What are security controls and their primary role?
Security controls are mechanisms, policies, or procedures that help protect an organization’s assets and data by reducing the risk landscape through prevention, detection, or mitigation of potential threats.
2
New cards
What are the four main categories of security controls?
Technical, managerial, operational, and physical.
3
New cards
Give examples of technical controls.
Firewalls, intrusion detection systems (IDS), and encryption.
4
New cards
What is a preventive control?
Preventive controls aim to stop an event or action from occurring; examples include firewalls and strong authentication methods.
5
New cards
What is the main purpose of deterrent controls?
Deterrent controls aim to discourage a potential attacker; for example, warning signs that indicate surveillance.
6
New cards
Define detective controls.
Detective controls are mechanisms that identify unwanted activities or issues, such as system monitoring and auditing.
7
New cards
What do corrective controls aim to do?
Corrective controls aim to rectify or lessen the damage caused by a security incident.
8
New cards
What are compensating controls?
Compensating controls are secondary controls implemented as interim measures when primary controls cannot be applied for technical or business reasons.
9
New cards
What are the principles of the CIA triad?
Confidentiality, integrity, and availability.
10
New cards
Explain the concept of non-repudiation.
Non-repudiation provides assurance that a specific operation or transaction has occurred and was initiated by a particular entity.
11
New cards
What does AAA stand for in security?
Authentication, Authorization, and Accounting.
12
New cards
Describe a gap analysis in cybersecurity.
Gap analysis identifies the discrepancies between the current security posture and the desired security posture.
13
New cards
What is the Zero Trust model?
The Zero Trust model assumes no trust by default, even for systems inside the network perimeter.
14
New cards
Define insider threat.
An insider threat comes from individuals within the organization who have access to sensitive information and may misuse it.
15
New cards
What role do hardware security modules (HSM) serve?
HSMs are physical devices that safeguard digital keys and perform cryptographic operations.
16
New cards
What is PKI in cybersecurity?
Public Key Infrastructure (PKI) is a framework for creating, managing, distributing, and revoking digital certificates.
17
New cards
What is the purpose of version control in change management?
Version control helps document changes, who made them, and when they were made, aiding auditing and rollback capabilities.
18
New cards
What is the difference between public key and private key?
The public key is used for encrypting data and can be shared openly, while the private key is kept secret and used to decrypt the data.
19
New cards
What are the motivations behind hacktivism?
Hacktivism is motivated by social or political agendas, often targeting institutions considered oppressive or corrupt.
20
New cards
Identify a motivation commonly associated with organized crime.
Financial gain through methods like ransomware and data theft.