Types of Access Control

1. Directive controls promote security awareness and direct compliant behaviors, e.g., policies, posters, and signs.
2. Deterrent controls discourage violation of security policies and reduce or eliminate the motive of unauthorized behaviors, e.g., guards and mantraps.
3. Preventive controls raise the hurdle and thwart the breaching attempts, e.g., firewalls, intrusion prevention systems (IPS), and antivirus software.
4. Detective controls monitor and report potential or undergoing breaching attempts, e.g., intrusion detection systems (IDS), honeypots or honeynets, and reviews.
5. Corrective controls stop the breaching attempts to maintain or restore normal operations or service level, e.g. Trusted Recovery and Antivirus Software (Quarantining a virus).
6. Recovery controls recover from disruption and restore to normal operations and service level if breaching attempts disrupt the operations or services, e.g., backup and restore, system imaging, and shadowing.
7. Compensating controls provide contingent or alternative protection to existing controls. For example, a PIN code is compensating for the Windows Hello facial recognition.