2 cissp ® Official Study Guide Eighth Edition


Corrective Access Control



Download 19,3 Mb.
Pdf ko'rish
bet542/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   538   539   540   541   542   543   544   545   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Corrective Access Control
A
corrective control
modifi es the environment to return 
systems to normal after an unwanted or unauthorized activity has occurred. Corrective 
controls attempt to correct any problems that occurred because of a security incident. 
Corrective controls can be simple, such as terminating malicious activity or rebooting a 
system. They also include antivirus solutions that can remove or quarantine a virus, backup 
and restore plans to ensure that lost data can be restored, and active intrusion detection 
systems that can modify the environment to stop an attack in progress. 
Chapter 16, “Managing Security Operations,” covers intrusion detection 
systems and intrusion prevention systems in more depth.
Deterrent Access Control
A
deterrent access control
attempts to discourage security 
policy violations. Deterrent and preventive controls are similar, but deterrent controls often 
depend on individuals deciding not to take an unwanted action. In contrast, a preventive 
control blocks the action. Some examples include policies, security awareness training, 
locks, fences, security badges, guards, mantraps, and security cameras. 
Recovery Access Control
A
recovery access control
attempts to repair or restore 
resources, functions, and capabilities after a security policy violation. Recovery controls are 
an extension of corrective controls but have more advanced or complex abilities. Examples 
of recovery access controls include backups and restores, fault-tolerant drive systems, 
system imaging, server clustering, antivirus software, and database or virtual machine 
shadowing. 
Directive Access Control
A
directive access control
attempts to direct, confi ne, or control 
the actions of subjects to force or encourage compliance with security policies. Examples 
of directive access controls include security policy requirements or criteria, posted notifi ca-
tions, escape route exit signs, monitoring, supervision, and procedures. 

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   538   539   540   541   542   543   544   545   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish