1B - Comparing Control Types Flashcards

1
Q

What are the 3 main security control types?

A

Managerial, operational and technical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are managerial controls?

A

Written by managers. Create organisational policies and procedures to reduce risk within companies. They incorporate regulatory frameworks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

2 examples of managerial controls.

A
  1. Annual Risk Assessment - each department identifies risks and risk treatments and places them in a risk register. These are reviewed annually.
  2. Penetration testing / vuln. scanning (N.B Difference is that penetration testing is intrusive since it exploits vulnerabilities, rather than just detects them)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are operational controls?

A

Executed by company personnel during their day-to-day.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

3 examples of operational controls.

A
  1. Annual Security Awareness Training
  2. Change Management - Change Advisory Board (CAB) assists with prioritisation of changes and ensure that they don’t cause security risks to the company.
  3. Business Contingency Plan - planning to keep business up and running in events of disaster by identifying any single point of failure that many prevent a company from being operational.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are technical controls?

A

Implemented by the IT Team to reduce the risk to the business.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

5 examples of technical controls.

A
  1. Firewall rules.
  2. Antivirus/antimalware.
  3. Screen savers
  4. Screen filters
  5. Intrusion Prevention / Detection Systems (IPS / IDS)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Give 2 examples of deterrent controls?

A
  1. Motion sensors that switch on a light

2. CCTV warning signs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are detective controls?

A

Used to investigate an incident that has happened.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

2 examples of detective controls.

A
  1. CCTV

2. Log files (stored on Write-Once Read-Many (WORM) files so that they cannot be tampered with).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are corrective controls?

A

Actions taken to recover from an incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Other names for compensating controls?

A

Alternative / Secondary Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are compensating controls?

A

Controls used instead of a primary control that has failed or is not available.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are preventative controls?

A

Controls that deter attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

2 examples of preventative controls.

A
  1. Disabling User Accounts

2. Operating System Hardening - ensuring OS is fully patched and unused features are turned off.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

3 Parts of Access Controls? Explain / give examples for each.

A
  1. Identification - e.g user account, smart card or fingerprint
  2. Authentication - password or PIN
  3. Authorisation - level of access or permissions that you have to apply to selected data.
17
Q

What is Discretionary Access Control?

A

Involves New Technology File System (NTFS) by Microsoft.

These user-based controls ensure the user is only given the access that they need to perform their job.

18
Q

List and describe the 8 permissions in NTFS.

A
  1. Full control - full access
  2. Modify - change data, read and read and execute
  3. Read and execute - read a file and run a program if one is inside
  4. List folder contents - expand a folder to see the subfolders within it.
  5. Read - read contents.
  6. Write - write to the file
  7. Special permissions - granular access.
  8. Data creator / owner - person who created the unclassified data and is responsible for authorising who has access.
19
Q

What are Mandatory Access Controls (MAC)?

A

Classification level of data, determined by how much damage could be inflicted.

20
Q

What are the MAC levels? Describe each

A
  1. Top Secret - Highest level, exceptionally grave damaging.
  2. Secret - causes serious damage.
  3. Confidential - causes damage.
  4. Restricted - Undesirable effects
21
Q

What are the MAC roles? Describe each.

A
  1. Owner: person who writes data and only person that can determine the classification.
  2. Steward: person responsible for labelling the data.
  3. Custodian: person responsible for storing and managing data.
  4. Security Administrator: person who gives access to classified data once clearance has been approved.
22
Q

What is role-based access conrtol?

A

Controls when a subset of the department carries out a subset of duties within a department

23
Q

What is rule-based access control?

A

RBAC.

Time-based or other restriction that is applied to all people within the department.

24
Q

What is Attribute Based Access Control?

A

ABAC.

Restricted based on an attribute in the account.

25
Q

What is Group Based Access Control?

A

People are put into groups to simplify access.

26
Q

What are the Linux File Permissions?

A

3 numbers: owner, group, all other users

Numerical values assigned:
1 - execute
2- write
4- read
(added up for multiple permissions)
OR alphabetical values assigned:
R: read
W: write
X: execute
(dashes replacing lack of permission)
27
Q

What is the permissions of a file with the following access level:

rwx rwx rw-

A

Owner has read, write and execute (full control|)
Group has read, write and execute (full control|)
All others have read and write permissions

28
Q

What is 764 access to a file?

A

Owner (7) has read, write an execute access.
Group (6) has read and write access.
All others (4) have read access.