What is a Security Control?
Measures, safeguards, or procedures which are put into place to protect our IT infrastructure.
Do some security controls fall under multiple categories?
Yes
What are the characteristics of Technical Security Controls?
Typically something that is implemented in hardware or software
Technical = Logical
-Encryption
-Antivirus
-Firewall
-IDS/IPS
What are the characteristics of Administrative Security Controls?
Policies, Procedures, Guidelines, Strategic Measures
Managerial = Administrative
-Policy
-Procedures
-IRP (Incident Response Plan)
-BCP (Business Continuity Plan)
-Data Classification
What are the characteristics of Physical Security Controls?
Guns, Guards, Gates
-Fences
-Cameras
-Gates
-Guards
What is an Operational Security Control?
Any security procedure carried out by a person
-
Security Control Categories6
-
Security Control Types8
-
Principals of Security7
-
Authentication Factors2
-
Authorization and Access Control Models5
-
Authentication, Authorization, Accounting7
-
Principals of Zero Trust6
-
Deception and Disruption Technologies2
-
Business Processes and Security Operations8
-
Encryption Solutions9
-
Public Key Infrastructure (PKI)7
-
Examining Digital Certificates10
