Security Controls Flashcards
monitor, alert, and recover from attacks.
What are Technical Controls
Controls implemented using systems.
- Operating System controls
-Fire Walls
-AntiVirus
What are Managerial Controls
Administrative Controls associated with security design and implementation
-Security Policies
-Standard Operating Procedures (SOP)
What are Operation Controls
Controls implemented by people instead of systems
-Security Guards
-Awareness Programs
What are Physical Controls
Limits Physical Access
-Guard Shack
-Fences, locks
-Badge readers
What are Preventative control types
Blocks access to a resource
-Fire wall rules
-follow security policy
-Guard Shack checks identification
-Enable door locks
What are Deterrent control types
Discourages intrusion attempts but does not directly prevent access
-Application splash screens
-threat of demotion
-Front desk reception
-Posted warning signs
What are Detective control types
Identify and log intrusion attempts, may not prevent access
-Collect and review system logs
-Review login reports
-Regularly patrol the property
-Enable motion detectors
What are Corrective control types
Applying a control after an event has been detected, reverse the impact of an event, continue operating with minimal downtime
-Restoring from backups can mitigate a ransomware infection
-Create policies for reporting security issues
-Contact law enforcement to mange criminal activity
-Use a fire extinguisher
What is a Compensating control type
Control using other means, may be temporary
-Prevent the exploitation of a weakness
-implement separation of duties
-back up generator
What is a Directive control type
Do this please!?
-store sensitive files in a protected folder
-Create compliance policies and procedures
-Train users on proper security policy
-Post a sign for
Authorized Personnel Only”
