StudyXY
RegisterLog in
Information Technology /CompTIA Sec+ SY0-701: Domain 1, Quiz 1

CompTIA Sec+ SY0-701: Domain 1, Quiz 1

Information Technology15 CardsCreated about 2 months ago

This set of flashcards covers key concepts in cybersecurity, including different types of security controls, the CIA triad, managerial controls, and non-repudiation.

PrintEmbedImportReport

Which type of security control aims to limit the damage of an attack after it has occurred?

a. Detective
b. Preventive
c. Deterrent
d. Corrective

Corrective

Corrective controls aim to limit the damage after an attack has occurred and restore system functionality.

Tap or swipe ↕ to flip
Swipe ←→Navigate
SSpeak
FFocus
1/15

Key Terms

Term
Definition

Which type of security control aims to limit the damage of an attack after it has occurred?

a. Detective
b. Preventive
c. Deterrent
d. Corrective

Corrective

Corrective controls aim to limit the damage after an attack has occurred and restore system functionality...

What does the “A” stand for in the CIA triad?

a. Availability
b. Authentication
c. Accounting
d. Authorization

Availability

Availability is the correct component of the CIA triad, focusing on ensuring that data is accessible wh...

Which of the following is considered a managerial control?

a. Video Surveillance
b. Firewall
c. Security Policy
d. Encryption

Security Policy

A security policy is a managerial control as it focuses on governance and policy settings.

What is non-repudiation primarily concerned with?

a. Ensuring data is not tampered with
b. Ensuring system uptime
c. Proving the origin of a message
d. Ensuring only authorized personnel access data

Proving the origin of a message

Non-repudiation ensures that a message sender cannot deny the authenticity of the me...

Which type of security control is a bio-metric scanner?

a. Managerial
b. Technical
c. Operational
d. Physical

Technical

A bio-metric scanner is a technical control involving technology to authenticate users.

In the context of physical security, what is the primary purpose of bollards?

a. To detect unauthorized access
b. To prevent vehicle intrusion
c. To surveil areas
d. To encrypt data

To prevent vehicle intrusion

Bollards act as physical barriers to prevent vehicles from entering restricted areas.

Log in to view all terms

Related Flashcard Decks

Information Technology

Security+ (SY0-701): Additional Knowledge

This flashcard set explores various cybersecurity topics including credential-stuffing attacks, data classification (e.g., private data), and key disaster recovery metrics like RTO. It also highlights protective measures such as hashing for data integrity, automation support challenges, and the use of URL scanning in web filtering to prevent malware infections.

10 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 5.0 Security Program Management and Oversight

This flashcard set covers key concepts in cybersecurity governance frameworks, including centralized governance, data stewardship roles, and compliance laws like SOX. It also addresses environments supporting development and change management, as well as recovery strategies like Recovery Point Objective (RPO) to minimize data loss during system failures.

8 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice: 4.0 Security Operations

This flashcard set explores advanced cybersecurity practices including refining SIEM alert handling, email security protocols (DKIM, DMARC), secure authentication methods, and strategic threat-hunting. It emphasizes how to enhance incident response efficiency and leverage proactive defense techniques like maneuvering to counteract potential threats.

11 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 2.0 Threats, Vulnerabilities, and Mitigations

This deck covers key concepts related to threats, vulnerabilities, and mitigations in cybersecurity, focusing on virtual machine security.

1 cards
View Deck
Information Technology

Security+ (SY0-701): Cert Master Practice; 1.0 General Security Concepts

This flashcard deck covers key concepts from the Security+ (SY0-701) exam, focusing on general security concepts such as technical and operational controls, policy enforcement, and tokenization.

6 cards
View Deck
Information Technology

Security+ (SY0-701): Lesson 16: Summarize Data Protection Part 2

This flashcard deck covers key concepts from the Security+ (SY0-701) Lesson 16, focusing on data protection methods, DLP components, and security awareness training.

25 cards
View Deck

Study Tips

  • Press F to enter focus mode for distraction-free studying
  • Review cards regularly to improve retention
  • Try to recall the answer before flipping the card
  • Share this deck with friends to study together
CompTIA Sec+ SY0-701: Domain 1, Quiz 1
TermDefinition

Which type of security control aims to limit the damage of an attack after it has occurred?

a. Detective
b. Preventive
c. Deterrent
d. Corrective

Corrective

Corrective controls aim to limit the damage after an attack has occurred and restore system functionality.

What does the “A” stand for in the CIA triad?

a. Availability
b. Authentication
c. Accounting
d. Authorization

Availability

Availability is the correct component of the CIA triad, focusing on ensuring that data is accessible when needed.

Which of the following is considered a managerial control?

a. Video Surveillance
b. Firewall
c. Security Policy
d. Encryption

Security Policy

A security policy is a managerial control as it focuses on governance and policy settings.

What is non-repudiation primarily concerned with?

a. Ensuring data is not tampered with
b. Ensuring system uptime
c. Proving the origin of a message
d. Ensuring only authorized personnel access data

Proving the origin of a message

Non-repudiation ensures that a message sender cannot deny the authenticity of the message sent.

Which type of security control is a bio-metric scanner?

a. Managerial
b. Technical
c. Operational
d. Physical

Technical

A bio-metric scanner is a technical control involving technology to authenticate users.

In the context of physical security, what is the primary purpose of bollards?

a. To detect unauthorized access
b. To prevent vehicle intrusion
c. To surveil areas
d. To encrypt data

To prevent vehicle intrusion

Bollards act as physical barriers to prevent vehicles from entering restricted areas.

What is the main function of a compensating control?

a. To enforce mandatory security protocols
b. To actively deter potential attackers
c. To detect and log security incidents
d. To provide alternative protection when primary controls fail

To provide alternative protection when primary controls fail

Compensating controls offer alternative protection mechanisms when primary controls are ineffective, not feasible, or unavailable.

What does “AAA” stand for in the context of security?

a. Adaptive, Authorization, Authentication
b. Availability, Authorization, Accounting
c. Authentication, Authorization, Accounting
d. Accounting, Authorization, Adaptive

Authentication, Authorization, Accounting

AAA stands for Authentication, Authorization, and Accounting in the context of security.

What is the primary purpose of a honeypot?

a. To encrypt data
b. To deceive attackers
c. To authorize users
d. To prevent attacks

To deceive attackers

Honeypots are decoy systems designed to deceive attackers and gather information about their tactics.

What is the primary purpose of physical controls?

a. To create barriers and surveillance
b. To correct the actions of people and systems
c. To detect anomalies or intrusions
d. To mandate specific actions or processes

To create barriers and surveillance

Physical controls create barriers and surveillance to protect assets and data.

Which type of control is a security awareness training program?

a. Physical
b. Corrective
c. Technical
d. Managerial

Managerial

Managerial controls involve governance and policy settings; a security awareness training program is an example.

Which of the following is primarily concerned with preventing unauthorized disclosure of information?

a. Confidentiality
b. Availability
c. Integrity
d. Authorization

Confidentiality

Confidentiality is concerned with preventing unauthorized disclosure of information.

Which of the following is an example of a preventive control?

a. Security Policy
b. Firewall
c. Incident Response Plan
d. Access Control Procedures

Firewall

A firewall is a preventive control that prevents unauthorized access.

Which type of control is a Data Loss Prevention (DLP) system?

a. Directive
b. Compensating
c. Operational
d. Technical

Technical

DLP systems are hardware or software-based controls designed to enforce security measures, making them technical controls.

What is the primary objective of the Zero Trust model?

a. To trust all devices outside the network perimeter
b. To always trust, never verify
c. To never trust, always verify
d. To trust all devices inside the network perimeter

To never trust, always verify

The primary objective of the Zero Trust model is to “never trust, always verify” regardless of whether the traffic originates from inside or outside the organization.