A security engineer implements multiple technical measures to secure an enterprise network. The engineer also works with the Chief Information Officer (CIO) to implement policies to govern user behavior.
Which of the following strategies is the security engineer executing?
A. Baselining
B. Mandatory access control
C. Control diversity
D. System hardening
Hi, I think the key to this one is reading the question. The key words are ” multiple technical measures”
This directs you to the control diversity or many different types of control.
There seems to be a lot of strangely worded questions in this exam..I will certainly read twice and click once!
“Control diversity is the use of different security control types, such as technical controls, administrative controls, and physical controls. For example, technical security controls such as firewalls, intrusion detection systems (IDSs), and proxy servers help protect a network.”
I thought it was D as well then I looked into Control Diversity and it looks like C is right after all. This is one where you have to pick the “most right” answer, since yes, this is system hardening, but it more directly is referring to implementing different security control types (in this case technical and administrative).
D No mention of different vendors. This is just simple System Hardening.