IT Examiner School - Oct 2025

First page Table of contents Previous page 113 Next page Last page

Internal Use Only

13

Information Security Principles: Controls

Preventative Controls:

• Designed to stop an incident before it happens • Example: MFA, employee training, access controls

•Policies, procedures, training, risk assessments •Example: Acceptable Use Policy, Incident Response Plan.

Administrative Controls :

Detective Controls: Corrective Controls:

• Designed to identify or alert to incidents in progress or after they occur • Example: IDS/IPS, audit logs, security cameras

• Designed to restore systems or limit damage after an incident • Example: Backup restoration, patching, incident response plans • Designed to discourage or prevent malicious activity by increasing the perception of consequences for violation of policies. • Login Banners, Disciplinary action. •Designed to mitigate risk when a primary or required control is not feasible or practical , ensuring the control objective is still met. •Increased monitoring when MFA is not implemented, Short password expiration when password complexity isn’t supported.

• Technology-based safeguards • Example: Firewalls, antivirus software, MFA, encryption

Technical Controls:

Deterrent

•Protect physical access to systems and infrastructure •Example: Locked doors, security guards, surveillance cameras

Physical Controls:

Compensating

Internal Use Only

CIA Control Table - Confidentiality

Preventative

Detective

Corrective

• Security Policy • Security Awareness Training • HR/Employee Policy • Access Control Lists • Data Classification and Labeling • Access Control User Review • Guards • Fences • Mantraps • Locks • Paper Shredder • Physical Security Cameras • Authentication with Complex Passwords • Biometrics • Multi-Factor Authentication • Encryption

• Security Officer Description/Duties • Log Reviews • Automatic Notification Systems • Audits • Security Reviews

• Data Loss Prevention Solution • Encryption for Data at Rest • Encryption for Data in Transit • Incident Response Policy (Evidence Retention/Forensics)

Administrative

• Premises Alarm Systems • Motion Detector • Fences • Mantraps • Security Guards

• Log Security and Retention • Access Control by Zones • Badges/Proximity Cards

Physical

• Intrusion Detection Systems (IDS) • Intrusion Prevention System (IPS) • Security Event Management (SEIM)

• Countermeasures • Log Forensics • Reboot/Restart • Patch Deployment

Technical

Made with FlippingBook Learn more on our blog