Term
| DDPCDCR (mnemonic: Disturbingly delicious pigs coached devious cats religiously) |
|
Definition
| Directive, deterrent, preventative, compensating, detective, corrective, recovery |
|
|
Term
| Directive security controls |
|
Definition
| Equivalent of administrative controls. Govern some action be taken to protect sensitive organizational information. Can be in the form of a policy, procedure, or guideline. |
|
|
Term
| Preventive Security Controls |
|
Definition
| Stop actions from occurring. It applies restrictions to what a potential user, either authorized or unauthorized, can do. |
|
|
Term
| Compensating security controls |
|
Definition
| Provide an alternative to normal controls that cannot be used for some reason. For instance, a certain server cannot have antivirus software installed because it interferes with a critical application. This would be used to increase monitoring of that server or isolate that server on its own network segment. |
|
|
Term
| Detective security controls |
|
Definition
| Like a burglar alarm. They perceive and report an unauthorized or undesired event (or an attempted undesired event). Invoked after the undesirable event has occurred. Example are log monitoring and review, system audit, file integrity checkers, and motion detection. |
|
|
Term
| Corrective security controls |
|
Definition
| Used to respond to and fix a security incident; also limit or reduce further damage from an attack. Examples follow: Procedure to clean a virus from an infected system, A guard checking and locking a door left unlocked by a careless employee, updating firewall rules to block an attacking IP address. |
|
|
Term
| Recovery security controls |
|
Definition
| Put a system back into production after an incident. For example, after a disk failure,data is restored from a backup tape. |
|
|
