1.1 Compare and contrast various types of security controls

Question 1

Categories of Security Controls

Answer 1

1. Technical Controls : hardware and software technologies mechanism, like firewalls, encryption process, and Intrusion detection systems
2. Managerial Controls : strategic planning and governance side of security , risk management , security policies, training programs, incident response strategies
3. Operational Controls : designed to protect data on a day-to-day basis( change password every 90 days) covers backup procedures, account reviews, user training program
4. Physical Controls : real-world measures taken to protect assets
   like surveillance cameras, biometrics scanner to reinforced doors , barbed wire fences, security guards , secure shredding, locking your office.

Question 2

6 Types of Security Control

Answer 2

1.Preventative control : proactive measure before an accident actually occurs. e.g firewall
(build foundation)

2. Deterrent Controls : discourage potential attackers by making more challenging e.g banners, warning signs in website
   (discourage threats)
3. Detective Controls : alert and monitor organization to malicious activities as they occur or shortly after e.g IDS
   (controls like a watchdog)
4. Corrective Controls: mitigate any potential damage and restore the systems to their normal state : e.g malware control
   (jumps during emergency)

5.Compensating Controls: Alternative measures that are implemented when primary security controls are not feasible or effective
(backups and mitigations)

6. Directive Controls: often rooted in policy or documentation and set the standards for behavior within an organization.
   (guide the entire process)