Deterrent Controls

5 minutes 5 Questions

Deterrent Controls are intended to discourage potential attackers from conducting security breaches. These controls do not necessarily prevent unauthorized actions but create an environment that increases the perceived risk or potential consequences of compromising security. Examples of deterrent controls include security policies, warning signs, access controls, security personnel presence, and security-awareness training. CISSP courses stress the importance of implementing deterrent controls to lower the likelihood of security incidents by making it less appealing for an attacker to target the organization.

Guide to Deterrent Controls

Deterrent Controls are a type of security control aimed at discouraging or preventing malicious or accidental actions within a system or network.

Why it is important:
These controls are essential for maintaining system integrity and discouraging unwanted actions. They act as a warning to potential attackers and could potentially deter them from attacking.

What it is:
Examples of deterrent controls are 'No trespassing' signs, warning banners on websites about unauthorized access, and policies outlining penalties for misuse or unauthorized access to information.

How it works:
Deterrent controls work by creating fear of penalty or negative consequences if an unwanted action is conducted. It is psychological in nature, aiming at discouraging rather than completely stopping unwanted actions.

How to answer questions regarding Deterrent Controls in an exam:
Focus on understanding the psychological mechanism behind deterrent controls, how they are implemented and in what contexts they are most effective.

Exam Tips: Answering Questions on Deterrent Controls
Questions about deterrent controls often focus on application and effectiveness. You may be asked about examples of deterrent controls or how deterrent controls could be implemented in a given scenario. When answering, provide clear examples and ensure to highlight the preventative nature of these controls.

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

A company wants to reduce employee theft in the warehouse. Which deterrent control is most effective?

Increasing workload for employees Terminating employees without warning Disallowing breaks during work hours Implementing security cameras with visible signage

Correct Answer: Implementing security cameras with visible signage

Security cameras with visible signage deter theft by making the employees aware that their actions are being monitored, thus reducing the likelihood of theft. The other options are not effective deterrent controls and may potentially lead to legal and morale issues.

Question 2

A bank wants to deter armed robberies in its branches. Which security measure would be most effective as a deterrent control?

Increasing the speed of transactions Offering candy to customers upon entry Playing classical music throughout the branch Hiring armed security guards and publicizing their presence

Correct Answer: Hiring armed security guards and publicizing their presence

Armed security guards are a visible deterrent to armed robberies, especially if their presence is well-publicized as a security measure. The other options do not serve as deterrent controls for potential robbers.

Question 3

An organization wants to deter unauthorized physical access to their office. Which deterrent control should they implement?

Giving one employee the title of security guard Only allowing access during business hours Making employees wear company apparel Installing access control systems with a badge or card reader

Correct Answer: Installing access control systems with a badge or card reader

Installing access control systems with badge or card readers effectively deters unauthorized access as it requires valid authentication and restricts access to only authorized personnel. Other options listed do not provide effective deterrence or could lead to other security issues.

Go Premium