Implementing Controls to Protect Assets
CompTIA Security+ objectives covered in this chapter:
1.2 Given a scenario, analyze potential indicators to determine the type of attack. • Physical attacks (Malicious universal serial bus (USB) cable, Malicious flash drive, Card cloning, Skimming)
2.1 Explain the importance of security concepts in an enterprise environment. • Data sovereignty, Geographical considerations, Site resiliency (Hot site, Cold site, Warm site)
2.5 Given a scenario, implement cybersecurity resilience. • Redundancy (Geographic dispersal), Disk (Redundant array of inexpensive disks (RAID) levels, Multipath), Network (Load balancers, Network interface card (NIC) teaming, Power (Uninterruptible power supply (UPS), Generator, Dual supply, Managed power distribution units (PDUs)), Replication (Storage area network) • Backup types (Full, Incremental, Snapshot, Differential, Tape, Disk, Copy, Network attached storage (NAS), Storage area network, Cloud, Image, Online vs. offline, Offsite storage (Distance considerations)) • High availability (Scalability), Restoration order, Diversity (Technologies, Vendors, Controls)
2.7 Explain the importance of physical security controls. • Bollards/barricades, Badges, Alarms, Signage, Cameras (Motion recognition, Object detection), Closed-circuit television (CCTV), Industrial camouflage • Personnel (Guards, Robot sentries, Reception, Two-person integrity/control) • Locks (Biometrics, Electronic, Physical, Cable locks), Lighting, Fencing, Fire suppression • Sensors (Motion detection, Noise detection, Proximity reader, Moisture detection, Cards, Temperature) Drones, Visitor logs, Faraday cages, Air gap, Protected cable distribution • Secure areas (Air gap, Vault, Safe, Hot aisle, Cold aisle)
3.3 Given a scenario, implement secure network designs..4 • Load balancing (Active/active, Active/passive, Scheduling, Virtual IP, Persistence)
4.2 Summarize the importance of policies, processes, and procedures for incident response. • Exercises (Tabletop, Walkthroughs, Simulations) • Disaster recovery plan, Business continuity plan, Continuity of operation planning (COOP)
5.1 Compare and contrast various types of controls. • Control type (Physical)
5.3 Explain the importance of policies to organizational security. • Organizational policies (Asset management)
5.4 Summarize risk management processes and concepts. • Disasters (Environmental, Person-made, Internal vs. external) • Business impact analysis (Recovery time objective (RTO), Recovery point objective (RPO), Mean time to repair (MTTR), Mean time between failures (MTBF), Functional recovery plans, Single point of failure, Disaster recovery plan (DRP), Mission essential functions, Identification of critical systems, Site risk assessment)
You can’t eliminate risk to an organization’s assets. However, you can reduce the impact of many threats by implementing security controls. It’s common to implement several controls using a layered strategy with a diverse assortment of controls, vendors, and technologies. Physical security controls help protect access to secure areas. Redundancy and fault-tolerance strategies help eliminate single points of failure for critical systems. Backups ensure that data remains available even after data is lost. More in-depth business continuity strategies help ensure mission-critical functions continue to operate even if a disaster destroys a primary business location. This chapter covers these concepts.