Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security + Certification > 1.0 General Security Concepts > Flashcards

1.0 General Security Concepts Flashcards

1
Q

What are Security Controls?

A

They protect assets such as data, physical property, and computer systems. They prevent security events, minimize the impact, and limit the damage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Technical Controls?

A
  • Controls implemented using systems
  • Operating system controls
  • Firewalls, anti-virus
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are Managerial Controls?

A

– Administrative controls associated with security design and implementation
– Security policies, standard operating procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are Operational Controls?

A

– Controls implemented by people instead of systems
– Security guards, awareness programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are Physical Controls?

A

– Limit physical access
– Guard shack
– Fences, locks
– Badge readers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are preventative controls types?

A
  • Preventive
    – Block access to a resource
    – You shall not pass
  • Prevent access
    – Firewall rules
    – Follow security policy
    – Guard shack checks all identification
    – Enable door locks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are deterrent control types?

A

*Deterrent
– Discourage an intrusion attempt
– Does not directly prevent access
* Make an attacker think twice
– Application splash screens
– Threat of demotion
– Front reception desk
– Posted warning signs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are detective control types?

A
  • Detective
    – Identify and log an intrusion attempt
    – May not prevent access
  • Find the issue
    – Collect and review system logs
    – Review login reports
    – Regularly patrol the proper
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are Corrective control types?

A
  • Corrective
    – Apply a control after an event has been detected
    – Reverse the impact of an event
    – Continue operating with minimal downtime
  • Correct the problem
    – Restoring from backups can mitigate a ransomware
    infection
    – Create policies for reporting security issues
    – Contact law enforcement to manage criminal activity
    – Use a fire extinguisher
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are compensating control types?

A
  • Compensating
    – Control using other means
    – Existing controls aren’t sufficient
    – May be temporary
  • Prevent the exploitation of a weakness
    – Firewall blocks a specific application instead of
    patching the app
    – Implement a separation of duties
    – Require simultaneous guard duties
    – Generator used after power outage
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are directive control types?

A
  • Directive
    – Direct a subject towards security compliance
    – A relatively weak security control
  • Do this, please
    – Store all sensitive files in a protected folder
    – Create compliance policies and procedures
    – Train users on proper security policy
    – Post a sign for “Authorized Personnel Only”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security + Certification (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions