when we are talking about control categories we have administrative control, technical and physical, but why should include network activity and monitoring on administratif control?
Hey there - could you please specify which course and which lesson this is in reference to?
Without reviewing the surrounding context of the lesson this comes from, I would guess that network activity monitoring is considered Administrative because it describes personnel performing a function (monitoring network traffic) rather than the network monitoring technology itself (ie an IDS), which would be considered Technical.
it about CISA course , on control categories:
admin control
technical control
physical control
Okay, so this is the CISA Cert Prep Path. The Course is CISA: Information Systems Auditing Process, and the lesson is Lesson 7: Types of Controls, at around 3:04?
If so, I would stand by my explanation above - network monitoring is cited as an example of an administrative control insofar as the organization must make an active decision to properly monitor its networks and set guidelines and standards for doing so, while the technology used to accomplish this would be technical controls.
Controls don’t always fit into a single category. A camera for example is both detective (you can use it to spot security violations) and preventative (if you see a camera you are less likely to violate a security protocol). The answer you get will also depend on the certification you are studying for. CISA may well consider network monitoring an administrative control while CISSP may consider it a technical control.
I asked an AI, and got exactly what I expected:
" According to CISA, network monitoring is considered an administrative security control because it involves actively overseeing and managing network activity, which falls under the category of security policies and processes that control user behavior and system changes, including access levels and administrative actions."
" Yes, according to CISA, network monitoring is considered a technical security control. CISA emphasizes the importance of continuous network monitoring as a key element of securing networks, highlighting the need to collect and analyze logs to detect suspicious activity."