Security Control Categories Flashcards

1
Q

A category of security control that is implemented as a system (hardware, software, or firmware). _____ l controls may also be described as logical controls.

A

Technical

Ex - firewalls, AV software, OS access control models

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A category of security control that is implemented by people.

A

Operational

Ex - Security Guards, training guards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A category of security control that gives oversight of the information system.

A

Managerial

Ex - Risk identification, tool allowing evaluation and selection of other controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A type of security control that physically or logically restricts unauthorized access.

A

Preventive

Ex - ACL , Anti-Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A type of security control that acts during an incident to identify or record that it is happening.

A

Detective

Ex - Logs provide one of the best examples of detective-type controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A type of security control that acts after an incident to eliminate or minimize its impact.

used AFTER an attack

A

Corrective

Ex - backup system, patch managements system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A type of security control that acts against in-person intrusion attempts.

A

Physical

Ex - Alarms, gateways, locks, lighting, cameras, guards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A type of security control that discourages intrusion attempts.

A

Deterrent

Ex - Warning Signs, legal penalties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A security measure that takes on risk mitigation when a primary control fails or cannot completely meet expectations.

A

Compentsating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly