ExamTopics Logo
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CRISC All Questions

View all questions & answers for the CRISC exam
Go to Exam

Exam CRISC topic 1 question 164 discussion

Actual exam question from Isaca's CRISC
Question #: 164
Topic #: 1
[All CRISC Questions]

You are the project manager of GHT project. You have applied certain control to prevent the unauthorized changes in your project. Which of the following control you would have applied for this purpose?

  • A. Personnel security control
  • B. Access control
  • C. Configuration management control
  • D. Physical and environment protection control
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Configuration management control is a family of controls that addresses both configuration management and change management. Change control practices prevent unauthorized changes. They include goals such as configuring systems for least functionality as a primary method of hardening systems.
Incorrect Answers:
A: The Personal security control is family of controls that includes aspects of personnel security. It includes personnel screening, termination, and transfer.
B: Access control is the family of controls that helps an organization implement effective access control. They ensure that users have the rights and permissions they need to perform their jobs, and no more. It includes principles such as least privilege and separation of duties.
D: Physical and environment protection control are the family that provides an extensive number of controls related to physical security.
by Owais2684 at July 31, 2023, 7:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Kennethlim79
1 month, 2 weeks ago
Out of these, Access control (option B) and Configuration management control (option C) are controls that specifically prevent unauthorized changes to documents, code, systems configurations, etc. So B and C are potentially valid controls the project manager might have implemented to prevent unauthorized changes in the GHT project. I would select option B "Access control" as the best answer here. It is the primary mechanism to allow only authorized people to make changes to project resources.
upvoted 2 times
...
Owais2684
5 months, 2 weeks ago
Why not B. Access Control?
upvoted 1 times
HS2804
5 months ago
They referring to unauthorised changes. So should be referring configuration I guess
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago