What are the three fundamental principles of information security, also known as the CIA Triad?

Confidentiality, Integrity, and Availability

What is the purpose of the CIA Triad in information security?

To provide a framework for developing and implementing security controls

What is the purpose of hashing or running backups/data through a one-way algorithm in digital forensics?

To preserve the earliest known state of the data

What does the AAA framework stand for in the context of network security?

Authentication, Authorization, Accounting

Which method of authentication involves verifying the identity of a device, computer, or application to ensure it is authorized to access resources or communicate with other systems?

Credentials-based authentication

What is the primary focus of gap analysis in cybersecurity?

Assessing an organization’s security posture and identifying areas needing improvement.

Which of the following is NOT a part of the gap analysis process in cybersecurity? - Comparing current network traffic with desired network traffic. - Assessing an organization’s security posture and identifying areas needing improvement. - Evaluating the performance of intrusion detection systems. - Monitoring user authentication logs for anomalies.

Comparing current network traffic with desired network traffic.

What does the Zero Trust approach to network security emphasize?

Continuous evaluation of access requests and granting only minimum necessary permissions.

What is the primary purpose of the Control Plane in Zero Trust Network Access (ZTNA)?

Enforcing access control policies and managing user identities.

What is the primary role of the Data Plane in Zero Trust architecture?

Executing the decisions made by the control plane.

What is a key feature of the data plane in Zero Trust architecture?

Dynamic routing of traffic based on user context and access restrictions.

Why is implementing a zero-trust architecture described as a journey rather than a destination?

Because it requires careful planning, ongoing maintenance, and continuous evaluation.

How do access control vestibules enhance security?

By enforcing a "one scan, one entry" guideline.

What is the purpose of fences and signs as physical security controls?

To mark boundaries, control access, and prevent escape.

What is a potential drawback of using signage as a physical security control?

It provides clear instructions for authorized personnel.

What is the primary purpose of video surveillance in physical security?

To see what is happening within a facility and eliminate blind spots.

What is the purpose of a security guard as a physical security control?

To allow or disallow people through a security checkpoint and provide authentication.

How does an access badge contribute to physical security?

By distinguishing personnel and correlating logs between physical and digital worlds.

What is the primary purpose of proper internal and external lighting as a physical security control?

To deter intruders and enhance visibility for monitoring activities.

What is the primary purpose of software security tools?

To ensure end users are kept safe from known exploits.

What is the difference between active and passive software security tools?

Active tools attempt to interact with other tools, data, and operating systems, while passive tools simply run and collect data without interaction.

What is a honeypot in the context of cybersecurity?

A virtual system designed to attract malicious users and gather information about attacks on the network.

What is the purpose of a honeyfile in cybersecurity?

To detect unauthorized access or activity in a system.

How does a honeytoken contribute to cybersecurity?

By triggering an alert if accessed or used.

It enables members to better defend against emerging threats.

What is the purpose of a honeynet in cybersecurity?

To attract malicious users and gather information about attacks.

What is the purpose of the approval process in cybersecurity?

To review and approve changes, access requests, or security-related initiatives.

What does ownership designation entail in cybersecurity?

Establishing clear accountability for specific assets or security-related tasks.

Who are stakeholders in the context of cybersecurity?

Individuals, groups, or entities with an interest or involvement in security processes.

What is the purpose of an impact analysis in cybersecurity?

To evaluate the potential consequences and effects of security incidents.

What do test results inform security teams about in cybersecurity?

The potential consequences and effects of security incidents.

What is the purpose of a backout plan in cybersecurity?

To revert to a previous state or configuration in the event of issues or failures.

What is a maintenance window in cybersecurity?

A designated time frame for implementing necessary changes or updates without disrupting regular operations.

What is the purpose of a Standard Operating Procedure (SOP) in cybersecurity?

To provide a safety net for security changes or implementations.

What is the purpose of allow lists and deny lists in cybersecurity?

To specify allowed or denied items such as applications or IP addresses.

How do restricted activities influence system security?

By limiting certain actions or behaviors within a system or network.

What is the impact of downtime on system operations?

It results in the unavailability of a system or service.

When might a service restart be necessary?

To apply changes or address issues without system-wide disruption.

What are legacy applications in the context of cybersecurity?

Older or outdated software applications that pose security risks.

Domain 1 Security Concepts Test Flashcards

Student preview

67 questions

Show all answers

1.

FLASHCARD QUESTION

Front

What are the four main categories of security controls used to mitigate the risk of malicious attacks? Options: Technical, operational, directive, and corrective; Technical, managerial, operational, and physical; Preventive, deterrent, detective, and corrective; Firewall, IPS, MFA solutions, and antivirus software

Back

Technical, managerial, operational, and physical

2.

FLASHCARD QUESTION

Front

Which type of security control aims to keep people out of systems and prevent attacks?

Back

Preventive

3.

FLASHCARD QUESTION

Front

What is an example of a deterrent security control? Options: Intrusion detection system, Firewall rule configurations, Security awareness training, Warning signs like "No Trespassing"

Back

Warning signs like "No Trespassing"

4.

FLASHCARD QUESTION

Front

Which security control type is designed to alert you when a particular event occurs, such as an unauthorized user accessing a system? Options: Preventive, Deterrent, Detective

Back

Detective

5.

FLASHCARD QUESTION

Front

What is an example of corrective security control?

Back

Patching known vulnerabilities on hardware

6.

FLASHCARD QUESTION

Front

Which security control type is put in place to satisfy the requirement for a security measure deemed too difficult or impractical to implement now?

Back

Compensating

7.

FLASHCARD QUESTION

Front

What is an example of a directive security control?

Back

Defining password security complexity and mandating regular password changes

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

55 questions

Romanesque Architecture

Flashcard

•

University

63 questions

Flashcards on Ozymandias and Percy Shelley

Flashcard

•

10th Grade

64 questions

Vocabulary Flashcards

Flashcard

•

10th Grade

71 questions

English-Vietnamese Vocabulary Flashcards

Flashcard

•

University

64 questions

WP Chapter 1

Flashcard

•

University

64 questions

Japanese Language and Contextual Understanding

Flashcard

•

11th Grade

67 questions

Path and Factor Analysis

Flashcard

•

University

62 questions

AZ-900 II

Flashcard

•

Professional Development

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Information Technology (IT)

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

15 questions

Christmas Song Emoji Pictionary

Quiz

•

7th - 12th Grade

20 questions

Christmas Movies

Quiz

•

1st - 12th Grade

55 questions

CHS Holiday Trivia

Quiz

•

12th Grade

20 questions

Christmas Movie Trivia

Quiz

•

9th - 12th Grade

29 questions

christmas facts

Lesson

•

5th - 12th Grade

20 questions

Christmas Trivia

Quiz

•

5th - 12th Grade

20 questions

Stages of Meiosis

Quiz

•

9th - 12th Grade