Cisco Cyber Security Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Enhance your Cisco Cyber Security knowledge. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your Cisco Cyber Security Exam with our comprehensive quiz!

Practice this question and more.

Which control type is implemented when an organization sets policies on handling sensitive information?

Technical controls
Physical controls
Administrative controls
Deterrent controls

The correct answer is: Administrative controls

The implementation of policies on handling sensitive information falls under administrative controls. Administrative controls include the guidelines, rules, and procedures established by an organization to manage the behavior of personnel and ensure compliance with security practices. By setting these policies, the organization instills a framework that governs how employees must act regarding the protection and management of sensitive information. These controls are vital because they help mitigate risks associated with human error, negligence, or malicious actions. They provide clear expectations regarding responsibilities related to data protection, access restrictions, and incident response, ensuring that all personnel understand their roles in safeguarding sensitive information. Technical controls involve the use of technology to enforce security measures, such as firewalls or encryption. Physical controls relate to the physical security of facilities and assets, such as locks or surveillance cameras. Deterrent controls are designed to discourage unwanted actions but do not directly involve policy enforcement. Each of these control types serves distinct purposes; however, establishing policies is specifically an administrative function, focusing on human and organizational behavior rather than technology or physical measures.