Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
We begin this discussion on control types by examining what a control is and what type of policy, security, and or other enforcement solution it provides. Then we name and examine the various types of controls, their benefits and impact on the network, and how they are also interrelated as a corporate management and security strategy. [toggle_content title="Transcript"] Now we are looking at control types. Types of controls we have. First, we discuss what is control, control is something we put in place, a component, a solution we put in place to implement and enforce the security requirements of an organization. This could be hardware, software or some sort of utility that you have in place to implement and enforce the security requirements of the organization. We have several types of controls. We have deterrent controls. Deterrent controls are controls that discourage potential attackers. These controls are aimed at discouraging potential attackers. Attackers are discouraged to go to attack your facility or your resources so they go elsewhere. You move the attack away from yourself. We also have preventive controls. Preventive controls avoid the incident from occurring. We also have detective controls. These are controls put in place to identify an incident or activities that have taken place. It's also to possibly identify potential intruders onto your network or your facility. Detective controls would identify an incident or activities that have taken place. They potentially also could identify intruders. We have compensating controls. These are alternative controls that could be used in place of other controls. May be the initial control is cost prohibitive you could use an alternative control that still achieves the same purpose. We refer to those as compensating controls. Controls like passwords, smart-cards, encryption, network authentication controls that are put in logically. Finally for controls we have administrative controls. This includes policies and procedures put in place by management. Administrative Controls are policies and procedures put in place by management. Usually the policies are simply a collection of rules by management. These are broken down into the procedures as to how the work would be carried out. That way management is in control of what is taking place. These are administrative controls. I'll see you in our next video. [/toggle_content]