This chapter provided information on different types of controls. Effective controls will reduce or neutralize threats or vulnerabilities to an acceptable level. In-place controls are operating. Planned controls have a planned implementation date.
When considering additional controls, they can be evaluated in specific families. NIST SP 800-53 provides detailed guidance on 20 families of controls. Controls can also be considered as procedural, technical, and physical. Evaluating controls in all families and categories is important. For example, technical controls alone cannot address all risks.
A ________ will reduce or eliminate a threat or vulnerability.
Controls can be identified based on their function. The functions are preventive, detective, and corrective.
True
False
What are the primary objectives of a control?
Prevent, control, and attack
Prevent, respond, and log
Prevent, recover, and detect
Detect, recover, and attack
What type of control is an intrusion detection system (IDS)?
Preventive
Detective
Corrective
Recovery
Controls are often categorized based on how they are implemented. What are the three common methods of implementing controls?
Preventive, detective, and corrective
Administrative, technical, and operational
Technical, administrative, and environmental
Procedural, technical, and physical
A(n) ________ control is used to ensure that users have the rights and permissions they need to perform their jobs and no more.
Logon identifiers help ensure that users cannot deny taking a specific action, such as deleting a file. What is this called?
Digital signature
Encryption
Nonrepudiation
PKI
What should be used to ensure that users understand what they can and cannot do on systems within the network?
Acceptable use banner
Data range checks
Rules of behavior
Audit trails
What can be used to ensure confidentiality of sensitive data?
Encryption
Hashing
Digital signature
Nonrepudiation
What should be logged in an audit log?
All system events
All security-related events
The details of what happened for an event
Who, what, when, and where details of an event
An organization wants to issue certificates for internal systems, such as an internal web server. A ________ will need to be installed to issue and manage certificates.