Security Controls Flashcards
determination of different security controls
1
Q
Technical Security Controls
A
- aka logical security controls
- executed by system rather than people
- implemented with technology
2
Q
Technical Security Controls Examples
A
- Encryption
- IDSs
- Firewalls
3
Q
Managerial Security Controls
A
- Aka administrative controls
- Focused on reducing the risk of incidents
- Documented in written policy
4
Q
Managerial Security Control Examples
A
- Organizational Security Policy
- Risk Assessments
- Security Awareness training
5
Q
Operational Security Controls
A
- Focused on the day to day
- Used to ensure equipment stays up
- Implemented and executed by people
6
Q
Operational Security Controls Examples
A
- System Backups
- Patch Management
- Configuration Management
7
Q
Preventive Security Controls
A
- Encryption
- Firewalls
- AV Software
8
Q
Deterent Security Controls Examples
A
- Warning Signs
- Lighting
- Fencing/Bollards
9
Q
Detective Security Controls
A
- Log Monitoring
-Security Audits - CCTV
- IDS
- Vulnerability Scanning
10
Q
Corrective Security Controls
A
- Recovering Backups
- Applying Patches
- develop & implement IRPs
-Activate and Executing DRPs
11
Q
Compensating Security Controls
A
- Backup Power
- MFA
- App Sandboxing
- Network Segmentation
12
Q
Non-Repudiation
A
make it so someone cannot say it was not them.