ISC2 Governance, Risk and Compliance (CGRC) Practice Question
During planning for a new system, the risk management team must classify safeguards. Which example below best represents an operational control rather than a management or technical control according to NIST SP 800-53?
Enforcing TLS 1.2 encryption for all database connections
Approving a system security plan in the governance committee
Conducting semiannual incident response tabletop exercises with key staff
Automating account lockout after five unsuccessful login attempts
Operational controls are safeguards that rely chiefly on people and procedural activities. Conducting incident response tabletop exercises is performed by staff following documented procedures and is categorized by NIST SP 800-53 in the Incident Response (IR) family, which is an operational family. TLS encryption and automated account lockout are system-enforced technical controls, while approval of a system security plan is a governance activity classified as a management control. Therefore, the tabletop exercise is the only option that clearly fits the operational category.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are operational controls in NIST SP 800-53?
Open an interactive chat with Bash
How does an incident response tabletop exercise work?
Open an interactive chat with Bash
Why is enforcing TLS encryption considered a technical control?
Open an interactive chat with Bash
ISC2 Governance, Risk and Compliance (CGRC)
Implementation of Security and Privacy Controls
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .