Security Controls 2 Flashcards
What is hardening?
Hardening involves securing systems, networks, or devices by reducing their attack surface and minimizing vulnerabilities. It typically includes steps such as disabling unnecessary services, applying security patches, configuring strong access controls, and implementing least privilege principles.
What is a Intrusion Prevention System (IPS)?
An Intrusion Prevention System (IPS) is a network security technology that actively monitors network traffic, detects malicious activity based on known attack patterns, and takes immediate action to block or prevent potential threats from entering a system
How does an (IPS) differ from an Intrusion Detection System (IDS)?
IDS only detects threats, while IPS prevents threats.
What is a intrusion detection system (IDS)?
An intrusion detection system (IDS) is a cybersecurity tool that monitors a network for suspicious activity. It can be a device or software application.
What is SIEM (Security Information and Event Management)?
Security Information and Event Management (SIEM) is a comprehensive approach to cybersecurity that involves collecting, analyzing, and correlating data from various sources within an organization’s IT infrastructure to detect and respond to security threats. They provide real-time monitoring, alerting, and incident response capabilities.
What is the purpose of preventive controls?
Preventive controls aim to thwart or minimize the likelihood of security incidents or attacks before they happen by reducing vulnerabilities or deterring potential threats.
What is the purpose of detective controls?
Detective controls aim to identify, detect, or uncover security incidents or breaches that have already occurred within an organization’s systems or networks.
What are some examples of detective controls?
SIEM, (IDS), security audits, trend analysis, log monitoring, video surveillance, motion detection
What are some examples of preventative controls?
Hardening, firewalls, security awareness training, encrypting, antivirus software
What is the purpose of corrective controls?
Corrective controls are security measures implemented to mitigate the impact of security incidents or breaches after they have occurred.
What are some examples of corrective controls?
Vulnerability patching, backups and system recovery
What is the primary purpose of a backup in a cybersecurity?
Protecting data against loss or corruption
What is the purpose of deterrent controls?
Deterrent controls are security measures designed to discourage potential attackers or intruders by increasing the effort, risk, or cost associated with unauthorized access or deliberate attacks.
What are some examples of deterrent controls?
Cable locks, hardware locks, video surveillance, security guards
What is the purpose of directive controls?
Directive controls are security measures that provide guidance, instructions, and policies to ensure that security requirements and best practices are followed across an organization. They set the framework for security compliance.
What are some examples of directive controls?
Security policies, compliance standards, training and awareness
What is the purpose of compensating controls?
Compensating controls serve as alternative measures to address security requirements or mitigate risks when implementing the primary or ideal security measure is impractical or unfeasible.
What are some examples of compensating controls?
Time-based One Time-Password (TOTP), compensating control (Partial Encryption or Segmentation)
What is a risk assessment?
Risk assessments identify, analyze, and prioritize potential risks and threats that could impact an organization’s assets, operations, or objectives. They evaluate the likelihood of threats exploiting vulnerabilities and assess the potential impact on the organization.
What is a vulnerability assessment?
Vulnerability assessments involve scanning systems, networks, or applications to identify and analyze potential weaknesses or vulnerabilities that could be exploited by attackers. They aim to discover security flaws or misconfigurations.
What is penetration testing?
Penetration testing, often referred to as ethical hacking, involves simulating real-world attacks to test the security of systems, networks, or applications. It aims to exploit vulnerabilities in a controlled manner to assess the effectiveness of security controls and defenses.
