Security Controls – CompTIA Security+ SY0-501 – 5.7


There are many different
security risks out there, and there are all
different shapes and forms. We have to protect
ourselves against someone walking in the door and
stealing our equipment. And we also have to protect
ourselves from somebody attacking us online. We also have different kinds of
assets that we need to secure, not just the data that’s
inside of our systems, but we also need to protect the
physical systems themselves. As a security
professional, your job will be to stop the security
events that can be prevented. You want to minimize
the impact of those that you can’t and
limit any damage that may occur during one of
these security incidents. There’s three
different control types that most security
professionals will implement. The first we’ll look at is
a technical control type. This is where we’re using
the systems and the software inside of our infrastructure
to be able to limit the impact or to prevent a security event. There are also
administrative control types that can help people
understand how to manage the security
in your environment. Formal security policies and
standard operating procedures are good examples of an
administrative control type. And we have physical
control types that exist in the real world. These might be controls
such as fences or locks that separate people
physically from our systems. One type of security
control is a deterrent. This is a type of control
that may not necessarily prevent someone from
performing an attack, but it may give them a warning,
such as a sign that you might put on a fence or login
banner that someone sees when they first connect to a system. The preventive
security control is one that will keep people
away from your systems. This might be a door
lock or a security guard, where you can physically
separate someone from your systems. You could also use a firewall
as a technical control type to be able to implement a
preventive security control. A detective security
control is going to be able to tell you when
a particular event occurs. This may not keep someone
away from the system, but it may provide you
with a log or a way to track when anyone happens to
come near any of your systems. In the physical world,
a motion detector is a very good detective
security control. And on our systems, we commonly
use an intrusion detection system or an intrusion
prevention system. A compensating security
control doesn’t stop an attack. But it can get you back up
and running using other means. For example, if someone
attacks your systems and deletes all
of your data, you can compensate for this by
restoring all of the data from your known good backups. And a corrective
security control is designed to mitigate
any damage that may be created by an attack. For example an IPS is a
good way to block an attack as the attack is occurring
across our network. If someone is using ransomware
to encrypt our files, we can correct that by using
our backups to restore the files back to their original form.

Posts Tagged with…

Write a Comment

Your email address will not be published. Required fields are marked *