Skip to content

Page041

Access Control Defensive Categories and Types

In order to understand and appropriately implement access controls, understanding what benefits each control can add to security is vital. In this section, each type of access control will be defined on the basis of how it adds to the security of the system.

There are six access control types:

  • Preventive
  • Detective
  • Corrective
  • Recovery
  • Deterrent
  • Compensating

These access control types can fall into one of three categories: administrative, technical, or physical.

  1. Administrative (also called directive) controls are implemented by creating and following organizational policy, procedure, or regulation. User training and awareness also fall into this category.
  2. Technical controls are implemented using software, hardware, or firmware that restricts logical access to an information technology system. Examples include firewalls, routers, encryption, etc.
  3. Physical controls are implemented with physical devices, such as locks, fences, gates, and security guards.

Preventive

Preventive controls prevent actions from occurring. It applies restrictions to what a potential user, either authorized or unauthorized, can do. The assigning of privileges on a system is a good example of a preventive control because having limited privileges prevents the user from accessing and performing unauthorized actions. unauthorized actions on the system. An example of an administrative preventive control is a pre-employment drug screening. It is designed to prevent an organization from hiring an employee who is using illegal drugs.

Note: Some sources use the term “preventive,” and others use “preventative” (extra “ta”). As far as the exam is concerned, they are synonyms.

Detective

Detective controls are controls that alert during or after a successful attack. Intrusion detection systems alerting after a successful attack, closed-circuit television cameras (CCTV) that alert guards to an intruder, and a building alarm system that is triggered by an intruder are all examples of detective controls.

Corrective

Corrective controls work by “correcting” a damaged system or process. The corrective access control typically works hand in hand with detective access controls. Antivirus software has both components. First, the antivirus software runs a scan and uses its definition file to detect whether there is any software that matches its virus list. If it detects a virus, the corrective controls take over, and place the suspicious software in quarantine.