CompTIA Security Plus Mock Test Q204

Three of the primary security control types that can be implemented are.

A. Supervisory, subordinate, and peer.
B. Personal, procedural, and legal.
C. Operational, technical, and management.
D. Mandatory, discretionary, and permanent.


Correct Answer: C
Section: Compliance and Operational Security

Explanation:
The National Institute of Standards and Technology (NIST) places controls into various types. The control types fall into three categories: Management, Operational, and Technical.
Incorrect Answers:
A: Supervisory, subordinate and peer are not primary security control types.
B: Personal, procedural and legal controls are subsections of managerial control types.
D: Mandatory, discretionary and permanent control types are methods of access control that can be implemented.
References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 26-27
http://www.professormesser.com/security-plus/sy0-401/control-types-2/