Which of the following is NOT a common control used to protect the availability of information?

The correct answer is based on the role of various security controls in protecting the availability of information. Availability refers to ensuring that information and resources are accessible when needed, which is particularly crucial for maintaining business operations and service delivery.

Redundancy is a widely used practice in information technology designed to increase availability. By having multiple systems or components that can take over in case one fails, redundancy mitigates the risk of downtime.

Backups also contribute to availability. They provide a way to restore critical data and systems in the event of data loss, corruption, or system failure, thereby ensuring that the information remains accessible.

Access controls, while primarily aimed at maintaining confidentiality and integrity, can also indirectly affect availability. By managing who can access systems and data, access controls help prevent unauthorized use that can lead to disruptions.

However, encryption serves a different purpose. It is primarily used to protect the confidentiality of information by converting it into a format that unauthorized users cannot read. While it is an essential control for protecting sensitive data, it does not inherently focus on ensuring that information remains available; thus, it doesn't align with the objective of maintaining availability in the same way that redundancy, backups, and access controls do.