Which items are established as monitoring and controls for infrastructure?

Prepare for the Certified Third-Party Risk Professional (CTPRP) Exam with our comprehensive quizzes. Use multiple choice questions with detailed explanations to ensure success. Maximize your study time and get ready to ace the exam!

Multiple Choice

Which items are established as monitoring and controls for infrastructure?

Explanation:
The main concept is physical monitoring and control of infrastructure through an integrated, auditable evidence trail. Video surveillance provides real-time visibility and a recorded history of activity at critical points. Electronic access control at essential ingress and egress points restricts entry to authorized individuals and creates an event record. Correlating video with card-access data links the person, time, and location, giving a precise, accountable trail for investigations. Retaining both video and access logs ensures the information is available for forensic analysis and regulatory or contractual requirements. Other options focus on cybersecurity controls or human/organizational procedures. While firewall rules, IDS, patch management, and data loss prevention are important for protecting IT networks and systems, they address digital infrastructure rather than the physical monitoring of infrastructure. The third set emphasizes personnel screening, security awareness, audits, and disposal processes, which are governance and lifecycle controls rather than ongoing monitoring of the physical environment. The fourth set covers routine IT hygiene and risk assessment activities, not direct physical infrastructure monitoring and control.

The main concept is physical monitoring and control of infrastructure through an integrated, auditable evidence trail. Video surveillance provides real-time visibility and a recorded history of activity at critical points. Electronic access control at essential ingress and egress points restricts entry to authorized individuals and creates an event record. Correlating video with card-access data links the person, time, and location, giving a precise, accountable trail for investigations. Retaining both video and access logs ensures the information is available for forensic analysis and regulatory or contractual requirements.

Other options focus on cybersecurity controls or human/organizational procedures. While firewall rules, IDS, patch management, and data loss prevention are important for protecting IT networks and systems, they address digital infrastructure rather than the physical monitoring of infrastructure. The third set emphasizes personnel screening, security awareness, audits, and disposal processes, which are governance and lifecycle controls rather than ongoing monitoring of the physical environment. The fourth set covers routine IT hygiene and risk assessment activities, not direct physical infrastructure monitoring and control.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy