New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 ISSMP Exam - Topic 5 Question 76 Discussion

Actual exam question for ISC2's ISSMP exam
Question #: 76
Topic #: 5
[All ISSMP Questions]

Which of the following are examples of administrative controls that involve all levels of employees within an organization and determine which users have access to what resources and information? Each correct answer represents a complete solution. Choose three.

Show Suggested Answer Hide Answer
Suggested Answer: D

A hot site is a duplicate of the original site of the organization, with full computer systems as well as near-complete backups of user data. It provides the backup facility, which is maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility.

A hot site is a backup site in case disaster has taken place in a data center. A hot site is located off site and provides the best protection. It is an exact replica of the current data center. In case a disaster struck to the data center, administrators just need to take the backup of recent

data in hot site and the data center is back online in a very short time. It is very expensive to create and maintain the hot site. There are lots of third party companies that provide disaster recovery solutions by maintaining hot sites at their end.

Answer option B is incorrect. A cold site is a backup site in case disaster has taken place in a data center. This is the least expensive disaster recovery solution, usually having only a single room with no equipment. All equipment is brought to the site after the disaster. It can be on site or off site.

Answer option A is incorrect. Mobile sites are self-reliant, portable shells custom-fitted with definite telecommunications and IT equipment essential to meet system requirements. These are presented for lease through commercial vendors.

Answer option C is incorrect. A warm site is, quite logically, a compromise between hot and cold sites. Warm sites will have hardware and connectivity already established, though on a smaller scale than the original production site or even a hot site. These sites will have backups on hand, but they may not be complete and may be between several days and a week old. An example would be backup tapes sent to the warm site by courier.


by Ciara at Dec 10, 2023, 05:54 AM

Limited Time Offer

25%

Off

Get Premium ISSMP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Dalene
3 months ago
I agree, D is essential for all employees to understand their roles!
upvoted 0 times
...
Destiny
3 months ago
Wait, are we sure about B? Seems off for access control.
upvoted 0 times
...
Brent
3 months ago
A doesn't really fit the bill, right?
upvoted 0 times
...
Sarina
4 months ago
I think D is also super important for access control.
upvoted 0 times
...
Rory
4 months ago
Definitely C, network authentication is key!
upvoted 0 times
...
Aretha
4 months ago
I feel like encryption is more of a technical control rather than an administrative one, so I’m leaning towards A, C, and D for the answers.
upvoted 0 times
...
Antonio
4 months ago
Network authentication seems like a clear example, but I’m a bit confused about whether disaster preparedness counts as an administrative control.
upvoted 0 times
...
Dortha
4 months ago
I remember discussing training and awareness as a key part of administrative controls in class. It definitely involves all employees.
upvoted 0 times
...
Yuonne
5 months ago
I think employee registration and accounting might be an administrative control, but I'm not entirely sure if it fits the criteria for access control.
upvoted 0 times
...
Alayna
5 months ago
This is a good question to test our knowledge of administrative controls. I'll go with the options that clearly involve all employees and access management, like network authentication and training.
upvoted 0 times
...
Sylvia
5 months ago
I'm a little confused by the wording of this question. I want to make sure I understand the difference between administrative controls and other types of controls before selecting my answers.
upvoted 0 times
...
Leanna
5 months ago
Okay, let's see. Employee registration and accounting, training and awareness - those seem like good options that involve all employees and control access. I'll mark those.
upvoted 0 times
...
Von
5 months ago
Hmm, I'm a bit unsure about this one. I'll need to carefully read through the options and think about which ones best fit the criteria.
upvoted 0 times
...
Tesha
5 months ago
This looks like a straightforward question on administrative controls. I'll focus on the key criteria of involving all levels of employees and determining access to resources and information.
upvoted 0 times
...
Rory
5 months ago
Okay, let's see. I think the key is to focus on the new subnet implementation and what needs to be done after that.
upvoted 0 times
...
Kenneth
5 months ago
Okay, I think I've got this. The Auto-Redaction feature is designed to accelerate the redaction process by automatically finding and redacting sensitive information. Choice C seems to capture that purpose the best.
upvoted 0 times
...
Murray
5 months ago
Ugh, I'm struggling with this one. I know the marketing mix is important, but I'm having trouble remembering the specific elements of the product component. I'll just have to make an educated guess and hope for the best.
upvoted 0 times
...
Mona
5 months ago
I remember studying the Rules Centralization pattern; it sounds like a good way to make things more efficient by centralizing the routing logic.
upvoted 0 times
...
Rolande
5 months ago
This question seems straightforward, I'll carefully review the characteristics and match them to the options.
upvoted 0 times
...
King
9 months ago
Network authentication, training, and encryption? Yep, that's the way to go! Though I have to admit, the accountants might be a little miffed about all the extra security measures cutting into their lunch break.
upvoted 0 times
Adelle
8 months ago
Accountants may need to adjust to new security measures.
upvoted 0 times
...
Germaine
8 months ago
Encryption helps protect sensitive information.
upvoted 0 times
...
Darell
9 months ago
Training and awareness are important for all employees.
upvoted 0 times
...
Marvel
9 months ago
Network authentication is crucial for security.
upvoted 0 times
...
...
Isaiah
9 months ago
Aha, I've got it! C, D, and E are the way to go. Gotta love those network authentication, training, and encryption measures. Though I have to say, the disaster recovery plans might come in handy if the IT folks accidentally delete the entire database. Oops!
upvoted 0 times
...
Xuan
10 months ago
Okay, let's see here... C, D, and E, no doubt. Gotta keep those hackers at bay with some good old-fashioned authentication, training, and encryption. Though I do wonder if the accountants are having a field day with all this security stuff.
upvoted 0 times
Rhea
8 months ago
User 3: Absolutely, it's important to have a strong security framework in place. Employee registration and accounting may not be as exciting, but it's crucial for overall security.
upvoted 0 times
...
Stefany
8 months ago
User 2: I agree, those are essential for keeping our data secure. And I'm sure the accountants are busy keeping track of all the expenses for these security measures.
upvoted 0 times
...
Leanora
8 months ago
User 1: C, D, and E are definitely the way to go. Can't go wrong with network authentication, training, and encryption.
upvoted 0 times
...
...
Janae
10 months ago
Hmm, let me think... I'd say C, D, and E for sure. Keeping those networks secure and users informed is key. Though I have to admit, the disaster recovery plans are pretty important too.
upvoted 0 times
Stevie
8 months ago
User 3: Encryption is essential to protect sensitive information from unauthorized access.
upvoted 0 times
...
Tayna
9 months ago
User 2: Employee training and awareness is also important to prevent security breaches.
upvoted 0 times
...
Andra
9 months ago
User 1: I agree, network authentication is crucial for security.
upvoted 0 times
...
...
Edwin
10 months ago
Ah, this one's a tricky one! I'm pretty sure the answer involves C, D, and E. Gotta love those authentication, training, and encryption measures, am I right?
upvoted 0 times
Margart
9 months ago
It's crucial to have a combination of controls in place to protect sensitive data and prevent unauthorized access.
upvoted 0 times
...
Erasmo
9 months ago
Absolutely, those measures help ensure that only authorized users have access to resources and information.
upvoted 0 times
...
Helga
9 months ago
I think you're right! Network authentication, training, and encryption are all important administrative controls.
upvoted 0 times
...
...
Elsa
10 months ago
I would also add B to the list. Disaster preparedness and recovery plans are crucial for ensuring business continuity in case of emergencies.
upvoted 0 times
...
Verona
11 months ago
I agree with Valentin. Network authentication, training and awareness, and employee registration and accounting are all important for controlling access to resources.
upvoted 0 times
...
Valentin
11 months ago
I think C, D, and A are the examples of administrative controls.
upvoted 0 times
...

Save Cancel