About Me
CompTIA PenTest+
1 Threats, Attacks, and Vulnerabilities
1-1 Common Threat Actors
1-2 Threat Intelligence Sources
1-3 Threat Actors and Motives
1-4 Threat Actor Tactics, Techniques, and Procedures (TTPs)
1-5 Vulnerability Types
1-6 Exploit Types
1-7 Attack Types
1-8 Threat Detection and Monitoring
1-9 Threat Hunting
1-10 Incident Response
2 Architecture and Design
2-1 Security Controls
2-2 Network Architecture
2-3 Cloud and Virtualization
2-4 Web Application Security
2-5 Wireless Security
2-6 Mobile Security
2-7 IoT Security
2-8 Industrial Control Systems (ICS) Security
2-9 Physical Security
2-10 Secure Software Development
3 Tools and Code
3-1 Penetration Testing Tools
3-2 Exploitation Tools
3-3 Post-Exploitation Tools
3-4 Reporting Tools
3-5 Scripting and Automation
3-6 Programming Languages
3-7 Code Analysis
3-8 Open Source Intelligence (OSINT) Tools
4 Planning and Scoping
4-1 Penetration Testing Methodologies
4-2 Legal and Compliance Considerations
4-3 Scope Definition
4-4 Risk Assessment
4-5 Threat Modeling
4-6 Information Gathering
4-7 Asset Identification
4-8 Data Classification
4-9 Business Impact Analysis
4-10 Penetration Testing Objectives
5 Information Gathering and Vulnerability Identification
5-1 Passive Reconnaissance
5-2 Active Reconnaissance
5-3 Vulnerability Scanning
5-4 Network Mapping
5-5 Service Identification
5-6 Web Application Scanning
5-7 Wireless Network Scanning
5-8 Social Engineering Techniques
5-9 OSINT Techniques
5-10 Vulnerability Databases
6 Attacks and Exploits
6-1 Exploit Development
6-2 Buffer Overflows
6-3 SQL Injection
6-4 Cross-Site Scripting (XSS)
6-5 Cross-Site Request Forgery (CSRF)
6-6 Command Injection
6-7 Privilege Escalation
6-8 Lateral Movement
6-9 Evasion Techniques
6-10 Exploit Delivery Methods
7 Penetration Testing Process
7-1 Pre-Engagement Activities
7-2 Reconnaissance
7-3 Scanning and Enumeration
7-4 Exploitation
7-5 Post-Exploitation
7-6 Reporting
7-7 Remediation
7-8 Retesting
7-9 Documentation and Evidence Collection
7-10 Communication and Coordination
8 Reporting and Communication
8-1 Report Structure
8-2 Executive Summary
8-3 Technical Findings
8-4 Risk Assessment
8-5 Remediation Recommendations
8-6 Legal and Compliance Considerations
8-7 Presentation Skills
8-8 Communication with Stakeholders
8-9 Documentation Standards
8-10 Continuous Improvement
9 Security and Compliance
9-1 Regulatory Requirements
9-2 Industry Standards
9-3 Compliance Audits
9-4 Data Protection
9-5 Privacy Laws
9-6 Incident Response Planning
9-7 Disaster Recovery Planning
9-8 Business Continuity Planning
9-9 Risk Management
9-10 Security Awareness Training
2.1 Security Controls

2.1 Security Controls

Security controls are measures implemented to protect an organization's assets from threats. They are essential for maintaining the confidentiality, integrity, and availability of information systems. Understanding different types of security controls is crucial for effective cybersecurity.

Key Concepts

1. Administrative Controls

Administrative controls are policies and procedures established to manage and govern the security of an organization. These controls focus on the human element and include guidelines, standards, and best practices. They are often documented in security policies and are enforced through training and awareness programs.

Example: A company might implement a security policy that requires all employees to undergo regular cybersecurity training. This ensures that staff are aware of potential threats and know how to respond to them.

2. Technical Controls

Technical controls are hardware or software solutions designed to protect information systems. These controls are implemented through technology and include firewalls, intrusion detection systems (IDS), antivirus software, and encryption tools. They are automated and help in detecting, preventing, and responding to security incidents.

Example: A firewall is a technical control that filters incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks, preventing unauthorized access.

3. Physical Controls

Physical controls are measures taken to protect the physical assets of an organization. These controls include access controls, surveillance systems, and environmental controls. They are designed to prevent unauthorized physical access to sensitive areas and equipment.

Example: A data center might use biometric access controls, such as fingerprint scanners, to ensure that only authorized personnel can enter. Additionally, surveillance cameras monitor the premises to detect and deter unauthorized activities.

Examples and Analogies

Consider an analogy of a fortified castle to understand the different types of security controls:

1. Administrative Controls: The castle's rules and regulations, such as who is allowed to enter and when, are akin to administrative controls. These rules are enforced through training and awareness programs for the castle's inhabitants.

2. Technical Controls: The castle's drawbridge, moat, and walls are like technical controls. These physical barriers are designed to prevent unauthorized access and protect the castle from external threats.

3. Physical Controls: The guards stationed at the castle gates and the surveillance towers are examples of physical controls. They monitor and control access to the castle, ensuring that only authorized individuals can enter.

By implementing a combination of administrative, technical, and physical controls, organizations can create a robust security framework that protects their assets from a wide range of threats.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.