Control Objectives Flashcards

1
Q

Control Objective

A

Control objective is the purpose to be achieved by implementing control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Proportionality

A

The rule of proportionality tells that secure baseline should be aligned for organization proportionate to criticality and sensivity of classification of the asset being protected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Defense - in - depth

A

Defense in depth (layered security) is the design and implementation of multiple overlapping layers of diverse controls ( controls must be subject of cascade effect, independent, and diversity should be considered)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Cost benefit

A

Process of comparing the estimated costs and benefits to determine whether it makes sense to proceed from business perspective (cost lower than loss - should be implemented/ cost higher than loss should not be implemented, cost=benefits ROI should be considered)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Tailoring

A

Tailoring is a phase of customizing secure baseline recommendations to align with organizations requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Controls

A

Tactics and mechanisms and strategies that proactively minimize risk in defines objective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Assurance

A

Measure of control confidence that intended security controls are effective in their implementation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Control Baseline

A

Express a minimum standard for given environment. Should be aligned for organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Supplementing

A

This is augmenting (adding to ) recommendations to the baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Functionality

A

Way of control verification, this is how control does in the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Countermeasures

A

Countermeasures are measure implemented to address specific threat, are supplementary to the controls (focused on one specific area)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Effectiveness

A

Is how well control works. If this control is consistent, complete, reliable and timely operationalized

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Scoping

A

Eliminating unnecessary baseline recommendations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Compenasating

A

Substituting a recommended baseline control with a similar control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly