Learn Different types of Security Controls in CISSP

0
5778
Security Controls

After introducing the three categories of security countermeasures: technical, physical, and administrative, it is time to classify them according to their functional uses. An important article to read; so have a nice reading.

Functional Use of Security Controls
The functional use of a specific security countermeasure is the purpose or reason for choosing and implementing this countermeasure.

To get the idea closer to minds, consider the following example:

Before you take the decision to purchase an antivirus software and spend several hundreds of thousands of dollars for buying licenses and etc. (and also spend days of discussions with the top management to convince them of the importance of having a regularly updated antivirus installed on the machines, and the serious dangers of being infected by a virus or worm). There may be specific reasons for looking for an antivirus, which in this case is to protect your hosts from being infected by viruses, and to prevent virus and worm from spreading in your network.

Video surveillance cameras are another great form of security measure. Using this technology helps both detect any suspicious actions, and discourages intruders by making them feel fear of being discovered and prosecuted.

In this context, security controls could be classified to the following types:

Preventive:
When you decide to use a preventive countermeasure, you want to prevent a malicious action from occurring by blocking or stopping someone or something from doing or causing so.
Examples for such type of controls are:

  • Firewalls.
  • Intrusion Prevention Systems IPS.
  • Security Guards.
  • Biometric Access Control.
  • Using Encryption.
  • Video Surveillance.
  • Fences.
  • Strong Authentication.
  • Locks.
  • Mantraps.
  • Antivirus Software.

Detective:
Detective countermeasures are implemented to help detect any malicious activities.
A detective controls doesn’t stop or mitigate intrusion attempts; it only identifies and reports them. Examples of this type are:

  • Intrusion Detection Systems IDS.
  • Alarms.
  • Lights.
  • Motion Detectors.
  • Security Guards.
  • Video Surveillance.
  • Logs and Audit Trails.
  • Enforcing Staff Vacations.

Corrective:
These type of controls attempt to get the system back to normal.
Examples for this type are:

  • Restoring operating system or data from a recent backup.
  • Updating an outdated antivirus.
  • Installing a fix.

Deterrent:
An organization implements deterrent controls in an attempt to discourage attackers from attacking their systems or premises. In other words, a deterrent countermeasure is used to make an attacker or intruder think twice about his malicious intents.
Deterrent controls include:

  • Fences.
  • Security Guards.
  • Dogs.
  • Lights.
  • Video Surveillance.
  • Alarms.

Recovery:
Recovery countermeasures aim to complement the work of corrective countermeasures. They also try to get the system back to its normal condition before the attack occurred.
Recovery controls include:

  • Disaster Recovery Site.
  • System and Data backups.
  • High Availability.

Compensating:
A compensating control provides an alternate solution to a countermeasure that is either impossible or too expensive to implement.

As you may notice, one control may serve in one, two or more functional types. For example, the security guards are considered to be preventive, detective, and deterrent as well.

Summary

In terms of their functional usage, security countermeasures can be classified to be: preventive, detective, deterrent, corrective, recovery, and compensating.
The same countermeasure may serve in one or more purposes.

In the next article, we will talk about Security Governance. See you.

LEAVE A REPLY

Please enter your comment!
Please enter your name here