Professional Documents
Culture Documents
Introduction:
1
Goals of Security Controls
Types of Security Controls: These controls can be categorized into several types:
2
Firewalls and Network Security: Firewalls are used to monitor and
control incoming and outgoing network traffic based on predetermined
security rules. Other network security controls include intrusion
detection and prevention systems (IDPS), VPNs (Virtual Private
Networks), and secure network architecture designs.
Endpoint Security: Protecting individual devices such as computers,
laptops, and mobile devices. Antivirus software, endpoint encryption,
and application whitelisting are examples of endpoint security controls.
Encryption: Protects data by converting it into a cipher text that can
only be read by authorized parties who possess the decryption key.
Logging and Monitoring: This involves collecting, analyzing, and
monitoring logs and events from various systems to identify and
respond to security incidents. Security Information and Event
Management (SIEM) tools fall into this category.
3
Who is allowed? & who is not allowed
4
2- Detective Controls: الضوابط االستكشافيةThese controls are designed to identify
and detect security incidents or breaches that have occurred. Intrusion
detection systems, security monitoring tools, and log analysis are examples of
detective controls.
5
Summary