Certified Information Systems Security Professional (CISSP) Practice Exam

The objective of technical controls in a security system is to:

• A. Educate users on security practices
• B. Restrict logical access to information technology systems
• C. Improve user experience
• D. Create physical barriers to unauthorized access

The correct answer is: Restrict logical access to information technology systems

The primary goal of technical controls within a security system is to restrict logical access to information technology systems. Technical controls involve the deployment of software and hardware mechanisms that enforce security policies by regulating who can access specific resources and in what manner. This includes the use of authentication methods, access control lists, encryption, and network security measures, all of which serve to limit access based on predefined rules and user roles. Restricting access is crucial because it protects sensitive information and resources from unauthorized users, thereby mitigating risks associated with data breaches and cyber threats. Effective technical controls ensure that only authorized personnel have the necessary permissions to interact with systems and sensitive data, creating a secure environment. The other options serve different purposes. For instance, educating users on security practices focuses on increasing awareness and promoting safe behaviors, while improving user experience aims to make systems more user-friendly. Creating physical barriers relates to physical security controls, which do not fall under the category of technical controls but rather address the protection of physical assets and locations.