Managerial Controls - Policies and procedures to manage security; e.g., risk assessments, security training, third-party risk management., Operational Controls - Day-to-day procedures that support security; e.g., incident response plans, awareness training, change management., Technical Controls - Use of technology to reduce vulnerabilities; e.g., firewalls, antivirus software, encryption, IDS/IPS., Preventive Controls - Stop security incidents before they happen; e.g., access controls, security awareness training, firewalls., Detective Controls - Identify and detect security incidents; e.g., audit logs, motion sensors, antivirus alerts., Corrective Controls - Fix issues after an incident; e.g., backups, system patches, restoring from backup., Deterrent Controls - Discourage threat actors; e.g., warning signs, security cameras, guards., Compensating Controls - Alternative control when primary control isn’t feasible; e.g., increased monitoring when MFA isn’t available.,

SECURITY CONTROLS

Autor
Ispis
Postavi

Top-lista

Vizualni stil

Postavke

Promijeni predložak

Vrati automatski spremljeno: ?