CompTIA Security+ Section 1:
Overview of Security Exam 2025
Questions and Answers
Information Security - ANSWER✔✔-Protecting data and information from unauthorized access,
unlawful modification, and disruption, disclosure, corruption, and destruction.
Information Systems Security - ANSWER✔✔-Protecting the systems that hold and process our
critical data (can be a computer, server, network device, cell phone, etc.).
CIA Triad - ANSWER✔✔-Confidentiality, Integrity, Availability -- (without all three, there is a
vulnerability that can be exploited. when all three are present, our information has good security).
Confidentiality - ANSWER✔✔-Ensures that unauthorized entities cannot access data. Encryption
and access controls help to protect against loss of this.
Integrity - ANSWER✔✔-Provides assurance that data or system configurations have not been
modified. Audit Logs and hashing are two methods used to ensure this.
Ensures that the information has not been modified or altered without proper authorization.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 1
, Availability - ANSWER✔✔-Ensures that systems and data are up and operational when needed.
Ensures that the information is able to be stored, accessed, and protected at all times.
AAA of Security - ANSWER✔✔-Authentication, Authorization, Accounting
Authentication - ANSWER✔✔-The process that occurs when a user proves an identity, such as
with a password.
When a person's identity is established with proof and confirmed by a system (ex. 2FA)
5 Methods of Authentication - ANSWER✔✔-1. Something you know
2. Something you are
3. Something you have
4. Something you do
5. Somewhere you are
Authorization - ANSWER✔✔-The process of granting access to resources for users who prove
their identity (such as with a username and password), based on their proven identity.
Occurs when a user is given access to a certain piece of data or certain areas of a building.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 2
Overview of Security Exam 2025
Questions and Answers
Information Security - ANSWER✔✔-Protecting data and information from unauthorized access,
unlawful modification, and disruption, disclosure, corruption, and destruction.
Information Systems Security - ANSWER✔✔-Protecting the systems that hold and process our
critical data (can be a computer, server, network device, cell phone, etc.).
CIA Triad - ANSWER✔✔-Confidentiality, Integrity, Availability -- (without all three, there is a
vulnerability that can be exploited. when all three are present, our information has good security).
Confidentiality - ANSWER✔✔-Ensures that unauthorized entities cannot access data. Encryption
and access controls help to protect against loss of this.
Integrity - ANSWER✔✔-Provides assurance that data or system configurations have not been
modified. Audit Logs and hashing are two methods used to ensure this.
Ensures that the information has not been modified or altered without proper authorization.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 1
, Availability - ANSWER✔✔-Ensures that systems and data are up and operational when needed.
Ensures that the information is able to be stored, accessed, and protected at all times.
AAA of Security - ANSWER✔✔-Authentication, Authorization, Accounting
Authentication - ANSWER✔✔-The process that occurs when a user proves an identity, such as
with a password.
When a person's identity is established with proof and confirmed by a system (ex. 2FA)
5 Methods of Authentication - ANSWER✔✔-1. Something you know
2. Something you are
3. Something you have
4. Something you do
5. Somewhere you are
Authorization - ANSWER✔✔-The process of granting access to resources for users who prove
their identity (such as with a username and password), based on their proven identity.
Occurs when a user is given access to a certain piece of data or certain areas of a building.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 2
