Security Controls Overview Quiz

Questions and Answers

What is an example of an administrative control in the hiring process?

• Offering flexible working hours
• Conducting follow-up interviews
• Implementing a background check (correct)
• Setting a minimum salary requirement

What is the purpose of role separation in administrative controls?

• To ensure only one person manages all purchases
• To eliminate the need for background checks
• To increase the efficiency of financial transactions
• To prevent potential fraud by dividing responsibilities (correct)

Which of the following best describes the consequence of not implementing role separation?

• Greater risk of fraud within the organization (correct)
• Reduced need for administrative controls
• Increased employee satisfaction
• Higher cost efficiency in handling transactions

Which of the following is NOT an example of an administrative control?

Encryption of sensitive information (A)

What type of control would addressing potential fraud through background checks and role separation be classified as?

Administrative control (B)

Role separation helps to mitigate which of the following risks?

Fraud caused by one individual handling multiple functions (B)

How can an organization ensure effective administrative controls?

Through regular audits and assessments of control measures (C)

In the context of the content, which situation could be an outcome of inefficient role separation?

Increased likelihood of financial misconduct (B)

What is the primary purpose of role separation in an organization?

To prevent collusion between individuals in charge of POs and payment authorizations (D)

How does mandatory vacation serve as an administrative control?

It can reveal fraudulent activities if duties are taken over by others during the absence (B)

What function does a 'man-trap' provide in physical security?

Enforces identity verification by controlling entry one person at a time (A)

What is a potential use of physical sensors in a security context?

To detect unauthorized movement within a restricted area (A)

Which type of control is primarily concerned with ensuring users have only the access necessary for their job functions?

Administrative controls (D)

Which of the following is an example of a technical control?

Access control lists (B)

Which statement best describes the role of locks in physical security?

They prevent unauthorized access to sensitive areas or equipment (D)

What is the main benefit of using sensors for environmental monitoring?

To alert when environmental conditions become unsafe (B)

In the context of organizational security, what does the term 'physical control' mainly refer to?

Physical barriers or measures to protect premises (D)

What is the significance of using an access control list?

To manage permissions for network and system access (A)

What is the primary purpose of decryption in next-generation firewalls?

To allow firewalls to inspect application layer data. (C)

Which of the following is an example of a technical control related to user authentication?

Using a central AAA server. (C)

What is the implication of the zero trust model in network security?

Every device must be verified regardless of location. (C)

What is microsegmentation primarily aimed at achieving?

Enhanced control over traffic flow between devices. (B)

Which of the following scenarios best describes the use of application-layer inspection?

Filtering user access based on website categories. (B)

What is one potential downside of using technical controls?

They can be undermined by malicious software on internal devices. (A)

In a network setup with a layer 2 switch, what is a scenario that illustrates segmentation?

Using a guest Wi-Fi network isolated from the corporate network. (B)

What type of logical control can be enforced at the device level to manage access?

Segmenting the network into diverse zones with specific permissions. (B)

Why might a firewall or router consider a network segment less trusted?

Traffic patterns indicate potential vulnerabilities. (C)

What is a common misconception about encryption in network traffic?

Encrypted traffic is always secure from external threats. (C)

Flashcards are hidden until you start studying

Study Notes

Security Controls Overview

• Security vulnerability assessment identifies weaknesses in networks and systems, with a high risk of exploitation leading to significant losses.
• To mitigate these risks, security controls are implemented, categorized into administrative, physical, and technical controls.

Administrative Controls

• Background Checks: Essential for filtering unsuitable individuals during the hiring process.
• Role Separation: Division of responsibilities (e.g., separate individuals for purchase orders and payment approvals) to reduce fraud risk; implements the principle of “least privilege.”
• Mandatory Vacations: Enforced time off for employees to expose any potential fraudulent activities while ensuring job duties are covered during absence.

Physical Controls

• Person-trap: A controlled access point requiring individual authentication to prevent unauthorized entry; ensures accountability.
• Physical Guards: Personnel monitoring entry points enhance security by checking credentials.
• Locks: Used in various forms like securing wiring closets and devices to prevent unauthorized access.
• Sensors: Detects movement, monitors bodies, and tracks environmental parameters such as temperature and humidity.

Technical Controls

• Access Control Lists (ACLs): Define who has access to various systems (databases, servers) and manage data traffic flows within a network.

  Access Control Lists (ACLs) for a system can typically be found in several places, depending on the type of system or network device being used:

  1. Network Devices: For routers, switches, and firewalls, ACLs are usually configured and stored within the device's configuration files. You can access them through the device's command-line interface (CLI) or a graphical user interface (GUI) if available.

  2. Operating Systems: For both Windows and Unix/Linux systems, ACLs can be found and modified through the file system utilities. On Windows, you can view and edit ACLs using the File Explorer properties dialog and advanced security settings. On Unix/Linux, ACLs can be managed using commands like getfacl and setfacl.

  3. Database Systems: Databases often have their own access control mechanisms. ACLs or similar permission settings can be managed through database management tools or SQL commands. For example, in MySQL, you might use SQL statements to view or change user privileges.

  4. Cloud Services: For cloud-based services or platforms (like AWS, Azure, or Google Cloud), ACLs are often managed through the platform's management console or API, where you can define and view access permissions for different resources.

  5. Application-Level ACLs: Some applications have their own ACL configurations, which may be stored in configuration files or managed through an administrative interface within the application.

  To find the ACLs for a specific environment, consult the documentation for the specific hardware or software you are working with, as the method to access and manage ACLs can vary widely between different platforms and technologies.Traffic Filtering: Enforces security policies by allowing or blocking access to specific website categories based on administrative policies.

• Decryption: Firewalls decrypt traffic to inspect application layer data for security threats, ensuring enforcement of policies based on actual data content.

• Network Segmentation: Divides network into segments (e.g., guest Wi-Fi, corporate network) using controls to isolate and protect sensitive data.

• 802.1x Authentication: Ensures only authorized devices can connect to the network, enhancing security mechanisms.

Additional Concepts

• Zero Trust Model: Advocates skepticism regarding trust within any network segment, reinforcing controls regardless of internal and external device status.
• Microsegmentation: Fine-grained control over which devices can communicate with others within the same network, further enhancing security by limiting access to sensitive servers and resources.