Security Control Types

Question 1

SOC

Answer 1

Security Operations Center: A location where security professionals monitor and protect critical information assets in an organization

Question 2

Security Control

Answer 2

A technology or procedure put in place to mitigate vulnerabilities and risk in order to ensure the CIA triad (Confidentiality, Integrity and Availability)

Question 3

Technical Control

Answer 3

Logical Control: A category of security control that is implemented as a system(Hardware, software or firmware)

Question 4

Operational Control

Answer 4

Security control that is implemented by people instead of systems. Example: Security guards

Question 5

managerial Control

Answer 5

Security Control that provides oversight of the information system

Question 6

Preventative

Answer 6

Acts to reduce the likelihood that an attack can succeed

Question 7

Detective Control

Answer 7

Any control that may not prevent access but will identify and record any attempted successful intrusion

Question 8

Corrective Control

Answer 8

Any control that acts to reduce the impact of an intrusion event.

Question 9

Physical Control

Answer 9

A type of security control that acts against in person intrusion attempts.

Question 10

Deterrent Control

Answer 10

A type of security control that discourages intrusion attempts. Example: video camera

Question 11

Compensating Control

Answer 11

This acts as a substitute for a principal control. Example: recommended by a security standard for a cheaper price while also having a strong security control.