1.0 General Security Concepts — Security+ SY0-701 Notes

0.0(0)
Studied by 0 people
linked notesView linked note
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/26

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 7:01 PM on 6/21/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

27 Terms

1
New cards

Security Controls

Measures used to protect assets, prevent security events, minimize impacts, and limit damages.

2
New cards

Control Categories

Different types of security controls including technical, managerial, operational, and physical.

3
New cards

Technical Controls

Controls implemented using technology, such as firewalls and anti-virus systems.

4
New cards

Managerial Controls

Administrative policies related to security design and implementation.

5
New cards

Operational Controls

Security measures that are implemented by people instead of systems, such as security guards.

6
New cards

Preventive Controls

Measures put in place to block access to resources or prevent security breaches.

7
New cards

Detective Controls

Controls used to identify and log potential security breaches or unauthorized access.

8
New cards

Corrective Controls

Actions taken after a security event has occurred to mitigate damage and restore systems.

9
New cards

Non-repudiation

A principle ensuring that a party cannot deny the authenticity of their signature on a document or a message.

10
New cards

CIA Triad

A framework consisting of Confidentiality, Integrity, and Availability principles for information security.

11
New cards

Confidentiality

Ensuring that sensitive information is accessible only to those authorized to have access.

12
New cards

Integrity

The assurance that data has not been altered in an unauthorized manner.

13
New cards

Availability

Ensuring that information and resources are accessible to authorized users when needed.

14
New cards

Authorization

The process of determining whether a user or system has permission to access a resource.

15
New cards

Gap Analysis

Assessment to identify the difference between the current state of security and the desired state.

16
New cards

Zero Trust Model

A security framework where no one is trusted by default and verification is required for every access request.

17
New cards

Public Key Infrastructure (PKI)

A system that creates, manages, and stores digital certificates for secure identity verification.

18
New cards

Asymmetric Encryption

A type of encryption that uses a pair of keys (public and private) for secure data exchange.

19
New cards

Symmetric Encryption

An encryption method where the same key is used for both encrypting and decrypting data.

20
New cards

Digital Certificates

Electronic documents used to prove the ownership of a public key.

21
New cards

Certificate Authority (CA)

An entity that issues digital certificates, acting as a trusted third party.

22
New cards

Hashing

The process of converting input data into a fixed-size string of characters, which is typically a hash code.

23
New cards

Steganography

The act of concealing messages or information within other non-secret text or data.

24
New cards

Tokenization

The process of replacing sensitive data with unique identification symbols or tokens.

25
New cards

Encrypted Data

Data that has been transformed into a format that cannot be read without a decryption key.

26
New cards

Cryptographic Keys

Strings of bits used by encryption algorithms to transform plaintext into ciphertext and vice versa.

27
New cards

Key Exchange

The method of sharing encryption keys securely over potentially unsecured channels.