CompTIA Sec+ SY0-701 - Domain 1 Quiz 1
This deck covers key concepts from the CompTIA Security+ SY0-701 exam, focusing on security controls, the CIA triad, and various security models.
Which type of security control aims to limit the damage of an attack after it has occurred? a. Detective b. Preventive c. Deterrent d. Corrective
Corrective
Corrective controls aim to limit the damage after an attack has occurred and restore system functionality.
Key Terms
Which type of security control aims to limit the damage of an attack after it has occurred? a. Detective b. Preventive c. Deterrent d. Corrective
Corrective
Corrective controls aim to limit the damage after an attack has occurred and restore system functionality...
What does the “A” stand for in the CIA triad? a. Availability b. Authentication c. Accounting d. Authorization
Availability
Availability is the correct component of the CIA triad, focusing on ensuring that data is accessible wh...
Which of the following is considered a managerial control? a. Video Surveillance b. Firewall c. Security Policy d. Encryption
Security Policy
A security policy is a managerial control as it focuses on governance and policy settings.
What is non-repudiation primarily concerned with? a. Ensuring data is not tampered with b. Ensuring system uptime c. Proving the origin of a message d. Ensuring only authorized personnel access data
Proving the origin of a message
Non-repudiation ensures that a message sender cannot deny the authenticity of the me...
Which type of security control is a bio-metric scanner? a. Managerial b. Technical c. Operational d. Physical
Technical
A bio-metric scanner is a technical control involving technology to authenticate users.
In the context of physical security, what is the primary purpose of bollards? a. To detect unauthorized access b. To prevent vehicle intrusion c. To surveil areas d. To encrypt data
To prevent vehicle intrusion
Bollards act as physical barriers to prevent vehicles from entering restricted areas.
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
Which type of security control aims to limit the damage of an attack after it has occurred? a. Detective b. Preventive c. Deterrent d. Corrective | Corrective Corrective controls aim to limit the damage after an attack has occurred and restore system functionality. |
What does the “A” stand for in the CIA triad? a. Availability b. Authentication c. Accounting d. Authorization | Availability Availability is the correct component of the CIA triad, focusing on ensuring that data is accessible when needed. |
Which of the following is considered a managerial control? a. Video Surveillance b. Firewall c. Security Policy d. Encryption | Security Policy A security policy is a managerial control as it focuses on governance and policy settings. |
What is non-repudiation primarily concerned with? a. Ensuring data is not tampered with b. Ensuring system uptime c. Proving the origin of a message d. Ensuring only authorized personnel access data | Proving the origin of a message Non-repudiation ensures that a message sender cannot deny the authenticity of the message sent. |
Which type of security control is a bio-metric scanner? a. Managerial b. Technical c. Operational d. Physical | Technical A bio-metric scanner is a technical control involving technology to authenticate users. |
In the context of physical security, what is the primary purpose of bollards? a. To detect unauthorized access b. To prevent vehicle intrusion c. To surveil areas d. To encrypt data | To prevent vehicle intrusion Bollards act as physical barriers to prevent vehicles from entering restricted areas. |
What is the main function of a compensating control? a. To enforce mandatory security protocols b. To actively deter potential attackers c. To detect and log security incidents d. To provide alternative protection when primary controls fail | To provide alternative protection when primary controls fail Compensating controls offer alternative protection mechanisms when primary controls are ineffective, not feasible, or unavailable. |
What does “AAA” stand for in the context of security? a. Adaptive, Authorization, Authentication b. Availability, Authorization, Accounting c. Authentication, Authorization, Accounting d. Accounting, Authorization, Adaptive | Authentication, Authorization, Accounting AAA stands for Authentication, Authorization, and Accounting in the context of security. |
What is the primary purpose of a honeypot? a. To encrypt data b. To deceive attackers c. To authorize users d. To prevent attacks | To deceive attackers Honeypots are decoy systems designed to deceive attackers and gather information about their tactics. |
What is the primary purpose of physical controls? a. To create barriers and surveillance b. To correct the actions of people and systems c. To detect anomalies or intrusions d. To mandate specific actions or processes | To create barriers and surveillance Physical controls create barriers and surveillance to protect assets and data. |
Which type of control is a security awareness training program? a. Physical b. Corrective c. Technical d. Managerial | Managerial Managerial controls involve governance and policy settings; a security awareness training program is an example. |
Which of the following is primarily concerned with preventing unauthorized disclosure of information? a. Confidentiality b. Availability c. Integrity d. Authorization | Confidentiality Confidentiality is concerned with preventing unauthorized disclosure of information. |
Which of the following is an example of a preventive control? a. Security Policy b. Firewall c. Incident Response Plan d. Access Control Procedures | Firewall A firewall is a preventive control that prevents unauthorized access. |
Which type of control is a Data Loss Prevention (DLP) system? a. Directive b. Compensating c. Operational d. Technical | Technical DLP systems are hardware or software-based controls designed to enforce security measures, making them technical controls. |
What is the primary objective of the Zero Trust model? a. To trust all devices outside the network perimeter b. To always trust, never verify c. To never trust, always verify d. To trust all devices inside the network perimeter | To never trust, always verify The primary objective of the Zero Trust model is to “never trust, always verify” regardless of whether the traffic originates from inside or outside the organization. |