Shared Flashcard Set

Details

CEH Certified Ethical Hacker 312-50:CISSP controls
CEH Certified Ethical Hacker 312-50:CISSP controls
7
Computer Science
Professional
02/05/2014

Additional Computer Science Flashcards

 


 

Cards

Term
DDPCDCR (mnemonic: Disturbingly delicious pigs coached devious cats religiously)
Definition
Directive, deterrent, preventative, compensating, detective, corrective, recovery
Term
Directive security controls
Definition
Equivalent of administrative controls. Govern some action be taken to protect sensitive organizational information. Can be in the form of a policy, procedure, or guideline.
Term
Preventive Security Controls
Definition
Stop actions from occurring. It applies restrictions to what a potential user, either authorized or unauthorized, can do.
Term
Compensating security controls
Definition
Provide an alternative to normal controls that cannot be used for some reason. For instance, a certain server cannot have antivirus software installed because it interferes with a critical application. This would be used to increase monitoring of that server or isolate that server on its own network segment.
Term
Detective security controls
Definition
Like a burglar alarm. They perceive and report an unauthorized or undesired event (or an attempted undesired event). Invoked after the undesirable event has occurred. Example are log monitoring and review, system audit, file integrity checkers, and motion detection.
Term
Corrective security controls
Definition
Used to respond to and fix a security incident; also limit or reduce further damage from an attack. Examples follow: Procedure to clean a virus from an infected system, A guard checking and locking a door left unlocked by a careless employee, updating firewall rules to block an attacking IP address.
Term
Recovery security controls
Definition
Put a system back into production after an incident. For example, after a disk failure,data is restored from a backup tape.
Supporting users have an ad free experience!