CompTIA Security+ 701 - Security Controls Final Push

Technical Controls

Controls implemented using systems

- Develop P&P to allow/disallow functions from occurring

- Firewalls, anti-virus & other software

Managerial Controls

Administrative controls associated with security design & implementation

- Policies that explain best use practices for devices, data & OS

- SOP (standard operating procedures)

Operational Controls

Controls implemented by people instead of systems

- Security guards, awareness programs, etc.

Physical Controls

Controls that limit someone's physical access to a place or device

- Guard shack, fences, locks, badge readers, etc.

Preventative (Control Type)

Block access to a resource ("You shall not pass")

- firewall rules (T), security policy (M), guard shack ID checks (O), door locks (P)

Deterrent (Control Type)

Discourages intrusion attempt but does not directly prevent access (make attacker think twice )

- app splash screen (T), threat of demotion (M), reception desk (O), warning signs (P)

Detective (Control Type)

Identifies & logs intrusion attempts but may not prevent access

- collect & review system logs (T), review login reports (M), property patrols (O), motion detectors (P)

Corrective (Control Type)

Applies a control AFTER an event has been detected. Can sometimes reverse the impact of an event or be able to continue business operations with minimal downtime.

- backup recovery (T), policies for reporting security issues (M), contact authorities (O), fire extinguisher (P)

Compensating (Control Type)

Using other means when current ones aren't sufficient to deal with that particular security event

- block instead of patch (T), separation of duties (M), multiple security staff (O), power generator (P)

Directive (Control Type)

Relatively weak; directing someone to do something more secure (relies on person to actually follow directive)

- file storage policies (T), compliance policies (M), security policy training (O), authorized only signs (P)