Which of the following controls is MOST effective in providing reasonable assurance of physical
access compliance to an unmanned server room controlled with biometric devices?
A.
Regular review of access control lists
B.
Security guard escort of visitors
C.
Visitor registry log at the door
D.
A biometric coupled with a PIN
Explanation:
A review of access control lists is a detective control that will enable an information security
manager to ensure that authorized persons are entering in compliance with corporate policy.
Visitors accompanied by a guard will also provide assurance but may not be cost effective. A
visitor registry is the next cost-effective control. A biometric coupled with a PIN will strengthen the
access control; however, compliance assurance logs will still have to be reviewed.