Learning Security+ Issue 7

D369
2 min readMay 12, 2022
Learning Security+ Mitigating Threats

Key Takeaways

  • Physical Controls are things, like locks, cameras, ID cards, guards, etc.
  • Technical Controls are things, like encryption, ACLs, authentication, etc.
  • Administrative Controls are things like policies, procedures, training, etc. They are procedural or legal/regulatory.

Mitigating Threats

Now that we’ve learned a bit about the types of threat actors and security threats out there, let’s take a look at some of the main ways to mitigate them.

We have:

Physical Controls

These are things in the real-world environment that we can use to deter or prevent attacks from occurring. Some examples would alarm systems, locks, surveillance cameras, identification cards, security guards, etc. All of these kinds of things.

Technical Controls

There are many technical controls ranging from physical to digital. Smart cards, encryption, access control lists (ACLs), intrusion detection systems, and network authentication are all examples of technical controls. There are many more, as well.

Administrative Controls

These kinds of controls are things like policies, procedures, security awareness training, contingency planning, and disaster recovery plans. User training would fit this type of control and is the considered to be one of the most cost-effective security methods.

Administrative controls come in two flavors: procedural and legal. Procedural controls are methods put in place by choice while legal–or regulatory–controls are ones a company has to impliment and adhere to.

Summary

Knowing the threats is half the battle. Knowing the correct methods to use in order to mitigate them fills in the rest. InfoSec pros need to use combinations of physical, technical, and administrative controls that are specific for each individual situation.

Security threats come in many forms, as mentioned. Beginning with the next issue, we’ll be taking more detailed looks into the most common types, beginning with malware.

Resources

Issue 7 Flash Cards By D369

References

--

--