These are the controls implemented to protect CIA of valuable information assets.
It is the collections of policies, rules regulations, laws, customs. Things that are documented or are understood that define how we are supposed to behave. It establishes some expectation of compliance and performance. There will be a penalty if we don't abide by the law.
If you run a stop sign you'll get $100 ticket.
It is also referred to as logical controls or software controls. Permissions, encryption, firewall rules, Antivirus software and signature database, IDS/IPS all fall under technical controls. These are normally implemented by system administrator following various policies and procedures.
Like rule in firewall: If you see any incoming packet to port 22 deny.
This controls i anything that you can bang your head or drop on your foot :D. Walls, doors, locks, security guards, guard dogs, cameras, lights, fences, firewall appliances, IDS/IPS sensors.
- Administrative Controls
It is the collections of policies, rules regulations, laws, customs. Things that are documented or are understood that define how we are supposed to behave. It establishes some expectation of compliance and performance. There will be a penalty if we don't abide by the law.
If you run a stop sign you'll get $100 ticket.
- Technical Controls
It is also referred to as logical controls or software controls. Permissions, encryption, firewall rules, Antivirus software and signature database, IDS/IPS all fall under technical controls. These are normally implemented by system administrator following various policies and procedures.
Like rule in firewall: If you see any incoming packet to port 22 deny.
- Physical Controls
This controls i anything that you can bang your head or drop on your foot :D. Walls, doors, locks, security guards, guard dogs, cameras, lights, fences, firewall appliances, IDS/IPS sensors.
No comments:
Post a Comment