Objective 5.1 - Controls

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/8

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

9 Terms

1
New cards

Managerial Control

A category of security control that gives oversight of the information system. Risk assessments, vulnerability assessments.

2
New cards

Operational Control

help ensure that the day-to-day operations of an organization comply with the security policy. Awareness and training, configuration management, media protection, physical and environment protection.

3
New cards

Technical Control

A category of security control that is implemented as a system (hardware, software, or firmware). Technical controls may also be described as logical controls. Encryption, antivirus software, IDSs, IPSs, Firewalls, Least privilege

4
New cards

Preventative Control

attempt to prevent an incident before it occurs. n Hardening, training, Security guards, change management, account disablement policy

5
New cards

Detective Control

Attempt to discover incidents after they have occurred. Log monitoring, SIEM systems, security audit, video surveillance, Motion detection, IDSs

6
New cards

Corrective Control

attempt to reverse the impact of an incident; includes IPS, backups and system recovery. Backups and system recovery, incident handling processes.

7
New cards

Deterrent Control

attempt to discourage individuals from causing an incident. Cable locks, physical locks

8
New cards

Compensating Control

are alternative controls when a primary control is not feasible

9
New cards

Physical Control

refer to controls you can physically touch