CompTIA Security+ 701 Study Guide with |\ |\ |\ |\ |\ |\
correct answers |\
Checksums
Method to verify the integrity of data during transmission
|\ |\ |\ |\ |\ |\ |\ |\
Digital Signatures
|\
Ensure Both Integrity of data during transaction
|\ |\ |\ |\ |\ |\
Server Redundancy
|\
Involves using multiple servers in a load balanced or failover
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
configuration so that if one is overloaded or fails, the other
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
servers can take over the load to continue supporting your end
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
users
Network Redundancy |\
Ensures that if one network path fails, the data can travel
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
through another route
|\ |\
data redundancy
|\
,involves storing data in multiple places
|\ |\ |\ |\ |\
Power Redundancy
|\
involves using backup power sources, like generators and ups
|\ |\ |\ |\ |\ |\ |\ |\ |\
systems
Non-repudiation
provides undeniable proof in the world of digital transactions.
|\ |\ |\ |\ |\ |\ |\ |\ |\
Cant deny participation or authenticity of their actions
|\ |\ |\ |\ |\ |\ |\
Syslog servers |\
used to aggregate logs from various network devices and
|\ |\ |\ |\ |\ |\ |\ |\ |\
systems so that system administrators can analyze them to
|\ |\ |\ |\ |\ |\ |\ |\ |\
detect patterns or anomalies in the organizations systems
|\ |\ |\ |\ |\ |\ |\
Technical Controls |\
"technology", hardware, and software mechanisms that are
|\ |\ |\ |\ |\ |\ |\
implemented to manage and reduce risks |\ |\ |\ |\ |\
Managerial Controls |\
,("Managing" things) also referred to administrative controls,
|\ |\ |\ |\ |\ |\ |\
involve the strategic planning and governance side of security
|\ |\ |\ |\ |\ |\ |\ |\
Operational Controls |\
Procedures and measures that are designed to protect data on a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
day to day basis. Are mainly governed by internal processes and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
human actions |\
Preventive
Proactive measures implemented to thwart potentical security
|\ |\ |\ |\ |\ |\ |\
threats or breaches
|\ |\
Deterrent Controls |\
Discourage potential attackers by making the effort seem less
|\ |\ |\ |\ |\ |\ |\ |\ |\
appealing or more challenging |\ |\ |\
Detective Controls |\
(detect) Monitor and alert organizations to malicious activities as
|\ |\ |\ |\ |\ |\ |\ |\ |\
they occur
|\
Corrective Controls |\
, Mitigate any potential damage and restore our systems to their
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
normal state |\
Compensating Controls |\
Alternative measures that are implemented when primary
|\ |\ |\ |\ |\ |\ |\
security controls are not feasible or effective
|\ |\ |\ |\ |\ |\
Directive Controls |\
Guide, inform, or mandate actions. Often rooted in Policy.
|\ |\ |\ |\ |\ |\ |\ |\
gap analysis
|\
Process of evaluating the differences between an organizations
|\ |\ |\ |\ |\ |\ |\ |\
current performance and its desired performance
|\ |\ |\ |\ |\
Zero Trust|\
Demands verification for every device, user, and transaction with
|\ |\ |\ |\ |\ |\ |\ |\
the network
|\ |\
Data plane|\
Ensures policies are properly executed
|\ |\ |\ |\
correct answers |\
Checksums
Method to verify the integrity of data during transmission
|\ |\ |\ |\ |\ |\ |\ |\
Digital Signatures
|\
Ensure Both Integrity of data during transaction
|\ |\ |\ |\ |\ |\
Server Redundancy
|\
Involves using multiple servers in a load balanced or failover
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
configuration so that if one is overloaded or fails, the other
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
servers can take over the load to continue supporting your end
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
users
Network Redundancy |\
Ensures that if one network path fails, the data can travel
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
through another route
|\ |\
data redundancy
|\
,involves storing data in multiple places
|\ |\ |\ |\ |\
Power Redundancy
|\
involves using backup power sources, like generators and ups
|\ |\ |\ |\ |\ |\ |\ |\ |\
systems
Non-repudiation
provides undeniable proof in the world of digital transactions.
|\ |\ |\ |\ |\ |\ |\ |\ |\
Cant deny participation or authenticity of their actions
|\ |\ |\ |\ |\ |\ |\
Syslog servers |\
used to aggregate logs from various network devices and
|\ |\ |\ |\ |\ |\ |\ |\ |\
systems so that system administrators can analyze them to
|\ |\ |\ |\ |\ |\ |\ |\ |\
detect patterns or anomalies in the organizations systems
|\ |\ |\ |\ |\ |\ |\
Technical Controls |\
"technology", hardware, and software mechanisms that are
|\ |\ |\ |\ |\ |\ |\
implemented to manage and reduce risks |\ |\ |\ |\ |\
Managerial Controls |\
,("Managing" things) also referred to administrative controls,
|\ |\ |\ |\ |\ |\ |\
involve the strategic planning and governance side of security
|\ |\ |\ |\ |\ |\ |\ |\
Operational Controls |\
Procedures and measures that are designed to protect data on a
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
day to day basis. Are mainly governed by internal processes and
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
human actions |\
Preventive
Proactive measures implemented to thwart potentical security
|\ |\ |\ |\ |\ |\ |\
threats or breaches
|\ |\
Deterrent Controls |\
Discourage potential attackers by making the effort seem less
|\ |\ |\ |\ |\ |\ |\ |\ |\
appealing or more challenging |\ |\ |\
Detective Controls |\
(detect) Monitor and alert organizations to malicious activities as
|\ |\ |\ |\ |\ |\ |\ |\ |\
they occur
|\
Corrective Controls |\
, Mitigate any potential damage and restore our systems to their
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
normal state |\
Compensating Controls |\
Alternative measures that are implemented when primary
|\ |\ |\ |\ |\ |\ |\
security controls are not feasible or effective
|\ |\ |\ |\ |\ |\
Directive Controls |\
Guide, inform, or mandate actions. Often rooted in Policy.
|\ |\ |\ |\ |\ |\ |\ |\
gap analysis
|\
Process of evaluating the differences between an organizations
|\ |\ |\ |\ |\ |\ |\ |\
current performance and its desired performance
|\ |\ |\ |\ |\
Zero Trust|\
Demands verification for every device, user, and transaction with
|\ |\ |\ |\ |\ |\ |\ |\
the network
|\ |\
Data plane|\
Ensures policies are properly executed
|\ |\ |\ |\
