Classification of countermeasures
Threats are the most important element to understand, after assets (data) and vulnerabilities. Organizations use a variety of controls as part of their security architecture to implement comprehensive protection after considering threat vectors. These security controls can be categorized in various ways. One of them is the type of control. One of the three categories that best describes these controls:
- Controls that are primarily administrative in nature: rules and procedures such as training on security awareness, standards, and practices for security, tests, and audits for security, background checks on employees and contractors, proper recruiting procedures, and controls for modification and configuration.
- Technology: hardware, software, electronics, and other controls such as Firewalls, RFID cards, Systems for Network Admission Control, RADIUS and TACACS+ servers, equipment for biometric authentication, systems for preventing intrusion (IPS), ACL-equipped routers, concentrators, and clients for virtual private networks (VPNs), solutions for one-time passwords (OTP).
- Physical: Mainly mechanical control such as methods for Discontinuous power systems (UPS), detecting intruders, systems for suppressing fires, Systematic positive airflow, security personnel, Locks \sSafes \sRacks.
Key Security Concepts
Network security is necessary to protect personal network hardware and clients from unwanted access, theft, damage, and other problems. The internet is the number one source of security threats. Control your network to protect it from these threats. The primary goal of network security is to protect Internet-connected machines from viruses and hackers. Firewalls, routers, and other devices give you control over your network’s security. Allow unauthorized access to unidentified individuals by undermining your own network security.