FITSI Manager Practice Exam

"Media Protection" falls under Physical Control because it involves safeguarding physical storage devices and storage media that contain sensitive information. This includes ensuring that media are properly sanitized, stored, transported, and disposed of so that unauthorized access to data is prevented. Physical controls are essentially measures that protect the physical aspects of information technology resources, addressing risks associated with physical threats such as theft, damage, or unauthorized access.

In the context of security and privacy controls, the focus on protecting the physical media directly relates to safeguarding data integrity and confidentiality at its source—where data is physically stored. This might involve physical barriers, such as locked cabinets or restricted access areas, to prevent unauthorized personnel from accessing the media. Understanding this classification helps reinforce the overall framework of security controls that organizations must implement to protect their information assets effectively.