As the CCISO, senior executives would like to know what security control mechanisms to put in place to mitigate risk and protect the confidentiality, integrity, and availability (CIA) of CB Drifter Technologies assets. They have provided some initial questions and need to discuss them. In this week’s discussion provide a 2-3 paragraph total response to the following questions based on NIST control classes:
What are administrative controls and why are they considered soft controls?
What is the control class that provides hardware and software functionality, and what are some examples of its functions?
How does the physical control class protect people, assets, and facilities against physical threats?