A company's primary security measure for their sensitive server room is a biometric access control system. Due to a recent natural disaster, the biometric system is temporarily unavailable. Which of the following would be the BEST compensating control to implement immediately to ensure that only authorized personnel can access the server room while maintaining a similar level of security?
Disable all access to the server room until the system is repaired.
Implement a sign-in/out log that is monitored by a security guard.
Set up a temporary key code lock on the server room door.
Replace the biometric system with a standard key lock.
A sign-in/out log monitored by a security guard is the best compensating control in this scenario. A compensating control is an alternative measure used when a primary control is not available. The combination of a guard (a preventive control) and a log (a detective control) provides a temporary solution that actively controls access and creates a detailed audit trail, closely mimicking the function and security level of the original biometric system. A key code lock is less secure as the code can be shared, and it does not provide a reliable audit trail of individual identity. Replacing the system with a standard key lock is a significant security downgrade. Disabling all access is often not practical from a business operations standpoint, as it impacts availability.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is a sign-in/out log with a security guard considered a good temporary compensating control?
Open an interactive chat with Bash
Why is CCTV not an appropriate immediate compensating control for access control?
Open an interactive chat with Bash
How does a biometric system improve security compared to compensating controls like a security guard or key lock?