CompTIA Security+ (SY0-701) Fundamentals of Security E

Questions and Answers

What is the primary goal of information security?

• Ensuring data accuracy
• Verifying the identity of users
• Preventing unauthorized access to data (correct)
• Providing redundancy measures for data

Which security concept ensures that information is only accessible to authorized personnel?

• Confidentiality (correct)
• Non-Repudiation
• Integrity
• Availability

What does the concept of non-repudiation guarantee?

• An action or event cannot be denied by the involved parties (correct)
• The identity of users or systems is verified
• Information and resources are accessible when needed
• Data remains accurate and unaltered

Which security principle encompasses the concepts of non-repudiation and authentication?

CIANA Pentagon (D)

What does the Zero Trust Model assume?

No one should be trusted by default (A)

Which of the following is part of the Control Plane in the Zero Trust Model?

Policy-driven access control (D)

What is the main purpose of Integrity in the context of information and data?

Maintaining data accuracy and trust (C)

What does Availability ensure in a security context?

Operational accessibility when needed (B)

What is the purpose of Redundancy in a security context?

To enhance reliability by duplicating critical components or functions (D)

Which method is used to achieve Non-repudiation in digital transactions?

Digital signatures (D)

What is the purpose of Technical Gap Analysis?

To identify areas where an organization falls short of the technical capabilities required for security solutions (C)

What does Zero Trust demand verification for within the network?

For system access within an organization (B)

What is the primary focus of Threat Scope Reduction?

To minimize the potential attack surface of a network (C)

What is the function of Policy Engine in the Data Plane?

It cross-references the access request with predefined policies (B)

What is the purpose of Secured Zones in a network?

To create an isolated environment for sensitive data (A)

What is the primary focus of Adaptive Identity in the Control Plane?

To rely on real-time validation based on user behavior and device location (D)

What does Policy-Driven Access Control entail?

Developing, managing, and enforcing user access policies based on their roles and responsibilities (C)

What is the purpose of Plan of Action and Milestones (POA&M)?

Outlines specific measures to address each vulnerability (C)

What is the purpose of non-repudiation in digital transactions?

To confirm the authenticity of digital transactions and ensure communication integrity (A)

Which authentication method involves providing something you have?

Something you have (C)

What is the purpose of multi-factor authentication (MFA)?

To enhance security by requiring multiple methods of identification (B)

What is the primary purpose of accounting in a security context?

To ensure user activities are properly tracked and recorded (D)

Which technology is typically used in accounting for security purposes?

Security Information and Event Management (SIEM) systems (B)

How are security controls categorized?

Technical, Managerial, Operational, Physical (A)

What type of analysis is used to evaluate the difference between an organization's current performance and its desired performance?

Gap analysis (A)

What type of security measure verifies the identity of individuals or entities during a communication or transaction?

Authentication (A)

What is the main purpose of multi-factor authentication (MFA)?

To enhance security by requiring multiple methods of identification (B)

Which method of authentication involves providing something you have?

Something you have (C)

What does gap analysis evaluate?

The difference between current performance and desired performance (A)

Flashcards

Information Security Goal

Preventing unauthorized access to data.

Confidentiality

Ensuring only authorized personnel can access information.

Non-repudiation

Guaranteeing actions/events can't be denied.

CIANA Pentagon

Security principle combining non-repudiation and authentication.

Zero Trust Model

No one is trusted by default; all must be verified.

Control Plane in Zero Trust

Policy-driven access control.

Data Integrity

Maintaining data accuracy and trust.

Availability

Ensuring operational accessibility when needed.

Redundancy

Duplicating critical components for reliability.

Non-repudiation (Digital Transactions)

Ensuring authenticity and communication integrity.

Technical Gap Analysis

Identifying capability gaps for security solutions.

Zero Trust Network Verification

Verifying system access within an organization.

Threat Scope Reduction

Minimizing the potential attack surface.

Data Plane Policy Engine

Cross-checking access requests with policies.

Secured Zones

Creating isolated environments.

Adaptive Identity

Real-time validation based on user behavior.

Policy-Driven Access Control

Managing user access based on roles.

POA&M

Plan of Action & Milestones: outlines measures.

Multi-Factor Authentication (MFA)

Security enhanced by multiple identification methods.

Accounting (Security)

Tracking & recording user activities.

Security Control Categories

Technical, Managerial, Operational, and Physical.

Gap Analysis

Evaluating the difference between actual and desired performance.

Authentication

Verifying the identity of individuals/entities.

Something You Have

Authentication method using a physical token.

Study Notes

• Non-repudiation is essential for confirming the authenticity of digital transactions, ensuring integrity of communications, and providing accountability in digital processes
• Authentication is a security measure that verifies the identity of individuals or entities during a communication or transaction
• Five commonly used authentication methods: something you know, have, are, do, or are at
• Multi-Factor Authentication System (MFA) requires users to provide multiple methods of identification for enhanced security
• Authentication is critical to prevent unauthorized access, protect user data and privacy, and ensure resources are accessed only by valid users
• Accounting is a security measure that ensures user activities are properly tracked and recorded to create an audit trail, maintain regulatory compliance, and provide user accountability
• Perform forensic analysis using detailed accounting and event logs to understand and prevent similar incidents from occurring
• Accounting typically uses technologies like syslog servers, network analysis tools, and Security Information and Event Management (SIEM) systems
• Security Controls are categorized into four broad categories: Technical, Managerial, Operational, and Physical
• Six basic types of security controls: Preventive, Deterrent, Detective, Corrective, Compensating, and Directive
• Gap analysis is a process used to evaluate the difference between an organization's current performance and its desired performance and develop a plan to bridge the gap.

Description

Enhance your understanding of CompTIA Security+ (SY0-701) concepts with these study notes covering non-repudiation and authentication. Learn about the significance of non-repudiation and the five commonly used authentication methods.