Which of the following is NOT a critical security aspect of Operations Controls?
A.
Controls over hardware.
B.
Data media used.
C.
Operators using resources.
D.
Environmental controls.
Explanation:
While it is important that environmental concerns are addressed they are part of the Physical Security Domain.
The Operations Security domain is concerned with the controls that are used to protect hardware, software, and
media resources from the following:
Threats in an operating environment
Internal or external intruders
Operators who are inappropriately accessing resources
Incorrect Answers:
A: Controls over hardware are a critical security aspect of Operations Controls.
B: Controls over the data media used are a critical security aspect of Operations Controls.
C: Controls over the operators using resources are a critical security aspect of Operations Controls.Krutz, Ronald L. and Russel Dean Vines, The CISSP Prep Guide: Mastering the Ten Domains of Computer
Security, John Wiley & Sons, New York, 2001, p. 207
Shon Harris puts physical security directly under Operations Security domain
(see CISSP all in one guide, 7th ed., p. 940)
Looks like books contradict each other. Damn…