A+ 1102 Day 4a ITSA 2.1 Summarize security measures

Encryption is a method of securing data by encoding it so that only authorized parties can access it. This prevents unauthorized access to sensitive information, even if it is intercepted during transmission or stored on a device.

 False. While antivirus software is effective against many types of malware, such as viruses and worms, it may not provide comprehensive protection against all types of malware, such as ransomware or zero-day exploits. It is essential to use multiple layers of security measures for comprehensive protection against various threats.                        

Intrusion Detection Systems (IDS) monitor network traffic for signs of suspicious activities or potential security threats. They analyze patterns and behaviors to identify anomalies and alert administrators to potential security breaches, allowing them to take appropriate action to mitigate risks and protect the network.

 Access Control Lists (ACLs) are used to restrict access to resources based on user identity and authorization levels. They define permissions and rules that determine who can access specific resources and what actions they can perform, helping to enforce security policies and prevent unauthorized access to sensitive data. 

 Firewalls are network security devices that monitor and control incoming and outgoing network traffic based on predetermined security rules. They act as a barrier between a trusted internal network and untrusted external networks, preventing unauthorized access and protecting against malicious threats such as hackers and malware.                

 True. Biometric authentication methods use unique biological characteristics, such as fingerprints, facial features, or iris patterns, to verify a person's identity. These methods offer a high level of security because they are difficult to forge or replicate, making them ideal for authentication purposes in various security systems.                                    

Hashing is a cryptographic technique used to verify the integrity of data by generating a unique hash value for a given set of data. This hash value can be compared with the original value to detect any changes or tampering, ensuring the data's integrity during transmission or storage.

 Virtual Private Networks (VPNs) provide secure access to a private network over a public network, such as the internet. They encrypt data transmitted between the user's device and the VPN server, ensuring privacy and confidentiality while accessing resources on the private network from remote locations.                                       

 True. Two-factor authentication (2FA) requires users to provide two different authentication factors to verify their identity. These factors typically include something the user knows (e.g., a password or PIN) and something the user possesses (e.g., a smartphone or security token), adding an extra layer of security compared to traditional single-factor authentication methods.             

Physical security measures protect against unauthorized access to physical facilities or resources, such as buildings, data centers, or equipment. These measures include security guards, access control systems, surveillance cameras, and locks, ensuring that only authorized individuals can access sensitive areas or assets.