Security Controls Flashcards
What are technical controls
controls implemented using systems, firewalls, anti-virus, operating system controls
Access controls
Firewalls
Encryption
Endpoint security
Security information and event management (SIEM)
Vulnerability management
Secure configuration management
what are managerial controls
administrative controls associated with security design and implementation
security polices, standard operating procedures
Security Policies and procedures
Security Awareness and training
Access control and identity management
Compliance and legal requirements
Incident response and management
Business continuity and disaster recovery
what are operational controls
controls implemented by people instead of systems, security guards, awareness programs
Change Management
Incident response and management
Patch management
Backup and recovery
Security monitoring and logging
Access control management
Security awareness and training
what are physical controls
limit physical access, guard shack, fences, locks, badge reader
Perimeter security
Access control
Surveillance and monitoring
Environmental controls
Asset management
Physical security policies and procedures
what are preventive controls
block access to a resource, you shall not pass, firewall rules, follow security policy, guard shack checks all id, enable door locks
Access control
Firewalls and network segmentation
Encryption
Application Security Controls
Physical security measures
Configuration management
Employee training and awareness
Change management
what are deterrent control types
discourage an intrusion attempt, does not directly prevent access, make an attacker think twice, application splash screens, threat of demotion, front reception desk, posted warning signs
Visible security signage
Physical barriers
Access control measures
Surveillance and monitoring
Physical security lighting
Identification and branding
what are detective control types
identify and log an intrusion attempt, may not prevent access, collect and review system logs, review login reports, regularly patrol the property, enable motion detectors
Event logging
Security information and event management
Intrusion detection systems
Vulnerability scanning
Security incident detection
Security testing and penetration testing
Forensic analysis and investigation
what are corrective control types
apply a control after an event has been detected, reverse the impact of an event, continue operating with minimal downtime, correct the problem, restoring from backups can mitigate a ransomware infection, create policies for reporting security issues, contact law enforcement to manage criminal activity, use a fire extinguisher
Incident response procedures
Containment and eradication
Root cause analysis
Patch management
Access control remediation
Data recovery and restoration
Policy and procedure updates
what are compensating control types
control using other means, existing controls aren’t sufficient, may be temporary, firewall blocks a specific application instead of patching the app, implement a separation of duties, require simultaneous guard duties, generator used after power outage
Manual controls
Procedural controls
Operational controls
Physical controls
Administrative controls
Compensating security measures
Third party controls
what are directive control types
direct a subject towards security compliance, a relatively weak security control, instead you can store all sensitive files in a protective folder, create compliance policies and procedures, train users on proper security policy and post a sign for authorized ‘personnel only’
Security Policies
Standards and Guidelines
Access control policies
Compliance requirements
Data protection policies
Risk management policies
Incident response policies