What type of security control enforces a rule of behavior through a policy or contract?

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

What type of security control enforces a rule of behavior through a policy or contract?

Explanation:
This question tests how governance-based controls enforce behavior. A directive control enforces a rule of behavior through policy or contract by creating obligations that people are required to follow, with consequences for non-compliance. This is governance in action—clear requirements in documents like an Acceptable Use Policy or a Non-Disclosure Agreement guide how users must act and what happens if they don’t. Deterrents aim to discourage behavior through perceived penalties but don’t themselves compel action via formal policy. Preventive controls are technical or physical measures that stop incidents from occurring (for example, access controls or firewalls). Compensating controls provide alternative protections when primary controls aren’t feasible. The directive approach is the best fit for enforcing behavior through policy or contract.

This question tests how governance-based controls enforce behavior. A directive control enforces a rule of behavior through policy or contract by creating obligations that people are required to follow, with consequences for non-compliance. This is governance in action—clear requirements in documents like an Acceptable Use Policy or a Non-Disclosure Agreement guide how users must act and what happens if they don’t.

Deterrents aim to discourage behavior through perceived penalties but don’t themselves compel action via formal policy. Preventive controls are technical or physical measures that stop incidents from occurring (for example, access controls or firewalls). Compensating controls provide alternative protections when primary controls aren’t feasible. The directive approach is the best fit for enforcing behavior through policy or contract.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy