Identify Security Control Types Flashcards
lesson NO 1 (30 cards)
What is the job of a cybersecurity analyst?
A senior position within an organization’s security team with direct responsibility for protecting sensitive info and preventing unauthorized access to electronic data and the systems that protect it.
Important traits: problem solving
What is the job of a CISO?
chiff information security officer
A senior executive responsible for managing cybersecurity and information security within an organization. Their role includes overseeing security strategies, identifying threats, managing risks, and ensuring compliance with security standards.
Oversees an organization’s information, cyber, and technology security
What is a CSIRT?
(Computer Security Incident Response Team)
Responsible for identifying, analyzing, and responding to cybersecurity incidents within an organization. Their primary goal is to minimize damage, contain threats, and restore normal operations as quickly as possible.
What is the job of a SOC?
Security operations center
A location where professionals monitor and protect critical information assets in an organizations.
Important traits:
1. They must have an authority to operate
2. Have motivated and professional people in the group
3. Incorporate processes into a single center
4. Be ready to perform incidence response
5. Protect themself and the organization network
6. Can separate the data to: not good, not bad, maybe?
7. Collaborate with other SOC stuff from different companies
NIST Special Publication 800-53 Revision 5
What can u tell me about it?
This document is called the security and privacy controls for federal information systems and organizations
This document has 18 families of controls to make it easier to find controls. Examples of families are:
● Access Control (AC)
● Accountability (AA)
● Incident Response (IR)
● Risk Management (RA)
What is the model of CIA?
Confidentiality – Keeping data private and accessible only to authorized users.
Integrity – Ensuring data remains accurate and unchanged unless modified by authorized parties.
Availability – Ensuring systems and data are accessible to legitimate users when needed.
In CIA model, what letter dose encryption fit?
Confidentiality
Example: Encrypting sensitive emails or files ensures that only authorized users can read the content.
ISO 27001
What can u tell me about it?
Is an international standard and a proprietary framework.
Earlier versions of the NIST SP 800-53 used classes of controls (technical, operational, and managerial)
What is a Technical (Logical) Controls?
A category of security control that is implemented as a system
(hardware, software, or firmware)
What is a Operational Controls ?
A category of security control that is implemented primarily by people rather than systems
What is a Managerial Controls ?
A category of security control that provides oversight of the information system
If i install a firewall or an anti-virus on your machine, what kind of control is it?
Technical control
A category of security control that is implemented as a system (hardware, software, or firmware)
If i teach people in the company against phishing, what kind of control is it?
operational control
because it’s targeted people
What is Preventative Control ?
A control that acts to eliminate or reduce the likelihood that an attack can succeed
What is Detective Control ?
A control that may not prevent or deter access, but will identify and record any attempted or successful intrusion
What is Corrective Control ?
A control that acts to eliminate or reduce the impact of an
intrusion event
Give an example for preventive control
Installing firewall
because it’s trying to stop an attacker from breaking in
Give an example for detective control
logs investigations, or going through the footage of a security camera
What is a Physical Control ?
A type of security control that acts against in-person intrusion attempts
like alarm , security guard
It can be: detective , physical, corrective or penetrative control.
What is a Deterrent Control ?
A type of security control that discourages intrusion attempts
For example: a sigh of warning like “beware a dog” and its not necessarily the house has a dog.
What is a Compensating Control ?
A type of security control that acts as a substitute for a principal control.
Not the top line, but gives you some protection
using 2FO - two factors authentication
What is a Responsive Control ?
System that actively monitors for potential vulnerabilities or attacks, and then takes action to mitigate them before they can cause damage
For example: a firewall
What is a firewall ?
a system that monitors all incoming and outgoing network, traffic and blocks
What is an Intrusion Prevention System (IPS)
devices that can monitor network traffic for patterns that indicate an intrusion is occurring such as a repeated failed log on attempt