You work as a Project Administrator for company.com Inc. You need to create a view that will allow
a Resource Manager to see the summary information, tracking, and work data, but not cost
information. Which part of the security controls what data a user can see?
A.
Categories
B.
Groups
C.
Local Security
D.
Permissions
Explanation:
Categories are the key to control what data a user can see and manage.
Answer option D is incorrect. Permissions control what a user can do with the system.
Answer option B is incorrect. Groups are the collections of users, such as Executive, Project
managers, and Team Members, who have common needs.
Answer option C is incorrect. Local security is not really an accurate term, but it describes the
security on a local system for the local interaction.
What are security controls?
Security controls are safeguards or countermeasures to avoid, counteract, or minimize security risks.
Security control monitoring requires choosing the security controls to be monitored. FIPS 199 can
support the selection of controls that are to be monitored. FIPS 199 helps in determining the
security categories of the information and information systems and identifies the elements that are
most critical to the organization. After the determination of security controls, the next function is to
assess whether the controls are performing as required in the system security plan. This task is done
by the information system owner. Security controls can be implemented through audits, self
assessments, and other evaluation methods. NIST Special Publication 800-53A provides a standard
approach for the assessment of security controls.