Day 5 Quiz - Security Capabilities

Technical - Controls that involve implementing and configuring security technologies, such as firewalls and intrusion detection systems.

Managerial - Controls that include the creation and enforcement of security policies, procedures, and regulations to manage security practices.

Physical - Controls that focus on protecting physical environments, such as locks, security cameras, and access control systems.

Operational - Controls that encompass daily operational practices and procedures, such as user training, incident response plans, and access management.

Compensating - Provides an alternative measure when the primary control fails or is insufficient.

Preventive - Prevents security incidents by implementing measures to stop them from occurring.

Deterrent - Discourages or prevents users from engaging in unsafe or non-compliant behaviors.

Detective - Alerts administrators to potential security breaches and anomalies.

Corrective - Takes action to address and mitigate issues after they have been identified.

Directive - Implements policies and procedures to guide behavior and compliance.

Physical controls are designed to protect physical assets and infrastructure, such as security guards, locks, and surveillance cameras. They prevent unauthorized physical access to facilities and equipment.

Managerial controls involve the development and implementation of policies and procedures, such as conducting risk assessments, providing security training, and creating security policies. These controls are focused on managing and overseeing security practices within the organization.

Detective controls are implemented to identify and alert on security events that have already occurred, such as intrusion detection systems or security information and event management (SIEM) tools. These controls help in recognizing breaches and irregular activities.

Corrective controls are designed to restore systems and operations to normal after a security incident or failure has occurred. In this case, the redundant power supply system is meant to correct the situation if the primary power source fails, ensuring continuity of operations.

Confidentiality is a core principle of the CIA triad, which ensures that sensitive information is accessed only by authorized individuals. The other options are related to different aspects of security or specific security technologies.

The Policy Engine in a Zero Trust architecture evaluates and makes real-time access decisions based on security policies. The Policy Administrator manages policies, the Policy Enforcement Point enforces them, and Threat Scope Reduction pertains to minimizing trust boundaries.

Fencing is a physical security measure that involves using barriers to protect a facility. While Access Badge is also a physical security control, fencing specifically relates to physical barriers. Honeytoken is a deception technology, and Authentication is related to access control and verification.

Impact analysis helps in understanding how proposed changes will affect security and business operations. This process is critical for identifying risks and ensuring that the changes will not negatively impact the system or its security posture. The other options are not directly related to assessing the impact of changes.