What are the three fundamental principles of information security, also known as the CIA Triad?

Confidentiality, Integrity, and Availability

What is the purpose of the CIA Triad in information security?

To provide a framework for developing and implementing security controls

What is the purpose of hashing or running backups/data through a one-way algorithm in digital forensics?

To preserve the earliest known state of the data

What does the AAA framework stand for in the context of network security?

Authentication, Authorization, Accounting

Which method of authentication involves verifying the identity of a device, computer, or application to ensure it is authorized to access resources or communicate with other systems?

Credentials-based authentication

What is the primary focus of gap analysis in cybersecurity?

Assessing an organization’s security posture and identifying areas needing improvement.

Which of the following is NOT a part of the gap analysis process in cybersecurity? - Comparing current network traffic with desired network traffic. - Assessing an organization’s security posture and identifying areas needing improvement. - Evaluating the performance of intrusion detection systems. - Monitoring user authentication logs for anomalies.

Comparing current network traffic with desired network traffic.

What does the Zero Trust approach to network security emphasize?

Continuous evaluation of access requests and granting only minimum necessary permissions.

What is the primary purpose of the Control Plane in Zero Trust Network Access (ZTNA)?

Enforcing access control policies and managing user identities.

What is the primary role of the Data Plane in Zero Trust architecture?

Executing the decisions made by the control plane.

What is a key feature of the data plane in Zero Trust architecture?

Dynamic routing of traffic based on user context and access restrictions.

Why is implementing a zero-trust architecture described as a journey rather than a destination?

Because it requires careful planning, ongoing maintenance, and continuous evaluation.

How do access control vestibules enhance security?

By enforcing a "one scan, one entry" guideline.

What is the purpose of fences and signs as physical security controls?

To mark boundaries, control access, and prevent escape.

What is a potential drawback of using signage as a physical security control?

It provides clear instructions for authorized personnel.

What is the primary purpose of video surveillance in physical security?

To see what is happening within a facility and eliminate blind spots.

What is the purpose of a security guard as a physical security control?

To allow or disallow people through a security checkpoint and provide authentication.

How does an access badge contribute to physical security?

By distinguishing personnel and correlating logs between physical and digital worlds.

What is the primary purpose of proper internal and external lighting as a physical security control?

To deter intruders and enhance visibility for monitoring activities.

What is the primary purpose of software security tools?

To ensure end users are kept safe from known exploits.

What is the difference between active and passive software security tools?

Active tools attempt to interact with other tools, data, and operating systems, while passive tools simply run and collect data without interaction.

What is a honeypot in the context of cybersecurity?

A virtual system designed to attract malicious users and gather information about attacks on the network.

What is the purpose of a honeyfile in cybersecurity?

To detect unauthorized access or activity in a system.

How does a honeytoken contribute to cybersecurity?

By triggering an alert if accessed or used.

It enables members to better defend against emerging threats.

What is the purpose of a honeynet in cybersecurity?

To attract malicious users and gather information about attacks.

What is the purpose of the approval process in cybersecurity?

To review and approve changes, access requests, or security-related initiatives.

What does ownership designation entail in cybersecurity?

Establishing clear accountability for specific assets or security-related tasks.

Who are stakeholders in the context of cybersecurity?

Individuals, groups, or entities with an interest or involvement in security processes.

What is the purpose of an impact analysis in cybersecurity?

To evaluate the potential consequences and effects of security incidents.

What do test results inform security teams about in cybersecurity?

The potential consequences and effects of security incidents.

What is the purpose of a backout plan in cybersecurity?

To revert to a previous state or configuration in the event of issues or failures.

What is a maintenance window in cybersecurity?

A designated time frame for implementing necessary changes or updates without disrupting regular operations.

What is the purpose of a Standard Operating Procedure (SOP) in cybersecurity?

To provide a safety net for security changes or implementations.

What is the purpose of allow lists and deny lists in cybersecurity?

To specify allowed or denied items such as applications or IP addresses.

How do restricted activities influence system security?

By limiting certain actions or behaviors within a system or network.

What is the impact of downtime on system operations?

It results in the unavailability of a system or service.

When might a service restart be necessary?

To apply changes or address issues without system-wide disruption.

What are legacy applications in the context of cybersecurity?

Older or outdated software applications that pose security risks.

Domain 1 Security Concepts Test Flashcards

Student preview

67 questions

Show all answers

1.

FLASHCARD QUESTION

Front

What are the four main categories of security controls used to mitigate the risk of malicious attacks? Options: Technical, operational, directive, and corrective; Technical, managerial, operational, and physical; Preventive, deterrent, detective, and corrective; Firewall, IPS, MFA solutions, and antivirus software

Back

Technical, managerial, operational, and physical

2.

FLASHCARD QUESTION

Front

Which type of security control aims to keep people out of systems and prevent attacks?

Back

Preventive

3.

FLASHCARD QUESTION

Front

What is an example of a deterrent security control? Options: Intrusion detection system, Firewall rule configurations, Security awareness training, Warning signs like "No Trespassing"

Back

Warning signs like "No Trespassing"

4.

FLASHCARD QUESTION

Front

Which security control type is designed to alert you when a particular event occurs, such as an unauthorized user accessing a system? Options: Preventive, Deterrent, Detective

Back

Detective

5.

FLASHCARD QUESTION

Front

What is an example of corrective security control?

Back

Patching known vulnerabilities on hardware

6.

FLASHCARD QUESTION

Front

Which security control type is put in place to satisfy the requirement for a security measure deemed too difficult or impractical to implement now?

Back

Compensating

7.

FLASHCARD QUESTION

Front

What is an example of a directive security control?

Back

Defining password security complexity and mandating regular password changes

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

58 questions

Technology and IT Concepts

Flashcard

•

KG - University

65 questions

Vocabulary Flashcards

Flashcard

•

University

54 questions

Elections and Politics Terms

Flashcard

•

12th Grade

54 questions

Reviewer-ITSM

Flashcard

•

KG - University

51 questions

English-Vietnamese Phrasal Verbs

Flashcard

•

9th Grade - University

74 questions

Cam 17, Test 2, Reading Passage 1: The dead sea scrolls.

Flashcard

•

KG - University

73 questions

Flashcard Set from Text

Flashcard

•

10th Grade

61 questions

Week 9 Vocabulary Flashcards

Flashcard

•

12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Information Technology (IT)

20 questions

-AR -ER -IR present tense

Quiz

•

10th - 12th Grade

15 questions

Making Inferences

Quiz

•

7th - 12th Grade

12 questions

Add and Subtract Polynomials

Quiz

•

9th - 12th Grade

7 questions

How James Brown Invented Funk

Interactive video

•

10th Grade - University

15 questions

Atomic Habits: Career Habits

Lesson

•

9th - 12th Grade

20 questions

Banking

Quiz

•

9th - 12th Grade

15 questions

Exponential Growth and Decay Word Problems Practice

Quiz

•

9th - 12th Grade

18 questions

AP Bio Insta-Review Topic 6.1*: DNA & RNA Structure

Quiz

•

9th - 12th Grade