Section 1: General Security Concepts Flashcards
These are controls implemented through technology. They are often hardware or software based.
Examples: Firewalls, encryption, intrusion detection systems, authentication mechanisms, access controls.
Security Controls: Categories, Section 1.1
Technical
These controls involve strategies, governance, and the organizational approach to information security. They ensure the right policies and procedures are in place.
Examples: Risk assessments, security policies and procedures, security training programs, vendor management.
Security Controls: Categories, Section 1.1
Managerial
These controls are often associated with day-to-day tasks and procedures that users or administrators follow.
Examples: Backup and recovery procedures, user awareness training, incident response procedures, change management.
Security Controls: Categories, Section 1.1
Operational
These controls are designed to protect the environment of information assets.
Examples: Security guards, fences, locks, CCTV cameras, biometric access controls, secure server rooms, fire suppression systems
Security Controls: Categories, Section 1.1
Physical
These controls are designed to ensure that an incident or breach does not occur in the first place.
Examples: Firewalls, access controls, strong password policies, encryption, and security training.
Security Controls: Types, Section 1.1
Preventative
While they might not prevent a threat actor from performing a malicious act, they discourage them by increasing the risk or reducing the reward.
Examples: Warning banners (indicating legal consequences of unauthorized access), visible surveillance cameras, and “Account will be locked after three unsuccessful login attempts” mechanisms.
Security Controls: Types, Section 1.1
Deterrent
These controls are designed to discover unwanted or unauthorized activity.
Examples: Intrusion detection systems (IDS), audit logs, security information and event management (SIEM) systems, and anomaly detection.
Security Controls: Types, Section 1.1
Detective
Once a security incident has been detected, these controls aim to limit the extent of the damage and take action to resolve the situation.
Examples: Anti‐virus software that quarantines malware, incident response teams, backup/restoration tools, and patches for known vulnerabilities.
Security Controls: Types, Section 1.1
Corrective
These controls come into play when primary controls are deemed ineffective or unfeasible. They provide alternative measures to achieve the same or similar security objectives.
Examples: If a system cannot support multifactor authentication (a primary control), a stringent password policy and continuous user behavior monitoring might be applied.
Security Controls: Types, Section 1.1
Compensating
These controls are used to guide or constrain user actions, usually by stipulating mandatory or recommended actions.
Examples: Acceptable use policies, security policies, guidelines, procedures, and
standards.
Security Controls: Types, Section 1.1
Directive