A company's primary security measure for their sensitive server room is a biometric access control system. Due to a recent natural disaster, the biometric system is temporarily unavailable. Which of the following would be the BEST compensating control to implement immediately to ensure that only authorized personnel can access the server room while maintaining a similar level of security?
Disable access to the server room until the system is repaired.
Set up a temporary key code lock on the server room door.
Implement a sign-in/out log that is monitored by a security guard.
CCTV
Replace the biometric system with a standard key lock.
A sign-in/out log with a security guard would be the best compensating control because it would provide a record of all individuals accessing the server room and could be carefully monitored. While it's not as secure as biometric controls, it is a reasonable temporary measure that also ensures human oversight. Using a key code might still be secure but it doesn't provide an audit trail of who actually enters, as codes can be shared. CCTV is a deterrent and provides a record but does not control access. A standard key lock might be easy to implement but it is less secure than biometrics. A notice is simply a warning and does nothing to secure the area.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are biometric access control systems?
Open an interactive chat with Bash
What is a compensating control in cybersecurity?
Open an interactive chat with Bash
Why is a sign-in/out log considered better than just using a key code for access control?