Security+ SY0-701 - Chapter 1

CompTIA Security+ Study Guide Exam SY0-701

Confidentiality, Integrity, and Availability

Key objectives of cybersecurity.

Confidentiality

Objective that ensures unauthorized individuals are not able to gain access to sensitive information.

Integrity

Objective that ensures there are no unauthorized modifications to information or systems, either intentionally or unintentionally.

Availability

Objective that ensures information systems are ready to meet the needs of legitimate users at the time those users request them.

Nonrepudiation

Objective that ensures someone who performed an action cannot later deny having taken that action.

Security Incident

An occurrence characterized by the breach of an organization’s confidentiality, integrity, or availability of information or information systems.

Disclosure, Alteration, and Denial

Key threats to cybersecurity efforts.

Disclosure

Threat that causes exposure of sensitive information to unauthorized individuals, otherwise known as data loss.

Alteration

Threat that causes unauthorized modification of information and is a violation of the principle of integrity.

Denial

Threat that causes disruption of an authorized user’s legitimate access to information.

Financial, Reputational, Strategic, Operational, and Compliance

Types of breach impact risk.

Financial Risk

Risk of monetary damage to an organization as the result of a data breach.

Reputational Risk

Risk of negative publicity surrounding a security breach causing the loss of goodwill among customers, employees, suppliers, and other stakeholders.

Strategic Risk

Risk of an organization becoming less effective in meeting its major goals and objectives as a result of a breach.

Operational Risk

Risk of an organization’s inability to carry out its day-to-day functions.

Compliance Risk

Risk of a breach causing an organization to run afoul of legal or regulatory requirements.

Control Objective

Statement of a desired security state.

Security Control

A specific measure that fulfils the security objectives of an organization.

Gap Analysis

Review and examination of control objectives and the controls designed to achieve those objectives.

Gap

An occurrence of controls not meeting control objectives.

Technical, Operational, Managerial, and Physical

Categories of security controls.

Technical Control

Control that enforces confidentiality, integrity, and availability in the digital space.

Operational Control

Control that manages technology in a secure manner.

Managerial Control

Procedural mechanism that focuses on the mechanics of the risk management process.

Physical Control

Security control that impacts the physical world.

Preventative, Deterrent, Detective, Corrective, Compensating, and Directive

Types of security controls.

Preventative Control

Control intended to stop a security issue before it occurs.

Deterrent Control

Control intended to prevent an attacker from attempting to violate security policies.

Detective Control

Control intended to identify security events that have already occurred.

Corrective Control

Control intended to remediate security issues that have already occurred.

Compensating Control

Control intended to mitigate risk associated with exceptions made to a security policy.

Directive Control

Control intended to inform employees and others what they should do to achieve security objectives.

At-rest, In-transit, In-use

States of data, in regards to data protection.

At-rest Data

Stored data that resides on hard drives, tapes, in the cloud, or on other storage media.

In-transit Data

Data that is in motion/transit over a network.

In-use Data

Data that is actively being used by a computer system.

Acronym: DLP

Data Loss Prevention

DLP System

Control intended to help organizations enforce information handling policies and procedures to prevent data loss and theft.

Agent-based DLP

DLP System consisting of agents installed on systems that search those systems for the presence of sensitive information.

Agentless (network-based) DLP

DLP System consisting of dedicated devices that sit on the network and monitor outbound traffic, watching for any transmissions that contain unencrypted sensitive information.

Pattern Matching, and Watermarking

DLP mechanisms of action.

Pattern Matching

DLP mechanism that monitors for telltale signs of sensitive information.

Watermarking

DLP mechanism that monitors for unencrypted content containing electronic tags, applied by administrators to sensitive documents.

Acronym: DRM

Digital Rights Management

Data Minimization

Technique seeking to reduce risk by reducing the amount of sensitive information maintained on a regular basis.

Deidentification

Process that removes the ability to to link data back to an individual, reducing its sensitivity.

Data Obfuscation

Process that transforms data into a format where the original information can’t be retrieved.

Hashing, Tokenization, Masking

Data obfuscation tools.

Hashing

Data obfuscation tool that transforms a value in a dataset to a corresponding hash value.

Tokenization

Data obfuscation tool that replaces sensitive values with a unique identifier using a lookup table.

Masking

Data obfuscation tool that partially redacts sensitive information by replacing some or all sensitive fields with blank characters.

Access Restriction

Security measure that limits the ability of individuals or systems to access sensitive information or resources.

Geographic Restriction

Restriction that limits access to resources based on the physical location of the user or system.

Permission Restriction

Restriction that limits access to resources based on the user’s role or level of authorization.

Segmentation

Practice of placing sensitive systems on separate networks where they may communicate with each other, but have strict restrictions on their ability to communicate with systems on other networks.

Isolation

Practice of placing sensitive systems on separate networks completely cut off from access to or from outside networks.