GCGA Ch. 1 Understanding Security Controls Flashcards
(11 cards)
Four security control categories
managerial, operational, technical, and physical.
Managerial controls
primarily administrative and include items such as risk and vulnerability assessments.
Operational controls
focused on the day-to-day operations of an organization. They help ensure an organization is complying with its overall security plan. Some examples include security awareness and training, configuration management, and change management.
Technical controls
use technology to reduce vulnerabilities. Encryption, antivirus software, IDSs, firewalls, and the principle of least privilege are technical controls.
Physical controls
any controls that you can physically touch. Some examples are bollards and other barricades, access control vestibules (sometimes called mantraps), lighting, fences, and signs.
Six control types
preventive, deterrent, detective, corrective, compensating, and directive.
Preventive controls
attempt to prevent security incidents. Examples include system hardening, user training, guards, change management, and account disablement processes.
Detective controls
attempt to detect when a vulnerability has been exploited. Examples include log monitoring, security information and event management (SIEM) systems, trend analysis, video surveillance systems, and motion detection systems.
Deterrent controls
attempt to prevent incidents by discouraging threats. Examples include locks and guards. Note that these can also be described as preventive controls. The primary difference is that they try to discourage people from trying to exploit a weakness.
Corrective controls
attempt to reverse the impact of an incident or problem after it has occurred. Examples include backups, system recovery plans, and incident handling processes.
Compensating controls
alternative controls used when it isn’t feasible or possible to use the primary control.
