Security Controls 1.1 Flashcards
Technical Controls
- Uses some form of technology to address a physical security issue.
Examples of Technical Controls
- Operating system controls
- Firewall, anti-virus
Operational Controls
- Controls implemented by people instead of systems.
- Relies more on people to set the controls.
Examples of Operational Controls
- Security guards
- Awareness programs
Managerial Controls
- Administrative controls associated with security design and implementation.
- Security policies which include standard operating procedures.
Examples of Managerial Controls
- Security policies
- Standard operating procedures
Physical Controls
- Prevent specific human interaction with a system.
Examples of Physical Controls
- Guard shack
- Fences, locks
- Badge readers
Preventive Control Types - Preventive
- Limits someones to a resource.
Preventive Control Types - Prevent Access
- Firewall rules.
- Follow security policy.
- Guard shack checks all identification.
- Enable door locks.
Preventative - Technical
Firewall, blocks access to a specific resource.
Preventative - Managerial
On-boarding policy
Preventative - Operational
Guard shack
Deterrent Control Types
- Discourage an intrusion attempt.
- Does not directly prevent access.
Preventative - Phyiscal
Door lock, preventing access to the a room.
Deterrent Control Types - Technical
Splash screen
Deterrent Control Types - Managerial
Demotion
Deterrent Control Types - Operational
Reception Desk, requires a person to operate.
Deterrent Control Types - Physical
Warning signs
Detective Control Types
- Identify and log an intrusion attempt.
- May not prevent access.
Detective Control Types - Technical
System logs
Detective Control Types - Operational
Property patrols
Detective Controls Types - Managerial
Review login reports
Detective Control Types - Physical
Motion detectors
