CompTIA_Security__Complete_Study_Guide_Exam_SY0-701-20-47

What are security controls and their primary role?

Security controls are mechanisms, policies, or procedures that help protect an organization’s assets and data by reducing the risk landscape through prevention, detection, or mitigation of potential threats.

What are the four main categories of security controls?

Technical, managerial, operational, and physical.

Give examples of technical controls.

Firewalls, intrusion detection systems (IDS), and encryption.

What is a preventive control?

Preventive controls aim to stop an event or action from occurring; examples include firewalls and strong authentication methods.

What is the main purpose of deterrent controls?

Deterrent controls aim to discourage a potential attacker; for example, warning signs that indicate surveillance.

Define detective controls.

Detective controls are mechanisms that identify unwanted activities or issues, such as system monitoring and auditing.

What do corrective controls aim to do?

Corrective controls aim to rectify or lessen the damage caused by a security incident.

What are compensating controls?

Compensating controls are secondary controls implemented as interim measures when primary controls cannot be applied for technical or business reasons.

What are the principles of the CIA triad?

Confidentiality, integrity, and availability.

Explain the concept of non-repudiation.

Non-repudiation provides assurance that a specific operation or transaction has occurred and was initiated by a particular entity.

What does AAA stand for in security?

Authentication, Authorization, and Accounting.

Describe a gap analysis in cybersecurity.

Gap analysis identifies the discrepancies between the current security posture and the desired security posture.

What is the Zero Trust model?

The Zero Trust model assumes no trust by default, even for systems inside the network perimeter.

Define insider threat.

An insider threat comes from individuals within the organization who have access to sensitive information and may misuse it.

What role do hardware security modules (HSM) serve?

HSMs are physical devices that safeguard digital keys and perform cryptographic operations.

What is PKI in cybersecurity?

Public Key Infrastructure (PKI) is a framework for creating, managing, distributing, and revoking digital certificates.

What is the purpose of version control in change management?

Version control helps document changes, who made them, and when they were made, aiding auditing and rollback capabilities.

What is the difference between public key and private key?

The public key is used for encrypting data and can be shared openly, while the private key is kept secret and used to decrypt the data.

What are the motivations behind hacktivism?

Hacktivism is motivated by social or political agendas, often targeting institutions considered oppressive or corrupt.

Identify a motivation commonly associated with organized crime.

Financial gain through methods like ransomware and data theft.