Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sec+ > Security Controls > Flashcards

Security Controls Flashcards

1
Q

What is in the Technical Control Category?

A

The technologies, hardware, and software mechanisms that are implemented to manage and reduce risks. Antivirus, firewalls, encryption processes, IDS. Any tool that can automatically protect your system integrity, confidentiality, or availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

What is in the Managerial Controls (Administrative Controls) Category?

A

Involve the strategic planning and governance side of security. Ensure that the organization’s security strategies align with its business goals and its risk tolerance. Security Policies, Training programs, and incident response strategies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is in the Operational Controls Category?

A

Procedures and measures designed to protect data on a day-to-day basis are mainly governed by internal processes and human action. Password changes every 90 days, backup procedures, account reviews, and user training programs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is in the Physical Controls Category?

A

Tangible, real-world measures are taken to protect assets and exist outside of the digital world: surveillance cameras, biometrics, reinforced doors, and fences.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are Preventative Controls?

A

Proactive measures are implemented to thwart potential security threats or breaches. firewalls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are Deterrent Controls?

A

Aim to discourage potential attackers by making the effort seem less appealing or more challenging. Signs or warning banners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are Detective Controls?

A

Monitor and alert organizations to malicious activity as it occurs or shortly thereafter. Cameras, IDs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are Corrective Controls?

A

Mitigate any potential damage and restore the systems to their normal state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are Compensating Controls?

A

Alternative measures that are implemented when the primary security controls are not feasible or effective. Legacy computer doesn’t support WPA3 so you use WPA2 and VPN on top of that.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are Directive Controls?

A

It is often rooted in policy or documentation and sets the standards for behaviour within an organization. Acceptable Use Policy (AUP) provides guidelines on how employees can use company-owned assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a GAP Analysis?

A

Process of evaluating the differences between an organization’s current performance and its desired performance. Identify where improvement can be made to bridge the gap between current and desired states.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the steps in a GAP Analysis?

A
  1. Define the Scope
  2. Gather data on the current state
  3. Analyze the data to identify gaps
  4. Develop a plan to bridge the gap
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Sec+ (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions