Cisco Cyber Security Practice Exam

What type of risk control is most appropriate for sensitive data that is frequently accessed?

• A. Technical controls
• B. Administrative controls
• C. Deterrent controls
• D. Physical controls

The correct answer is: Technical controls

The selection of technical controls for sensitive data that is frequently accessed is particularly appropriate due to the need for robust mechanisms that can enforce security measures on that data effectively. Technical controls encompass a variety of automated tools and technologies designed to protect information and systems from unauthorized access or breaches. This includes encryption, access controls, firewalls, intrusion detection systems, and authentication protocols. Since sensitive data is often accessed, implementing technical controls ensures that this data is continuously monitored and that protective measures are dynamically applied. These controls can restrict access based on user roles, encrypt data to ensure confidentiality, and provide logging capabilities to keep track of who accessed the data and when. This level of oversight and control is crucial for maintaining the integrity and confidentiality of sensitive information, especially in environments where data access is frequent and potentially vulnerable to threats. Other types of controls, such as administrative, deterrent, or physical controls, while important in a comprehensive security strategy, do not offer the same level of ongoing, automated protection that technical controls provide, particularly in scenarios involving frequent access to sensitive data. Administrative controls focus on policies and procedures, deterrent controls aim to prevent unwanted actions through warnings or consequences, and physical controls manage access to the physical locations where data resides. However, when it comes to