Which objective MOST ACCURATELY describes administrative security controls?

Administrative security controls primarily focus on the policies, procedures, and practices that govern how an organization manages, protects, and handles its sensitive information and resources. This includes ensuring that personnel have the required authorizations, which is crucial for maintaining integrity and confidentiality within an organization.

By confirming that employees and other stakeholders possess the appropriate access rights and permissions, administrative controls help mitigate risks associated with unauthorized access and potential internal threats. This aspect of security fosters accountability and helps ensure that individuals can only act within their designated responsibilities, aligning with compliance and regulatory requirements.

Other aspects, such as providing connectivity or fully securing systems, relate more to technical or physical controls rather than administrative ones. Keeping unauthorized personnel out of facilities is primarily a focus of physical security, rather than administrative measures. Thus, the objective involving the authorization of personnel is the most representative of administrative security controls.