CISSP考试指南笔记：1.3控制类型 – 作者:buckxu

文章来自本人公众号文章：CISSP考试指南笔记：1.3控制类型

Controls are put into place to reduce the risk an organization faces, and they come in three main flavors: administrative, technical, and physical.
控制措施是为了降低组织面临的风险，这些控制措施主要有三种：管理控制、技术控制和物理控制。
Administrative controls are commonly referred to as “soft controls” because they are more management oriented.
管理控制通常被称为“软控制”，因为它们更多地是以管理为导向的。
Technical controls (also called logical controls) are software or hardware components, as firewalls, IDS, encryption, and identification and authentication mechanisms.
技术控制(也称为逻辑控制)是软件或硬件组件，如防火墙、入侵检测系统、加密以及识别和验证机制。
physical controls are items put into place to protect facility, personnel, and resources.
物理控制是为保护设施、人员和资源而设置的条目。
These control types need to be put into place to provide defense-in-depth, which is the coordinated use of multiple security controls in a layered approach.
这些控制类型需要到位以提供深度防御，即在分层方法中多个安全控制的协调使用。

更多请到本人公众号观看：CISSP考试指南笔记：1.3控制类型

来源：freebuf.com 2020-12-12 21:38:34 by: buckxu