(ISC)2 Certified in Cybersecurity Practice Exam

The correct choice emphasizes the role of technology in enforcing access controls, which is the defining characteristic of technical controls. These controls use hardware and software solutions to manage who can access information and systems, ensuring that only authorized users can gain entry or interact with resources. Examples include firewalls, encryption, intrusion detection systems, and access control lists, all of which are specifically designed to protect data and prevent unauthorized access through technology.

In contrast, physical barriers rely on tangible measures to restrict access, such as locks and guards. Administrative controls depend on policies, procedures, and protocols set by an organization to govern behavior and access to information, emphasizing human factors rather than technological means. Legal controls involve laws and regulations that dictate what is permissible regarding data access and privacy enforcement, often requiring compliance but not actively enforcing access on a technical level. Thus, the focus on technology as a primary enforcer of access rights clearly identifies technical controls as the correct choice in this context.