Chapter 1 Β· Helper 3

Real-World Examples

See how security controls apply in actual organizational scenarios.

Real-World

Hospital Network β€” Layered Controls

A hospital uses technical controls (network segmentation, encrypted databases) to protect patient records. Managerial controls (HIPAA policies, staff training requirements) define the rules. Operational controls (nurses must badge into medication rooms) add human layers. Physical controls (biometric door locks, security cameras in server rooms) protect infrastructure. Each layer compensates for the weaknesses of the others.

Incident

Ransomware Attack β€” Corrective Controls in Action

A manufacturing company suffered a ransomware attack that encrypted 200 workstations. The detective control (SIEM) identified unusual encryption activity at 2 AM. The incident response team activated corrective controls: isolating infected machines (technical), restoring from offsite backups (technical/operational), and contacting law enforcement (operational). A compensating control (blocking SMB traffic at the perimeter firewall) prevented spread until patching was complete.

Exam Scenario

Which Type Is This? β€” Guard at the Entrance

A security guard stationed at the reception desk who checks employee IDs can simultaneously be:

On the exam: read carefully. The question will tell you the primary purpose β€” deterring, preventing, or detecting. The guard is most often classified as deterrent in CompTIA scenarios.

Real-World

Legacy System β€” Compensating Control

A financial institution runs a critical payment system on Windows Server 2008 R2, which no longer receives security patches. Instead of replacing the system immediately (too costly), the security team implements a compensating control: strict firewall rules allowing only specific IP addresses to communicate with the server, disabling unnecessary services, and adding enhanced logging. This reduces risk while a long-term replacement is planned.

Exam Scenario

Preventive vs. Deterrent β€” Know the Difference

This is a common exam trap:

Key test: Can the attacker still get through despite the control? If yes β†’ deterrent. If it stops them physically/logically β†’ preventive.

Real-World

Security Awareness Training β€” Directive + Operational

A global bank requires all employees to complete annual phishing simulation training. The directive control (policy mandating the training) establishes the requirement. The operational control (the awareness program itself, delivered by the security team) educates staff to recognize suspicious emails. After training, the click rate on phishing simulations drops by 60% β€” evidence the directive control influenced behavior.