(ISC)2 Certified in Cybersecurity Practice Exam

Technical controls are specifically designed to use technology as a means of achieving security objectives. These controls typically involve the application of hardware and software solutions to protect systems and data. Examples of technical controls include firewalls, intrusion detection systems, encryption, antivirus software, and access control systems. These measures help to enforce security policies, mitigate risks, and prevent unauthorized access to sensitive information.

In contrast, administrative controls focus on the policies, procedures, and governance systems outlined by an organization to manage risk and ensure compliance. Physical controls are related to securing the physical environment in which data and systems are housed, such as locks, surveillance cameras, and security personnel. Managerial controls encompass broader strategies for risk management but do not specifically involve technology as a primary method of achieving control objectives.

Thus, technical controls stand out as the type that explicitly employs technology in the maintenance and enhancement of security within an organization.