Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Sec+ D1 - Questions
Example Questions for Sec+ Domain 1
| Question | Answer |
|---|---|
| What is the primary goal of cybersecurity? | To protect confidentiality, integrity, and availability of information |
| What does confidentiality ensure? | Information is accessible only to authorized users |
| What does integrity ensure? | Data is accurate, complete, and not improperly modified |
| What does availability ensure? | Information and systems are accessible when needed |
| What is the CIA triad? | A foundational security model consisting of confidentiality, integrity, and availability |
| What is non-repudiation? | Assurance that an action or transaction cannot be denied by the responsible party |
| What is authentication? | The process of verifying a user’s identity |
| What is authorization? | The process of determining what actions an authenticated user can perform |
| What is accounting (auditing)? | The tracking and logging of user activities |
| What is the difference between authentication and authorization? | Authentication verifies identity; authorization determines access rights |
| What is a security control? | A safeguard designed to reduce risk and protect assets |
| What are administrative security controls? | Policies, procedures, and training that guide security practices |
| What are technical security controls? | Technology-based mechanisms such as firewalls, encryption, and access controls |
| What are physical security controls? | Measures that protect physical assets like locks, guards, and cameras |
| What is the principle of least privilege? | Granting users only the minimum access required to perform their job |
| What is defense in depth? | Using multiple layers of security controls to protect systems |
| What is risk in cybersecurity? | The potential for loss or damage when a threat exploits a vulnerability |
| What is a threat? | Any potential cause of an unwanted or harmful incident |
| What is a vulnerability? | A weakness that can be exploited by a threat |
| What is an exploit? | A method or code used to take advantage of a vulnerability |
| What is risk management? | The process of identifying, assessing, and controlling risk |
| What is risk mitigation? | Reducing risk through security controls and safeguards |
| What is risk acceptance? | Choosing to accept risk without implementing additional controls |
| What is risk avoidance? | Eliminating risk by discontinuing the risky activity |
| What is risk transference? | Shifting risk to another party, such as through insurance |
| What is the purpose of security awareness training? | To reduce human-related security risks by educating users |
| What is a policy in cybersecurity? | A high-level statement that defines security goals and expectations |
| What is a standard in cybersecurity? | A mandatory rule that supports and enforces a policy |
| What is a guideline in cybersecurity? | A recommended but non-mandatory best practice |
| What is a procedure in cybersecurity? | A step-by-step instruction for implementing security tasks |
Created by:
jlgentry
Popular Computers sets