CompTIA Security Plus Mock Test Q207

Which of the following is a management control?

A. Logon banners
B. Written security policy
C. SYN attack prevention
D. Access Control List (ACL)


Correct Answer: B
Section: Compliance and Operational Security

Explanation:
Management control types include risk assessment, planning, systems and Services Acquisition as well as Certification, Accreditation and Security Assessment; and written security policy falls in this category.

Incorrect Answers:
A: Logon banners are configuration management which is an operational control type.
C: SYN attack prevention is done by exercising technical control measures.
D: ACLs are technical control measures.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 27