Chapter 5.7

Question 1

Technical

Answer 1

A technical control is implemented in operating systems, software, and security appliances. Examples include Access Control Lists (ACL) and Intrusion Detection Systems.

Question 2

Deterrent

Answer 2

A deterrent control may not physically or logically prevent access, but rather psychologically discourages an attacker from attempting an intrusion. A warning sign is an example of a deterrent control.

Question 3

Preventative

Answer 3

A preventive control is used to physically or logically restrict unauthorized access. A system password and physical door lock are examples of preventive controls.

Question 4

detective

Answer 4

A detective control may not prevent or deter access, but it will identify and record any attempted or successful intrusion. A security camera system is an example of a detective control.

Question 5

Administrative

Answer 5

Administrative security controls are used to determine behavior through policies, procedures, and guidance.

Question 6

Corrective

Answer 6

A corrective control responds to and fixes an incident. It may also prevent reoccurrence. An example of a corrective control is antivirus software.

Question 7

Compensative

Answer 7

A compensating control does not prevent an attack, but can restore functionality of systems through other means, such as a backup.