Which security function controls access to sensitive materials?

Access control is the security function that manages who is allowed to access certain information or systems and under what conditions. This includes defining permissions and restrictions that determine how sensitive materials can be used, viewed, or modified. Access control can encompass various methods, such as user authentication, which verifies identities, and authorization, which determines what users are permitted to do after they have been authenticated.

By establishing access control measures, organizations can protect sensitive data from unauthorized access, ensuring that only those with the appropriate level of clearance can view or interact with protected information. This is foundational to safeguarding confidentiality and integrity within an organization’s information security framework.

The other options pertain to various aspects of security but do not directly control access to sensitive materials in the same manner as access control does. For example, auditing and monitoring services involve tracking and reviewing access and actions related to data but do not actively prevent unauthorized access. Cryptography focuses on encryption and data protection during transmission rather than controlling access directly. Boundary control relates to securing the perimeter of a network, which is more about protecting the organization's resources than managing access at the data level.