Free ISC2 CC Certified in Cybersecurity Actual Exam Questions - Question 14 Discussion

It’s B. The main point is to make sure only approved visitors get in and to keep track of them while inside. Options A, C, and D clearly go against securing the facility.

This one feels pretty straightforward since visitor management is all about security and oversight. B fits best because it focuses on controlling who gets in and keeping tabs on them, which is crucial for physical access controls. A and C clearly go against security principles, and D just doesn’t make sense—unrestricted access defeats the purpose. So, B is the logical choice here.

B imo, it’s really about controlling and monitoring who gets in, not just a one-time check at the entrance. Visitor management policies are designed to prevent unauthorized access and keep track of visitors throughout their stay. That means it’s more than just signing in—it’s about ensuring only the right people can enter and move around as permitted. Options A, C, and D are pretty clearly off since they either ignore security or give visitors too much freedom.

It’s definitely not A, C, or D since those either ignore security or give visitors free rein, which makes no sense. The main purpose of visitor management is to keep track of who comes in and only let authorized people enter, so B fits best. Even if the policy doesn’t detail what happens after entry, controlling access at the door is the primary goal. Monitoring inside might be part of it, but entry control is the baseline for security.

B. It’s mainly about controlling who gets in and keeping track of visitors. Without that, there’s no way to know if someone unauthorized is inside. Options A, C, and D don’t make sense because they either remove controls or give unrestricted access, which goes against the whole idea of security. So the primary goal has to be the control and monitoring part.

B. It’s all about making sure only the right people get in, which directly ties to security. The other options either ignore control or suggest no restrictions, which defeats the purpose.

B/D? I agree B fits because visitor management is about controlling who gets in, not giving unrestricted access like D suggests. Plus, A and C don’t make sense since visitor management policies definitely involve signing in and access controls. The “monitor” part in B also hints at tracking visitors once they’re inside, which kinda rules out D’s idea of no restrictions. So B seems to cover both controlling and monitoring visitors the best.

B - It’s mainly about controlling who gets in, not ID avoidance or unrestricted access.

Makes sense that the goal is to keep unauthorized people out, so it’s about control and monitoring. So I’d go with B.

Probably B, since a solid visitor management policy mainly focuses on keeping unauthorized people from entering, which means controlling and monitoring visitor access carefully.

Maybe D is out since visitor policies rarely allow unrestricted access everywhere. A and C seem off because they either avoid controls or remove them entirely. B feels right as it focuses on controlling who gets in.

B, since the main aim is to keep unauthorized visitors out, not to loosen rules.

B imo, since visitor management is all about restricting access to authorized people only. The other options either ignore controls or suggest letting everyone in, which defeats the purpose.

Makes sense to rule out A and C since they basically ignore control steps, which defeats the whole purpose. D is off because unrestricted access contradicts security goals. B is the only one that really covers controlling and monitoring who comes in, which is the main point of visitor management policies in physical access controls. So yeah, B feels like the most solid choice here.

B/D? The goal is definitely to control access, but unrestricted access like in D contradicts that. So B fits best, since visitor management means monitoring who’s actually allowed inside.

It’s B for sure. The main point is to keep tabs on visitors and make sure they’re allowed in, not just to avoid ID checks or give open access like A, C, or D suggest.

B, makes the most sense for security.