CompTIA Security+ (SY0-701) Fundamentals of Security H

Questions and Answers

Which security control is focused on protecting data and information from unauthorized access, modification, disruption, disclosure, and destruction?

• Information Security (correct)
• Non-Repudiation
• Authorization
• Information Systems Security

Which fundamental security concept ensures data remains accurate and unaltered?

• Availability
• Integrity (correct)
• Non-Repudiation
• Confidentiality

Which guarantee ensures that an action or event cannot be denied by the involved parties?

• Confidentiality
• Availability
• Non-Repudiation (correct)
• Integrity

What does the 'Triple A’s of Security' refer to in the context of security controls?

An extension of the CIA triad with the addition of non-repudiation and authentication (C)

What is the purpose of Technical Gap Analysis?

To evaluate an organization's current technical infrastructure (B)

What does Zero Trust demand verification for within the network?

Every device, user, and transaction (A)

What is the purpose of Threat Scope Reduction?

To limit users’ access to what they need for their work tasks (A)

What does the Data Plane ensure?

Proper execution of policies (D)

Which plane is responsible for defining, managing, and enforcing user and system access policies within an organization?

Control Plane (A)

What does Policy-Driven Access Control entail?

Developing, managing, and enforcing user access policies based on their roles and responsibilities (D)

What does Secured Zones refer to?

Isolated environments within a network designed to house sensitive data (D)

What is the purpose of Policy Enforcement Point?

Where the decision to grant or deny access is actually executed (D)

Which security strategy assumes that no one should be trusted by default?

Zero Trust Model (B)

What does the Control Plane of the Zero Trust Model include?

Adaptive identity, threat scope reduction, policy-driven access control, and secured zones (A)

What is the primary purpose of ensuring confidentiality in information security?

Protection of information from unauthorized access and disclosure (B)

Which method ensures information and data remain accurate and unchanged from their original state?

Hashing (D)

What is the main purpose of ensuring availability in information security?

Ensuring information, systems, and resources are accessible and operational when needed (B)

What does redundancy in systems and network designs aim to enhance?

Reliability (C)

Which security measure provides undeniable proof in digital transactions?

Non-repudiation (D)

"Digital Signatures" are a method for achieving which security measure?

Non-repudiation (A)

What does the Data Plane of the Zero Trust Model deal with?

Subject/system, policy engine, policy administrator, and policy enforcement points (A)

Which type of redundancy aims to enhance reliability through duplication of server components or functions?

Server redundancy (D)

What methods are used to ensure integrity in information and data?

Hashing, digital signatures, checksums, access controls, regular audits (A)

What is the primary purpose of non-repudiation in digital transactions?

Confirming the authenticity and preventing denial (D)

Which method of authentication requires users to provide multiple identification factors for enhanced security?

Multi-Factor Authentication System (MFA) (D)

What does accounting aim to ensure in the context of security measures?

Maintain regulatory compliance (B)

In the context of security controls, what are the commonly used technologies for accounting?

Syslog servers and SIEM systems (B)

Which type of security control focuses on preventing unauthorized access, modification, disruption, disclosure, and destruction of data?

Preventive control (C)

What is the primary purpose of performing forensic analysis using detailed accounting and event logs?

To understand and prevent similar incidents from occurring (B)

What is the fundamental purpose of gap analysis in an organization?

To evaluate the difference between an organization's current performance and its desired performance (A)

Which category of security controls includes Technical, Managerial, Operational, and Physical controls?

Operational controls (A)

What does Policy-Driven Access Control entail in terms of security measures?

Defining, managing, and enforcing user and system access policies (D)

Which plane is responsible for defining, managing, and enforcing user and system access policies within an organization?

Data Plane (C)

What is the primary purpose of Threat Scope Reduction in the context of security measures?

To minimize the potential impact of security threats (B)

In the context of security controls, what are the six basic types of security controls categorized into?

Preventive, Deterrent, Detective, Corrective, Compensating, and Directive (B)

Flashcards are hidden until you start studying

Study Notes

• Non-repudiation is essential for confirming the authenticity of digital transactions, ensuring integrity of communications, and providing accountability in digital processes
• Authentication is a security measure that verifies the identity of individuals or entities during a communication or transaction
• Five commonly used authentication methods: something you know, have, are, do, or are at
• Multi-Factor Authentication System (MFA) requires users to provide multiple methods of identification for enhanced security
• Authentication is critical to prevent unauthorized access, protect user data and privacy, and ensure resources are accessed only by valid users
• Accounting is a security measure that ensures user activities are properly tracked and recorded to create an audit trail, maintain regulatory compliance, and provide user accountability
• Perform forensic analysis using detailed accounting and event logs to understand and prevent similar incidents from occurring
• Accounting typically uses technologies like syslog servers, network analysis tools, and Security Information and Event Management (SIEM) systems
• Security Controls are categorized into four broad categories: Technical, Managerial, Operational, and Physical
• Six basic types of security controls: Preventive, Deterrent, Detective, Corrective, Compensating, and Directive
• Gap analysis is a process used to evaluate the difference between an organization's current performance and its desired performance and develop a plan to bridge the gap.