Ensuring Availability (39.1.7)
There are many measures that organizations can implement to ensure the availability of their services and systems, as shown in Table 39-2.
Table 39-2 Examples of Ensuring Availability
Check Your Understanding—Security Foundations (39.1.8)
Refer to the online course to complete this activity.
Access Control (39.2)
An essential goal of network security is controlling access to the network.
Physical Access Controls (39.2.1)
Physical access controls are actual barriers deployed to prevent direct physical contact with systems. The goal is to prevent unauthorized users from gaining physical access to facilities, equipment, and other organizational assets, as shown in Figure 39-5.
Figure 39-5 Examples of Physical Access Controls
For example, physical access control determines who can enter (or exit), where they can enter (or exit), and when they can enter (or exit).
Here are some examples of physical access controls:
- Guards who monitor the facility.
- Fences that protect the perimeter.
- Motion detectors that detect moving objects.
- Laptop locks that prevent theft of portable equipment.
- Locked doors that prevent unauthorized access.
- Swipe cards that allow authorized access to restricted areas.
- Guard dogs that protect the facility.
- Video cameras that monitor a facility by collecting and recording images.
- Mantrap-style entry systems that stagger the flow of people into the secured area and trap any unwanted visitors.
- Alarms that detect intrusion.
Logical Access Controls (39.2.2)
Logical access controls are the hardware and software solutions used to manage access to resources and systems. These technology-based solutions include tools and protocols that computer systems use for identification, authentication, authorization, and accounting.
Logical access control examples include
- Encryption is the process of taking plaintext and creating ciphertext.
- Smart cards have an embedded microchip.
- Passwords are protected strings of characters.
- Biometrics are users’ physical characteristics.
- Access control lists (ACLs) define the type of traffic allowed on a network.
- Protocols are sets of rules that govern the exchange of data between devices.
- Firewalls prevent unwanted network traffic.
- Routers connect at least two networks.
- Intrusion detection systems monitor a network for suspicious activities.
- Clipping levels are certain allowed thresholds for errors before triggering a red flag.
Administrative Access Controls (39.2.3)
Administrative access controls are the policies and procedures defined by organizations to implement and enforce all aspects of controlling unauthorized access.
Administrative controls focus on the following personnel and business practices:
- Policies are approved ideas or actions that guide behavior.
- Procedures are the detailed steps required to perform an activity.
- Hiring practices define the steps an organization takes to find qualified employees.
- Background checks are a type of employee screening that includes verification of past employment, credit history, and criminal history.
- Data classification categorizes data based on its sensitivity.
- Security training educates employees about the security policies at an organization.
- Reviews evaluate an employee’s job performance.