CompTIA+Security++(SY0-701)+Study+Guide

What is the focus of the CompTIA Security+ (SY0-701) certification?

It focuses on the ability to assess the security posture of an enterprise environment.

What are the prerequisites recommended by CompTIA for taking the Security+ certification?

The recommendation is to have earned CompTIA A+ and Network+ certifications or equivalent experience.

What percent of the CompTIA Security+ exam covers Security Operations?

28%.

What is the minimum passing score for the Security+ certification exam?

750 points out of 900.

What are the three aspects of the CIA triad in information security?

Confidentiality, Integrity, and Availability.

What does the Zero Trust model operate on regarding trust?

It operates on the principle that no one should be trusted by default.

What is a vulnerability according to the lecture notes?

Any weakness in system design or implementation.

What is Non-Repudiation in cybersecurity?

It guarantees that an action or event cannot be denied by the involved parties.

What does the 'Authentication' within the Triple A's of Security refer to?

Verifying the identity of a user or system.

What is RAID, and why is it used?

RAID (Redundant Array of Independent Disks) combines multiple disk drives into a single unit to increase redundancy and protect data.

What are blind spots in security?

These occur when security measures do not protect all potential vulnerabilities, especially in complex systems.

What is the purpose of a risk assessment in vulnerability management?

To evaluate potential risks and decide on priorities for addressing vulnerabilities.

What actions are suggested to handle insider threats?

Employee training, monitoring, and a culture of reporting suspicious activities.

What is the function of a Web Application Firewall (WAF)?

It inspects HTTP traffic to prevent common web application attacks such as cross-site scripting and SQL injections.

How does the principle of least privilege relate to user access?

Users are granted only the access necessary to perform their job functions.

What is multi-factor authentication (MFA)?

A security process that requires users to provide multiple methods of identification to verify their identity.

What is vulnerability scanning?

The automated process of probing systems, networks, or applications for known vulnerabilities.

What does the term 'Digital Forensics' refer to?

The systematic investigation and analysis of digital devices and data to uncover evidence for legal purposes.

What is threat intelligence?

The analysis and application of knowledge about existing or emerging hazards to an organization's assets.

Why is patch management important in cybersecurity?

It involves applying updates to fix vulnerabilities, thereby protecting systems against exploits.

What is the main goal of an incident response plan?

To minimize the impacts of security incidents on the organization.

What does DLP stand for in data protection?

Data Loss Prevention.

What does SIEM stand for and its primary function?

Security Information and Event Management; it integrates security information from multiple sources for analysis and alert generation.

Which attack involves sending unsolicited messages via Bluetooth?

Bluejacking.

What does LDAP stand for and its purpose?

Lightweight Directory Access Protocol; it is used for accessing and maintaining distributed directory information.

What is a brute-force attack?

An attempt to guess passwords or encryption keys by trying every possible combination.

What is the primary goal of Social Engineering attacks?

To manipulate individuals into breaching security practices through exploitation of human psychology.

What common action is recommended for securing mobile devices?

Implementing Mobile Device Management (MDM) solutions.

What is the consequence of a successful SQL Injection attack?

The attacker may gain unauthorized access to the database and manipulate its data.

What two key aspects are involved in auditing systems?

Configuration auditing and compliance verification.

What is the significance of a secure baseline?

It establishes a standard security posture for systems to minimize vulnerabilities.

What defines a secure software development lifecycle?

Incorporating security practices throughout the software development process, from design to deployment.

What does encryption achieve in data protection?

It transforms data into a code to prevent unauthorized access.

What is the purpose of a data retention policy?

To define the guidelines for how long data should be stored and when it should be disposed of.

What are common indicators of compromise (IoC)?

Signs of a potential security breach, such as account lockouts and concurrent session usage.

What is a denial-of-service (DoS) attack?

An attack intent on making a computer or server's resources unavailable to its intended users.

What is privilege escalation in cybersecurity?

The exploitation of a vulnerability to gain elevated access to resources that are normally protected.

What is the benefit of using multifactor authentication (MFA)?

It provides an additional layer of security for user verification and reduces the likelihood of unauthorized access.

What should be included in a resilience and recovery strategy?

Regular testing and validation of recovery plans to ensure they are effective during incidents.

What does the term 'sandboxing' refer to in application security?

Isolating running programs to prevent them from accessing critical resources on the host.

What is the purpose of a data retention policy?

To define the guidelines for how long data should be stored and when it should be disposed of.

What is malware?

Malware is malicious software designed to harm, exploit, or otherwise compromise computers, networks, or devices.