Comptia security+

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/82

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

83 Terms

1
New cards

categories of security controls-technical(logical)

controls enforced through tech

2
New cards

what is an example of technical security 2

firewalls and encryption

3
New cards

categories of security controls-managerial

controls implemented through administrative actions & policies

4
New cards

what is an example of managerial examples 2

risk assessments and security policies

5
New cards

categories of security controls-operational

day to day procedures carries out by ppl

6
New cards

example of operational security 2

backups and incident response

7
New cards

categories of security controls-physical

controls that prevent physical access to systems/data

8
New cards

example of physical security 3

security guards, locks, fences

9
New cards

types of security control-preventative

stops threat before it occurs

10
New cards

example of preventative security 2

firewalls, password policies

11
New cards

types of security control- deterrent

discourages an attacker from attacking

12
New cards

example of deterrent security 2

cameras, security system

13
New cards

types of security control-detective

Identify and record incidents

14
New cards

example of detective security 3

cameras, log monitoring, intrusion detection system (IDS)

15
New cards

types of security control-corrective

fixes/mitigates damage after an incident

16
New cards

example of corrective security 2

patch management, backup restoration

17
New cards

types of security control-compensating

alternative control used when a primary one isn’t feasible

18
New cards

example of compensating 1

securing guard checks IDs while scanner is down

19
New cards

What are the 3 elements in the CIA triad

confidentiality, integrity, availability

20
New cards

cia triad- confidentiality

ensures only authorized users access data

21
New cards

cia triad- confidentiality example

encryption

22
New cards

cia triad-integrity

ensures data is accurate and unaltered

23
New cards

cia triad- integrity example

hashing

24
New cards

cia triad- availability

ensures data/ systems are accessible when needed

25
New cards

cia triad-availability example

backups

26
New cards

Non-repudiation

prevents denial of actions/communications

27
New cards

Non-repudiation example

digital signals prove when actions are completed

28
New cards

AAA-authentication

verify identity

29
New cards

AAA-authorization

determines access level

30
New cards

AAA-authorization Role Based Access Control

access based on job role

31
New cards

AAA-authorization attribute based access control

access based attributes (time, device, location)

32
New cards

AAA-accounting

logs and monitors activity

33
New cards

Gap analysis

compares current security posture to desired (compliance) standard and identify whats missing and what to improve

34
New cards

What is the main goal of zero trust architecture

never trust always verify

35
New cards

ZTA-control plane- adaptive identity

adjusts authentication based on behavior and context

36
New cards

ZTA-control plane-threat scope reduction

minimizes what resources are exposed

37
New cards

ZTA-control plane-policy driven access control

rules define who can do what when and how

38
New cards

ZTA-control plane-policy admin

communicates access decisions to enforcement points

39
New cards

ZTA-control plane-policy engine

evaluates context and decides access

40
New cards

ZTA-data plane-implicit trust zones

avoid assuming internal network is safe

41
New cards

ZTA-data plane-subjects/systems

users/apps accessing resources

42
New cards

ZTA-data plane-policy enforcement point

enforces decisions from the policy engine

43
New cards

physical security- bollards

prevent vehicle ramming

44
New cards

physical security- access control vestibule

locks down access between 2 doors

45
New cards

physical security- fencing

perimeter defense

46
New cards

physical security- video surveillance

monitoring and evidence collection

47
New cards

physical security- access badges

controlled physical access

48
New cards

physical security- lighting

enhances visibility and deters threats

49
New cards

physical security- sensors

detect physical presence

50
New cards

deception & disruption tech- honeypot

fake system to attract attackers

51
New cards

deception & disruption tech- honeynet

network of honeypots

52
New cards

deception & disruption tech- honeyfile

decoy file with fake data

53
New cards

deception & disruption tech- honeytoken

embedded bait to trigger alerts if used

54
New cards

Why is change management important to security

ensures that modifications to a system, software or configurations are handled in a secure manner. Minimizes risk, ensures accountability, and maintains compliance

55
New cards

processes that impact security- approval processes

ensures only authorized changes are made

56
New cards

processes that impact security- ownership

assigns responsibility for each change

57
New cards

processes that impact security- stakeholders

involve relevant parties to assess risks

58
New cards

processes that impact security- impact analysis

Identifies security implications

59
New cards

processes that impact security- test results

validates that changes don’t cause vulnerabilities

60
New cards

processes that impact security- back out plan

enables recovery if changes cause failure or threats

61
New cards

processes that impact security- maintenance window

defines secure steps for changes

62
New cards

technical implications-allow/deny lists

updates must reflect newly authorized IPs

63
New cards

technical implications-restricted activities

changes must not violate security policies

64
New cards

technical implications-downtime

planned downtime shouldnt create gaps in monitoring

65
New cards

technical implications-service/app restart

ensures security logging authentication and controls persist after restart

66
New cards

technical implications-legacy apps

May be incompatible with modern security tools/practices

67
New cards

technical implications-dependencies

changes must consider impact on linked systems and services

68
New cards

documentation- updating programs

reflects architecture

69
New cards

documentation-updating policies/procedures

ensures security processes stay aligned with system changes

70
New cards

documentation- version control

tracks changes to configuration/code enabling rollback and accountability

71
New cards

public key infrastructure

enables secure communication through a system of public and private keys

72
New cards

public key infrastructure- public keys

shared key sued to encrypt data/ verify digital signatures

73
New cards

public key infrastructure- private key

secret key used to decrypt data/create digital signatures

74
New cards

public key infrastructure- key escrow

secure storage of encryption keys in case recovery is needed

75
New cards

lvl or encryption- full disk

encrypts entire drive

76
New cards

lvl or encryption-partition/volume

protects a section of storage

77
New cards

lvl or encryption- file

encrypts individual files

78
New cards

lvl or encryption-database/record

encrypts sensitive database entries for compliance

79
New cards

encryption of transit-symmetric

same key to encrypt and decrypt

80
New cards

encryption of transit-asymmetric

public/ private key pair

81
New cards

encryption of transit-key change

securely share keys

82
New cards

encryption of transit- algorithms

defines the method of encryption

83
New cards

encryption of transit-key length

longer keys= stronger security