Certified Information Security Manager (CISM) Practice Exam

A surveillance camera is categorized as a type of physical control because it involves tangible security measures aimed at protecting the physical premises and assets within. Physical controls are mechanisms that deter unauthorized access through physical means, such as locks, fences, and surveillance systems.

Surveillance cameras specifically help monitor environments, acting as a deterrent to potential intruders and ensuring that any unauthorized activities can be recorded and reviewed. This aligns with the overarching goal of physical controls, which is to safeguard the physical environment and the valuable assets located within it.

In contrast, technical controls rely on technology to restrict access and protect data, such as firewalls or encryption. Administrative controls involve policies and procedures established to govern user behavior and security protocols. Logical controls focus on software-based security mechanisms, like access controls within applications or databases. Thus, the classification of a surveillance camera as a physical control highlights its role in the tangible protection of a facility.