Every organization needs security principles
The CIA security triad is made up of three core goals:
- Confidentiality
- Integrity
- Availability
1.1 Compare and contrast various types of security controls
To begin to understand what a security control is. It’s important to first understand what a control is. In cybersecurity, a “control”, is a safeguard or countermeasure put in place to reduce risks and ensure confidentiality, integrity, and availability in information systems.
- Technical Control – Think of technology such as firewall, IDS, IPS, and SIEMS. Technologies such as encryption could be a control due to the aid it provides in keeping information confidential.
- Managerial Control – This would deal with things such as conducting vulnerability assessments and risk assessments
- Operational Control – This has to do more with ensuring that the day to day operations are staying on track with the organizations overall security plan. This can be implemented with policies, training and awareness, and configuration management
- Physical Control – Controls that you can physically touch such as locks, fences, and sensors
- asdfasdf
- asdfasdf
- sad