Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CybeSecurity Prep INterview > __Security Controls > Flashcards

__Security Controls Flashcards

1
Q

What are some common types of security controls?

A

Security controls are measures taken to protect information systems from unauthorized access use

disclosure

disruption

modification or destruction. Common types of security controls include authentication

authorization

encryption

access control lists (ACLs)

firewalls and intrusion detection systems (IDS). These controls help ensure that only authorized users can access sensitive data and that any malicious activity is detected and prevented.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Can you explain the difference between preventive and detective controls?

A

Preventive controls are measures taken to reduce the risk of a security incident occurring such as implementing access control policies or conducting regular security assessments. Detective controls are measures taken to detect any security incidents that have occurred

such as monitoring network traffic or using intrusion detection systems. Both types of controls are important for maintaining a secure environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When would you use access controls

and what types are available?

A

Access controls are used to limit access to certain resources or information. Common types of access controls include authentication

authorization

and encryption. Authentication is used to verify the identity of a user

authorization is used to determine what level of access a user has

and encryption is used to protect data from unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How can network security controls be used to protect against cyber attacks?

A

Network security controls can be used to protect against cyber attacks by implementing firewalls antivirus software

and encryption. Firewalls can be used to block malicious traffic from entering the network

while antivirus software can detect and remove malicious files. Encryption can also be used to protect data in transit and at rest

making it more difficult for attackers to access sensitive information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are some examples of physical security controls?

A

Physical security controls are measures taken to protect physical assets from unauthorized access damage

or theft. Examples of physical security controls include locks

fences

alarms

surveillance cameras

and guards. Access control systems can also be used to limit access to certain areas or resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can encryption be used as a security control and when is it necessary?

A

Encryption is a security control that can be used to protect data from unauthorized access. It is necessary when sensitive information needs to be kept secure

such as passwords

financial records

or confidential documents. Encryption ensures that only those with the correct key can access the data

making it much more difficult for malicious actors to gain access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are some common examples of administrative security controls?

A

Administrative security controls are policies and procedures that help protect an organization’s information assets. Common examples include user access control data classification

incident response plans

and security awareness training. These controls help ensure that only authorized personnel have access to sensitive information and that all personnel are aware of the importance of protecting the organization’s data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How can you use security controls to protect against social engineering attacks?

A

Security controls can be used to protect against social engineering attacks by educating employees on the risks of such attacks implementing policies that require authentication for access to sensitive information

and monitoring user activity for suspicious behavior. Additionally

organizations should use strong passwords and two-factor authentication to protect against unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

When would you use intrusion detection systems (IDS) as a security control?

A

Intrusion detection systems (IDS) are an important security control that can be used to detect malicious activity on a network. They monitor network traffic for suspicious activity and alert administrators when they detect something out of the ordinary. This allows organizations to quickly respond to potential threats and take appropriate action to protect their systems. Additionally IDS can be used to identify weak points in a network’s security posture

allowing organizations to take steps to strengthen their defenses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What types of security controls are most effective against insider threats?

A

The most effective security controls against insider threats are those that focus on user behavior monitoring access control

and data encryption. User behavior monitoring helps to detect suspicious activity and identify potential malicious actors. Access control ensures that only authorized personnel have access to sensitive data. Finally

data encryption ensures that even if an insider gains access to the data

it is still unreadable without the proper decryption key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CybeSecurity Prep INterview (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions