1.1 Flashcards

Security controls

1
Q

4 control CATEGORIES

A

Technical controls
Managerial controls
Operational controls
Physical controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A control category that is implemented using systems, including OSs

A

Technical controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security control category that is administrative and associated with security design and implementation

Security policies, standard operating procedures

A

Managerial controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A security control category implemented by people instead of systems

Security guards, awareness programs

A

Operational controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The control category that limits physical access

Guard shacks, fences, locks, badge readers

A

Physical controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

6 control TYPES

A

Preventive
Deterrent
Detective
Corrective
Compensating
Directive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A type of security control that blocks access to a resource

A

Preventive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A control type that discourages an intrusion attempt, but does NOT directly prevent access

A

Deterrent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A control type that identifies and logs intrusion attempts, and may/may not prevent access

A

Detective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A security control type that applies after an event has been detected to reverse the impact of the event

Keeps the system operating with minimal downtime

A

Corrective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A control type that is put in place when existing controls are not sufficient. It is a method of control using other means.

May be temporary

A

Compensating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A security control type that directs a subject toward security compliance: “Do this, please”

A relatively weak security control

A

Directive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly