Identify Security Control Types

Question 1

What is the job of a cybersecurity analyst?

Answer 1

A senior position within an organization’s security team with direct responsibility for protecting sensitive info and preventing unauthorized access to electronic data and the systems that protect it.

Important traits: problem solving

Question 2

What is the job of a CISO?

Answer 2

chiff information security officer

A senior executive responsible for managing cybersecurity and information security within an organization. Their role includes overseeing security strategies, identifying threats, managing risks, and ensuring compliance with security standards.

Oversees an organization’s information, cyber, and technology security

Question 3

What is a CSIRT?

Answer 3

(Computer Security Incident Response Team)

Responsible for identifying, analyzing, and responding to cybersecurity incidents within an organization. Their primary goal is to minimize damage, contain threats, and restore normal operations as quickly as possible.

Question 4

What is the job of a SOC?

Answer 4

Security operations center

A location where professionals monitor and protect critical information assets in an organizations.

Important traits:
1. They must have an authority to operate
2. Have motivated and professional people in the group
3. Incorporate processes into a single center
4. Be ready to perform incidence response
5. Protect themself and the organization network
6. Can separate the data to: not good, not bad, maybe?
7. Collaborate with other SOC stuff from different companies

Question 5

NIST Special Publication 800-53 Revision 5
What can u tell me about it?

Answer 5

This document is called the security and privacy controls for federal information systems and organizations

This document has 18 families of controls to make it easier to find controls. Examples of families are:
● Access Control (AC)
● Accountability (AA)
● Incident Response (IR)
● Risk Management (RA)

Question 6

What is the model of CIA?

Answer 6

Confidentiality – Keeping data private and accessible only to authorized users.

Integrity – Ensuring data remains accurate and unchanged unless modified by authorized parties.

Availability – Ensuring systems and data are accessible to legitimate users when needed.

Question 7

In CIA model, what letter dose encryption fit?

Answer 7

Confidentiality

Example: Encrypting sensitive emails or files ensures that only authorized users can read the content.

Question 8

ISO 27001
What can u tell me about it?

Answer 8

Is an international standard and a proprietary framework.
Earlier versions of the NIST SP 800-53 used classes of controls (technical, operational, and managerial)

Question 9

What is a Technical (Logical) Controls?

Answer 9

A category of security control that is implemented as a system

(hardware, software, or firmware)

Question 10

What is a Operational Controls ?

Answer 10

A category of security control that is implemented primarily by people rather than systems

Question 11

What is a Managerial Controls ?

Answer 11

A category of security control that provides oversight of the information system

Question 12

If i install a firewall or an anti-virus on your machine, what kind of control is it?

Answer 12

Technical control

A category of security control that is implemented as a system (hardware, software, or firmware)

Question 13

If i teach people in the company against phishing, what kind of control is it?

Answer 13

operational control

because it’s targeted people

Question 14

What is Preventative Control ?

Answer 14

A control that acts to eliminate or reduce the likelihood that an attack can succeed

Question 15

What is Detective Control ?

Answer 15

A control that may not prevent or deter access, but will identify and record any attempted or successful intrusion

Question 16

What is Corrective Control ?

Answer 16

A control that acts to eliminate or reduce the impact of an
intrusion event

Question 17

Give an example for preventive control

Answer 17

Installing firewall

because it’s trying to stop an attacker from breaking in

Question 18

Give an example for detective control

Answer 18

logs investigations, or going through the footage of a security camera

Question 19

What is a Physical Control ?

Answer 19

A type of security control that acts against in-person intrusion attempts

like alarm , security guard

It can be: detective , physical, corrective or penetrative control.

Question 20

What is a Deterrent Control ?

Answer 20

A type of security control that discourages intrusion attempts

For example: a sigh of warning like “beware a dog” and its not necessarily the house has a dog.

Question 21

What is a Compensating Control ?

Answer 21

A type of security control that acts as a substitute for a principal control.
Not the top line, but gives you some protection

using 2FO - two factors authentication

Question 22

What is a Responsive Control ?

Answer 22

System that actively monitors for potential vulnerabilities or attacks, and then takes action to mitigate them before they can cause damage

For example: a firewall

Question 23

What is a firewall ?

Answer 23

a system that monitors all incoming and outgoing network, traffic and blocks

Question 24

What is an Intrusion Prevention System (IPS)

Answer 24

devices that can monitor network traffic for patterns that indicate an intrusion is occurring such as a repeated failed log on attempt

Question 25

What kind of CIA is digital signature on my emails?

Answer 25

Integrity because its an hash!

Question 26

What kind of CIA is a cloud?

Answer 26

Availability because we can take as much of a data we need

Question 27

How do you select the security controls you want to use?

Answer 27

Make use of Confidentiality, Integrity, and Availability (CIA) to have proper coverage over each of those areas to make sure you're creating security for your system

Question 28

Quiz q: Which role or position maintains the overall responsibility for systems security and information assurance within an organization?

Answer 28

CISO בגלל הרמז של אוברול ריספונסביליטי, ואינפורמיישן וכו- כל הראשי תיבות פה

Question 29

Quiz q: Which type of control aims to minimize the impact of a security incident after it occurs?

Answer 29

corrective control Corrective controls are implemented to mitigate or limit the damage after a security incident has occurred. האפשרויות שהיו ולא נכונות: * Preventive control -These aim to stop security incidents before they happen * Detective control- These focus on identifying and detecting security incidents

Question 30

Quiz q: Which security control functional type is used to identify and record any attempted or successful intrusion?

Answer 30

detective control A detective control is a a type of security control that acts during an incident to identify or record that it is happening. A detective control operates during the progress of an attack. Examples include logs and security cameras which are used to maintain a record of actions taken by an attacker. האפשרויות שהיו ולא נכונות: *preventive control-These aim to stop security incidents before they happen