Jump to navigation Jump to search
CISM: Controls fall into 4 categories:
- Preventative Controls
- Preventing security issues and violations through strategies such as policies and security awareness training
- Reducing exposure support prevention
- Preventive controls must fail in either open or close state (i.e. faile safe or fail secure)
- Failing-open favours availability
- Failing-closed favours confidentiality
- Training developer is a preventive control.
- Deterrent Controls
- Discouraging malicious activities using access controls or technologies such as firewalls, intrusion detection systems and motion-activated cameras
- Detective Controls
- Uncovering un-authorized activity in your environment
- Generation of an activity log is not a control by itself. It is the review of such a log that makes the activity a control (i.e., generation plus review equals control).
- Corrective Controls
- Getting your environment back to where it was prior to a security incident
- Corrective controls, such as backups and failover capabilities, are intended to offset the impact caused by successful attacks directed against information systems.
- Directive Controls
- A directive control is a manual control that typically consists of a policy or procedure that specifies what actions are to be performed. In this case, there is an automated control that prevents an event from occurring.
- Compensating Controls