28 Questions
What is the primary goal of Information Security?
Protecting data from unauthorized access, modification, and destruction
Which security concept ensures that information is accessible only to authorized personnel?
Confidentiality
What does the term 'Non-Repudiation' guarantee in the context of security?
An event cannot be denied by the involved parties
Which security control involves determining actions or resources an authenticated user can access?
Authorization
Which of the following is a common authentication method?
Something you possess
What is the purpose of a Multi-Factor Authentication System (MFA)?
To require multiple methods of identification for enhanced security
Which type of security control is used to deter security breaches?
Preventive
What is the purpose of accounting as a security measure?
To ensure user activities are properly tracked and recorded
What is the main purpose of performing forensic analysis using detailed accounting and event logs?
To prevent similar incidents from occurring
What is the primary purpose of gap analysis?
To evaluate the difference between an organization's current performance and its desired performance
What does Technical Gap Analysis involve?
Evaluating an organization's current technical infrastructure and identifying areas where it falls short of the technical capabilities required
What is the Control Plane responsible for in a zero trust architecture?
Defining, managing, and enforcing the policies related to user and system access within an organization
What is the purpose of Threat Scope Reduction in a network?
To limit users' access to only what they need for their work tasks and minimize the network’s potential attack surface
What is Secured Zones in the context of network security?
Isolated environments within a network designed to house sensitive data
What does Data Plane in network security consist of?
Subject/System, Policy Engine, Policy Administrator, Policy Enforcement Point
What is Policy-Driven Access Control focused on?
Developing, managing, and enforcing user access policies based on their roles and responsibilities
What does Zero Trust demand verification for within the network?
Every device, user, and transaction within the network, regardless of its origin
What is Adaptive Identity reliant on in real-time validation?
Real-time validation that takes into account the user's behavior, device, location, and more
Which security strategy assumes no one should be trusted by default?
Zero Trust Model
What does the Data Plane deal with?
Policy enforcement points
Where can threats and vulnerabilities come from?
Natural disasters
What does confidentiality refer to?
Protection of information from unauthorized access and disclosure
What does integrity ensure?
Information and data remain accurate and unchanged from their original state
What is redundancy in the context of security?
Duplication of critical components or functions to enhance reliability
What does non-repudiation provide in digital transactions?
Proof in digital transactions
What is the main focus of the Zero Trust Model?
Emphasizing the control plane and data plane for implementation
Which of the following is not a method used for ensuring integrity?
Redundancy in systems and network designs
What is the primary purpose of availability in a security context?
Maintaining customer trust
Study Notes
- Zero Trust Model: a security strategy that assumes no one should be trusted by default, emphasizing the control plane and data plane for implementation.
- Control Plane: includes adaptive identity, threat scope reduction, policy-driven access control, and secured zones.
- Data Plane: deals with subject/system, policy engine, policy administrator, and policy enforcement points.
- Threats and vulnerabilities: can come from natural disasters, cyber-attacks, and data integrity breaches. Vulnerabilities can stem from software bugs, misconfigurations, unprotected network devices, and missing security patches.
- Confidentiality: refers to the protection of information from unauthorized access and disclosure. Important for personal privacy, business advantage, and regulatory compliance. Ensured through encryption, access controls, data masking, and physical security.
- Integrity: ensures information and data remain accurate and unchanged from their original state. Essential for data accuracy, maintaining trust, and ensuring system operability. Five methods used: hashing, digital signatures, checksums, access controls, and regular audits.
- Availability: ensures information, systems, and resources are accessible and operational when needed. Important for business continuity, maintaining customer trust, and upholding an organization's reputation. Maintained through redundancy in systems and network designs.
- Redundancy: duplication of critical components or functions to enhance reliability. Various types, including server, data, network, and power redundancy.
- Non-repudiation: a security measure that provides undeniable proof in digital transactions. Provides individuals or entities involved in a communication or transaction cannot deny their participation or the authenticity of their actions. Digital signatures are a method for achieving non-repudiation.
- Digital Signatures: one method for achieving non-repudiation. Involves first hashing a message or communication, then encrypting the hash digest with the user's private key using asymmetric encryption.
Test your knowledge of the authentication methods covered in CompTIA Security+ (SY0-701) study notes. Learn about non-repudiation, authentication, and the commonly used authentication methods.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free