Administrative (Directive) Controls: Organizational policies and procedures.
Technical Controls: Hardware, software, firmware (e.g., firewalls, encryption).
Physical Controls: Physical barriers (e.g., locks, fences, guards).
Preventative: Stops unauthorized actions.
Detective: Identifies unauthorized actions.
Corrective: Fixes issues caused by unauthorized actions.
Recovery: Restores systems after an attack.
Deterrent: Discourages attacks.
Compensating: Provides alternative safeguards.
Fences (Deterrence, Preventative): Smaller fences deter, while taller ones prevent unauthorized access.
Gates (Deterrence, Preventative): Control points at the perimeter.
ASTM Standard:
Bollards (Preventative): Prevent vehicle access while allowing foot traffic.
Lights (Detective and Deterrence): Fully illuminate the area to deter and detect intruders.