1.1 Security Controls

🏠

Categories

Technical

Technical security controls involve the use of technology to protect systems and data.

Example: Firewall filtering network traffic based on rules.

flowchart subgraph Firewall firewall -->|Inspect traffic| Application firewall -->|Allow/Deny| Network firewall -->|Log events| Logging end

Managerial

Managerial security controls focus on policies, procedures, and governance.

Example: Developing a security policy that outlines acceptable use of company resources.

flowchart subgraph Policy policy -->|Define rules| Resources policy -->|Enforce rules| Employees end

Operational

Operational security controls deal with day-to-day tasks and processes to maintain security.

Example: Conducting regular security training for employees.

flowchart subgraph Training training -->|Plan sessions| Employees training -->|Conduct sessions| Instructors end

Physical

Physical security controls safeguard the physical environment and assets.

Example: Installing security cameras to monitor the data center's entrance.

flowchart subgraph SecurityCameras cameras -->|Monitor| Entrance cameras -->|Record footage| Storage end

Control Types

Preventive

Preventive security controls aim to stop security incidents from happening.

Example: Installing antivirus software on all computers.

flowchart subgraph PreventiveControl antivirus -->|Scan files| Malware antivirus -->|Update definitions| AntivirusVendor end

Deterrent

Deterrent security controls discourage potential attackers from initiating security incidents.

Example: Posting warning signs on a property.

flowchart subgraph DeterrentControl warning -->|Display signs| Intruders end

Detective

Detective security controls focus on identifying and responding to security incidents as they occur.

Example: Implementing log monitoring and analysis.

flowchart subgraph DetectiveControl logs -->|Collect data| LogServer logs -->|Analyze data| SecurityTeam end

Corrective

Corrective security controls are designed to correct the impact of a security incident and prevent recurrence.

Example: Applying patches to fix vulnerabilities.

flowchart subgraph CorrectiveControl patches -->|Apply patches| VulnerableSystems end

Compensating

Compensating security controls are used when standard controls cannot be applied, providing an alternative safeguard.

Example: Isolating a system that cannot receive regular security updates.

flowchart subgraph CompensatingControl isolation -->|Isolate system| IsolatedSystem end

Directive

Directive security controls include policies and procedures that guide security actions.

Example: Establishing an incident response plan.

flowchart subgraph DirectiveControl plan -->|Develop plan| IncidentResponseTeam plan -->|Execute plan| IncidentResponders end