CompTIA – Domain 1.1

These flashcards cover key concepts related to the CompTIA Security+ (SY0-701) Domain 1.1, including categories and types of security controls.

What are the four categories of security controls?

Technical, Managerial, Operational, Physical.

What defines Technical controls?

Security mechanisms implemented using technology or software to protect systems and data.

What type of controls are defined by policies and procedures?

Managerial controls.

What are Operational controls?

Day-to-day practices that maintain and enforce security.

What are Physical controls?

Tangible security measures that prevent unauthorized access to facilities or equipment.

Give an example of a Technical control.

Firewalls, encryption, or antivirus software.

What is the purpose of Preventive controls?

Controls designed to stop an attack or security event before it occurs.

What do Deterrent controls do?

Discourage an attacker from attempting malicious actions.

What is the function of Detective controls?

Identifies and alerts on potential incidents after they occur.

How do Corrective controls work?

Restores systems after an incident or limits damage.

When are Compensating controls used?

Provides alternate protection when a primary control cannot be used.

What is an example of a Directive control?

Acceptable Use Policy (AUP) or standard operating procedures (SOPs).

What are some examples of Detective controls?

Intrusion detection systems (IDS), security logs, and SIEM alerts.

What type of control would account lockout policies fall under?

Preventive controls.

What is an example of a Deterrent control?

Warning signs or security awareness posters.