Access Control Defensive Categories and Types:
- Access Control Types (Many can be multiple types – On the exam look at question content to see which type it is).
- Preventative:
- Prevents action from happening – Least Privilege, Drug Tests, IPSs, Firewalls, Encryption.
- Detective:
- Controls that detect during or after an attack – IDSs, CCTVs, Alarms, anti-virus.
- Corrective:
- Controls that Correct an attack – Anti-virus, Patches, IPSs.
- Recovery:
- Controls that help us Recover after an attack – DR Environments, Backups, HA Environments .
- Deterrent:
- Controls that Deter an attack – Fences, Security Guards, Dogs, Lights, Beware of the dog signs.
- Compensating:
- Controls that Compensate – other controls that are impossible or too costly to implement.
- Preventative: