
Visit our learning portal at: https://cccure.training
 
Visit the CCCure web store at: https://www.cccure.com
===========================================================
---
You received this message because you are subscribed to the Google Groups "CISSP Study Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cissptalks+...@googlegroups.com.

To post to this group, send email to cissp...@googlegroups.com.
Visit this group at https://groups.google.com/group/cissptalks.
To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CAF-gS5gU%2BLpyBZs%3DxxbgwkR4wtSMX5_JnOML_cpDpMACeXMRTw%40mail.gmail.com.

Anil Kumar K

unread,
Aug 12, 2018, 11:26:23 AM8/12/18
to cissp...@googlegroups.com
place controls in below order. Which is ideal stuff

Prevent > detective > corrective
“strong" deterrent is preventive too.. As it discourage attacker.

This part at times become tricker to digest...

From: cissp...@googlegroups.com <cissp...@googlegroups.com> on behalf of Venky T <mgr...@gmail.com>
Sent: Sunday, August 12, 2018 8:51:09 PM

Venky T

unread,
Aug 12, 2018, 12:47:29 PM8/12/18
to cissp...@googlegroups.com
I appreciate your comment, can you please provide any reference from you found that explanation related to your comments ?

From the recent edition of CISSP book, I see the below mentioned explanation - 

Deterrent control is deployed to discourage violation of security policies. Deterrent and preventive controls are similar, but deterrent controls often depend on individuals deciding not to take an unwanted action. In contrast, a preventive control actually blocks the action. Some examples include policies, security-awareness training, locks, fences, security badges, guards, mantraps, and security cameras.

Preventive control is deployed to thwart or stop unwanted or unauthorized activity from occurring. Examples of preventive controls include fences, locks, biometrics, mantraps, lighting, alarm systems, separation of duties, job rotation, data classification, penetration testing, access-control methods, encryption, auditing, presence of security cameras or closed-circuit television (CCTV), smartcards, callback procedures, security policies, security-awareness training, antivirus software, firewalls, and intrusion prevention systems (IPSs).

Chapple, Mike. (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide (pp. 79-80). Wiley. Kindle Edition.

Based on the above mentioned explanation, I am sure that answer should have been "Deterrent Access Control" for that question. 

If anyone has any other explanation or comments, pls share.

-- V
.
T.


To view this discussion on the web visit https://groups.google.com/d/msgid/cissptalks/CY4PR03MB2421748085895BB62366DADCAB3A0%40CY4PR03MB2421.namprd03.prod.outlook.com.

Anil Kumar K

unread,
Aug 12, 2018, 12:52:51 PM8/12/18
to cissp...@googlegroups.com
From my understanding if the context is not very clear then always fall back to preventive.

Question phrased in a bad context here. It says deter and or unauthorized activity and access.

Sent: Sunday, August 12, 2018 10:17:16 PM
Reply all
Reply to author
Forward
0 new messages