What are Security Controls?
Safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets.
What is a Control Framework?
A set of controls that protects data within the IT infrastructure of a business or other entity.
What are the key components of a control framework?
- Objective setting
- Event identification and response plans
- Compliance with government and industry requirements
- Monitoring processes
- Control activities
Which controls categories are there?
- Compensating controls
- Corrective controls
- Detective controls
- Deterrent controls
- Directive controls
- Preventive controls
- Recovery controls
Which control types are there?
- Administrative controls (or Management controls)
- Physical controls (or Operational controls)
- Technical controls (or Logical controls)
What is confidentiality?
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
Which control methods can be used to protect confidentiality?
- Access restriction
- Information categorization
- Data classification
- Awareness training
- Password best practices
- Data encryption
- Multi-factor authentication
- Biometric verification
- Security tokens
- Principle of Least Privilege
- Identification, authentication, authorization through access controls
What is Integrity?
Guarding against improper information modification or destruction and includes ensuring information non-repudiation and authenticity.
What are the possible consequences of integrity loss?
- Unintentional changes
- Unauthorized changes
- Accidental changes
- Inconsistent behavior
- Inaccurate information
- Data corruption
- Data destruction
- Untrustworthy information
- Poor business decisions
- Processing errors
What control methods can be used to protect integrity?
- Data encryption
- Hashing algorithms
- Segregation of duties
- Approval checkpoints
- Testing
- Change management and version control
- File permissions
- Access controls
- Detection
- Response and recovery
- Backups and redundancy
- Secure storage
- Log collection
What is the definition of availability?
Ensuring timely and reliable access to and use of information
What are the possible consequences of information availability loss?
- Data loss
- Unreachable data
- Service interruption or loss
- Communication bottlenecks
- Connection interruptions
- Network intrusions
- Loss of productivity
- Loss of revenue
What control methods can be used to protect availability?
- Hardware maintenance and repair
- System upgrades
- Provide adequate communication bandwidth
- Redundancy and failover
- High availability
- Disaster recovery
- Business continuity
- Incident management
- Data backup
- Security equipment
- Anti-malicious code detection
What is a cyber threat?
A potential cause of incident that results in harm.
What’s a vulnerability?
Weakness of an asset that can be exploited by a threat.
What’s a penetration testing?
An authorized, simulated attack, to gain assurance in the security of an IT system by attempting to breach some or all of its security, using the same tools and techniques that an adversary might.
What are some technology controls for endpoint security?
- Identity and Access Management (IAM) tools
- Full Disc Encryption (FDE)
- File Level Encryption (FLE)
- Self-Encryption Device (SED)
- Anti-Malware Protection (AMP)
What are some process controls for endpoint security?
- Device Handling and management policies
- IAM governance
What are some technology controls for security architecture?
- Network segregation
- Penetration testing
- Defence in depth
What are some process controls for security architecture?
- Principle of least privilege
- Design and architecture reviews
- System and security audits
What are some technology controls for firewalls?
- Firewall analyzer
- Network segmentation
- Anti-virus
- Data backup and disaster recovery
What are some process controls for firewalls?
- Policy
- Formalized change control process for firewall rule management
- Principle of least privilege
- Defence in depth
What are some technology controls for anti-virus and anti-malware?
- Defence in depth
- Workstation and network-based AV/AM software
- Security Information and Event Management (SIEM) software
- Intrusion detection and prevention software
What are some process controls for anti-virus and anti-malware?
- Hunt teams
- Security operations center
- Information security policies
- Security awareness training
- Principle of least privilege
