Eady, L-Final Report-ISSC361.docx - Eady 1 Security...

This preview shows page 1 - 4 out of 14 pages.

Eady 1Security ControlsISSC361Security Controls Lakeidra EadyJanuary 19, 2020ISSC361American Military University Sensitive information is to be protected at all costs. Due to the
Eady 2Security ControlsISSC361potential impact of confidentiality, integrity, and availability loss, every individual and organization should establish security controls. To do this, any weakness in the security of the system should be resolve. Next, all authorized users should be limited to only necessary functions needed to perform their daily tasks. This event is a technique called least privilege. When limiting the functionality and resolving security weaknesses, attackers are left with fewer opportunities to breach the systems. Security plays a vital part in Information Assurance (IA). IA is the method of managing risks associated with the use, processing, storage, and transmission of information and the systems used for these purposes.Information Assurance is the shielding of the authenticity, integrity, non-repudiation, availability, and confidentiality of user data. These tasks are accomplished with the use of physical, technical, and administrative controls. The IA roles that will be discussed in this report are the security controls. Where information technology and networking are concerned security is the biggest issue. These counter measures are needed to protect any sensitive items from unwanted access. Security measures reduce the risk of damage, loss, or slowing of an attack. There are three various types of controls with distinct purposes. We will go over the security controls amongst the several variations of safeguards. Security Controls are catalog of when and how they react to a securitythreat. These controls can be preventive, detective or corrective. A
Eady 3Security ControlsISSC361preventive control is simple, it stops or deters an attack before it happens. A detective control, alert's users and the security to an ongoing threat by sounding an alarm. The corrective controls take over after an attack has happened and helps the organization recover and refocus as swiftly and methodically as possible.Along with timing security controls are also categorized. They can be legal, technical, regulatory, procedural, physical, or compliance controls. A physical control will be a fence, door, or lock i.e., a material barrier. The classification of a physical barrier is the protection of personnel, hardware, data, networks, and programs from loss or theft. There are various components of a physical control such as obstacles, surveillance, and methods of apprehension. These types of controls mitigate any identified risks by implementing guidelines, procedures, and policies. Procedural controls differ from other controls by forcing the users to follow rules or perform authentication steps.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture