Security Controls Flashcards
Week 4
What are Security Controls?
Measures designed to protect systems, data, and networks from threats, ensuring confidentiality, integrity, and availability.
What are the categories of Security Controls?
Security controls fall into three categories: Managerial, Operational, and Physical, each addressing different security aspects.
What is the Managerial Control category?
Managerial controls include policies, risk assessments, and security frameworks to guide security strategies.
What is the Operational Control category?
Operational controls involve daily security procedures, incident response, and staff training to manage risks.
What is the Physical Control category?
Physical controls protect physical assets, such as locks, surveillance cameras, fences, and access control systems.
What is Layering Security Controls (Defense-in-Depth)
A security strategy that layers multiple controls (technical, physical, and administrative) to provide robust protection.
What are the goals of Security Controls?
Security controls aim to prevent, detect, respond to, and recover from cyber threats and incidents.
What are Security Incidents?
Events that compromise confidentiality, integrity, or availability, such as breaches, malware, or unauthorized access.
What is the difference between Risk, Threats, and Vulnerabilities?
Risk is potential harm, Threats are actors or events causing harm, and Vulnerabilities are weaknesses threats exploit.
What is Risk Mitigation?
Risk mitigation involves reducing risks through security controls, policies, and proactive measures.
What are the Four Primary Risk Mitigation Strategies?
Avoidance – Eliminate the risk
Reduction – Minimize the risk impact
Transfer – Shift risk responsibility (e.g., insurance)
Acceptance – Acknowledge and monitor the risk
What are Preventative Controls?
Security measures designed to stop threats before they occur, such as firewalls, encryption, and access controls.
How do Preventative and Detective Controls differ?
Preventative controls stop attacks, while Detective controls identify and alert on suspicious activities.
What are Corrective Controls?
Actions taken to fix security issues after an incident, such as restoring systems and applying patches.
What are Deterrent Controls?
Security measures that discourage attackers from targeting a system, such as warning signs and security cameras.
What are Directive Controls?
Policies and procedures that guide security behavior, such as security awareness training and acceptable use policies.
What are Compensating Controls?
Alternative security measures used when primary controls are not feasible, such as multi-factor authentication when passwords are weak.
What is Security Awareness Training?
Education for employees to recognize threats like phishing, social engineering, and malware.
What is Change Management in security?
A structured approach to updating systems, policies, or configurations to reduce security risks.
What is an Account Disablement Policy?
A policy that disables user accounts after termination or inactivity to prevent unauthorized access.
What is Hardening?
Strengthening security by removing vulnerabilities, such as disabling unused services and updating software.
What is an IPS?
A security tool that detects and blocks malicious activity in real time before it affects a system.
What is SIEM?
A system that collects, analyzes, and alerts on security events to detect and respond to threats.
What is Vulnerability Patching?
The process of fixing security flaws in software or hardware to prevent exploitation.
What is the importance of Backup and System Recovery?
Ensures data can be restored after an attack, hardware failure, or accidental deletion.
What are Cable Locks used for?
Physical security devices that secure laptops and hardware to prevent theft.
What are Hardware Locks?
Physical security mechanisms like keyed locks, biometric scanners, and electronic access controls.
How do Video Surveillance & Guards improve security?
Monitors and restricts access to protect facilities and deter unauthorized activities.
What is a Security Control Assessment (SCA)?
A review process to ensure security controls are effective and properly implemented.
What is a Risk Assessment?
The process of identifying, analyzing, and prioritizing security risks to minimize threats.
What is a Vulnerability Assessment?
A security check to identify weaknesses in systems before they are exploited.
What is Penetration Testing (Pen Testing)?
A simulated cyberattack used to test security defenses and find vulnerabilities before real hackers do.
