5.1 Compare and contrast various types of controls Flashcards
What is a security control?
A security control is something designed to give a system or data asset the properties of confidentiality, integrity, availability, and non-repudiation.
What are the three security controls?
Technical, Operational, Managerial
What is a technical control?
The technical control is implemented as a system (hardware, software, or firmware). For example, firewalls, antivirus software, and OS access control models are technical controls. Technical controls may also be described as logical controls.
What is an operational control?
The operational control is implemented primarily by people rather than systems. For example, security guards and training programs are operational controls rather than technical controls.
What is a managerial control?
The managerial control gives oversight of the information system. Examples could include risk identification or a tool allowing the evaluation and selection of other security controls.
How many control functional types are there and name them?
Six. Preventative, Detective, Corrective, Physical, Deterrent, Compensating
What is a preventative functional control type?
The preventative control acts to eliminate or reduce the likelihood that an attack can succeed. A preventative control operates before an attack can take place. Access control lists (ACL) configured on firewalls and file system objects are preventative-type controls. Anti-malware software also acts as a preventative control, by blocking processes identified as malicious from executing. Directives and standard operating procedures (SOPs) can be thought of as administrative versions of preventative controls.
What is a detective functional control?
The detective control may not prevent or deter access, but it will identify and record any attempted or successful intrusion. A detective control operates during the progress of an attack. Logs provide one of the best examples of detective-type controls.
What is a corrective control?
The corrective control acts to eliminate or reduce the impact of an intrusion event. A corrective control is used after an attack. A good example is a backup system that can restore data that was damaged during an intrusion. Another example is a patch management system that acts to eliminate the vulnerability exploited during the attack.
What is a physical control?
controls such as alarms, gateways, locks, lighting, security cameras, and guards that deter and detect access to premises and hardware are often classed separately.
What is a deterrent control?
the deterrent control may not physically or logically prevent access, but psychologically discourages an attacker from attempting an intrusion. This could include signs and warnings of legal penalties against trespass or intrusion.
What is a compensating control?
the compensating control serves as a substitute for a principal control, as recommended by a security standard, and affords the same (or better) level of protection but uses a different methodology or technology.
