(ISC)2 Certified in Cybersecurity Practice Exam

A fence is considered a preventive control in security terms because it serves as a physical barrier that deters unauthorized access to a property or sensitive area. By placing a fence around a facility, the intention is to prevent intruders from entering and to minimize the risk of theft, vandalism, or other security breaches. The primary function of a preventive control is to establish an obstacle that proactively mitigates potential threats before they can manifest.

This aligns with the core concept of preventive controls, which aim to reduce the likelihood of a security incident occurring. Fences, along with other physical deterrents such as walls, gates, and security barriers, are designed to keep unauthorized individuals out, thus protecting the assets and information within the secure area.

While access control also relates to regulating who can enter a space, it involves mechanisms like identification, authentication, and authorization processes rather than physical barriers alone. Management control typically refers to policies and procedures put in place to oversee security measures, while policy control encompasses the establishment and enforcement of rules governing security practices, which do not directly involve physical deterrents like a fence. Therefore, recognizing a fence as a preventive control highlights its role in proactively safeguarding against potential access threats.