McGraw Questions are strange

There are few questions I would like to discuss here but I will go 1 by 1.

What kind of controls would you consider below controls? (Administrative, Technical, Physical)

audit trails

separation of duties

A note for the moderators of this forum. McGraw questions are free and I am not sharing copyrighted content here

Find more posts tagged with

Comments

cyberguypr

ISC2 considers audit trails a technical control. Separation of duties is administrative.

Ertaz

Hunter85 wrote: »

There are few questions I would like to discuss here but I will go 1 by 1.

What kind of controls would you consider below controls? (Administrative, Technical, Physical)

audit trails

separation of duties

A note for the moderators of this forum. McGraw questions are free and I am not sharing copyrighted content here

My Take:

Audit Trails are a technical control, since they are in the context of security.
Separation of duties is an administrative control.

Ertaz

cyberguypr wrote: »

ISC2 considers audit trails a technical control. Separation of duties is administrative.

Beat me to it!

Hunter85

I couldnt find anything about auditing on Sybex 7th edition but according to Shon Harris

"Auditing tools are technical controls that track activity within a network, on a network device, or on a specific computer."

[FONT=Arial, Helvetica, sans-serif]Auditing tools are technical controls. The term tool brings a different aspect to the terminology.[/FONT]

But Audit Trail is something a senior management enforces admins to do

I know I am not the first person to challenge these kind of concepts but it is hard for me to think it as a technical control while everyone here advises me to think like a manager

TheFORCE

Hunter85 wrote: »

But Audit Trail is something a senior management enforces admins to do

I know I am not the first person to challenge these kind of concepts but it is hard for me to think it as a technical control while everyone here advises me to think like a manager

Just because senior management enforces a control, does not make that control an administrative control. Management comes up with all the type of controls, administrative, technical or physical. That's what you should understand.

Ertaz

Hunter85 wrote: »

I couldnt find anything about auditing on Sybex 7th edition but according to Shon Harris
I know I am not the first person to challenge these kind of concepts but it is hard for me to think it as a technical control while everyone here advises me to think like a manager

Arguing with their train of thought is self-defeating. If you have the Sybex 7th Ed, I'd encourage you to review the box on page 742 to see the clarification for the two meanings.

Hunter85

I am not trying to argue I am just a person that dont like memorizing and wants to learn how the logic work

So the logic I had was, every type of control that is electronic falls under technical control. Which also covers audit tools such as audit log repositories but audit trails are not type of electronic tools.

Again I am not trying to argue, I guess I just need to accept it as it is.

I have Sybex 7th edition but it is digital (with no page numbers) could you please provide chapter and subject names?

cyberguypr

An audit trail is a series of records of computer events, about an operating system, an application, or user activities. By definition, technical in nature. This is in several NIST publications and also in ISO 27001, which are the foundation of the CBK. When you encounter things like this that seem contradictory your best route is to check frameworks, standards, etc. to see how that is different form what an author may present. Remember that books do not cover everything in an evident manner.

Ertaz

Hunter85 wrote: »

I am not trying to argue I am just a person that dont like memorizing and wants to learn how the logic work

So the logic I had was, every type of control that is electronic falls under technical control. Which also covers audit tools such as audit log repositories but audit trails are not type of electronic tools.

Again I am not trying to argue, I guess I just need to accept it as it is.

I have Sybex 7th edition but it is digital (with no page numbers) could you please provide chapter and subject names?

My electronic version has page numbers. Weird.

Chapter 17 ■ Preventing and Responding to Incidents, Logging, Monitoring, and Auditing

Hunter85

Another question about audit trails, it looks like everybody wants to put it into another control type

Audit trails are a valuable tool used by security professionals. They can uncover access control violations, imporoper operating procedures, employee mistakes and a host of other useful data. Which one of the following control types do audit trails fall under

1) Physical
2)Corrective
3) Accountability
4)Administrative

jt2929

Hunter85 wrote: »

Another question about audit trails, it looks like everybody wants to put it into another control type

Audit trails are a valuable tool used by security professionals. They can uncover access control violations, imporoper operating procedures, employee mistakes and a host of other useful data. Which one of the following control types do audit trails fall under

1) Physical
2)Corrective
3) Accountability
4)Administrative

3-Accountability. "Auditing capabilities ensure users are accountable for their actions, verify that the security policies are enforced, and can be used as investigation tools.....Accountability is tracked by recording user, system, and application activities...through auditing functions..." Shon Harris