O'Reilly logo

SSCP® Systems Security Certified Practitioner All-in-One Exam Guide by Darril Gibson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Understanding the Goals of Controls

Controls and countermeasures are typically identified as one of the following three types: preventive, detective, or corrective. A preventive control attempts to prevent losses before they occur, a detective control detects violations, and a corrective control attempts to reverse the impact from a security incident.

Losses to availability, integrity, or confidentiality (AIC) can impact the organization’s mission. Figure 9-3 emphasizes that controls attempt to prevent, detect, and correct losses to any of these elements of the security triad.

image

Figure 9-3 Controls prevent, detect, and/or correct losses to AIC ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required