CompTIA Security+ 701 Study Guide
Questions and Answers 100% Pass 2025
CIA triad (Confidentiality, Integrity, Availability) - CORRECT ANSWERS
AAA Of Security - CORRECT ANSWERS Authentication, Authorization, and
Accounting
Checksums - CORRECT ANSWERS Method to verify the integrity of data
during transmission
Digital Signatures - CORRECT ANSWERS Ensure Both Integrity of data during
transaction
Server Redundancy - CORRECT ANSWERS Involves using multiple servers in
a load balanced or failover configuration so that if one is overloaded or fails, the
other servers can take over the load to continue supporting your end users
Network Redundancy - CORRECT ANSWERS Ensures that if one network path
fails, the data can travel through another route
data redundancy - CORRECT ANSWERS involves storing data in multiple
places
Power Redundancy - CORRECT ANSWERS involves using backup power
sources, like generators and ups systems
Non-repudiation - CORRECT ANSWERS provides undeniable proof in the
world of digital transactions. Cant deny participation or authenticity of their actions
Syslog servers - CORRECT ANSWERS used to aggregate logs from various
network devices and systems so that system administrators can analyze them to
detect patterns or anomalies in the organizations systems
Technical Controls - CORRECT ANSWERS "technology", hardware, and
software mechanisms that are implemented to manage and reduce risks
,CompTIA Security+ 701 Study Guide
Questions and Answers 100% Pass 2025
Managerial Controls - CORRECT ANSWERS ("Managing" things) also referred
to administrative controls, involve the strategic planning and governance side of
security
Operational Controls - CORRECT ANSWERS Procedures and measures that
are designed to protect data on a day to day basis. Are mainly governed by internal
processes and human actions
Preventive - CORRECT ANSWERS Proactive measures implemented to thwart
potentical security threats or breaches
Deterrent Controls - CORRECT ANSWERS Discourage potential attackers by
making the effort seem less appealing or more challenging
Detective Controls - CORRECT ANSWERS (detect) Monitor and alert
organizations to malicious activities as they occur
Corrective Controls - CORRECT ANSWERS Mitigate any potential damage
and restore our systems to their normal state
Compensating Controls - CORRECT ANSWERS Alternative measures that are
implemented when primary security controls are not feasible or effective
Directive Controls - CORRECT ANSWERS Guide, inform, or mandate actions.
Often rooted in Policy.
gap analysis - CORRECT ANSWERS Process of evaluating the differences
between an organizations current performance and its desired performance
Zero Trust - CORRECT ANSWERS Demands verification for every device,
user, and transaction with the network
, CompTIA Security+ 701 Study Guide
Questions and Answers 100% Pass 2025
Data plane - CORRECT ANSWERS Ensures policies are properly executed
honeypot - CORRECT ANSWERS decoy systems to attract and deceive
attackers
honeynets - CORRECT ANSWERS network of decoy systems for observing
complex attacks
honeyfiles - CORRECT ANSWERS decoy files to detect unauthorized access
or data breaches
(APT) Advanced Persistent Threat - CORRECT ANSWERS Nation-state actor
because of their long term persistence and stealth
Threat Vector - CORRECT ANSWERS Means or pathway by which an attacker
can gain unauthorized access to a computer or network
Vishing - CORRECT ANSWERS Voice Phishing
(MDM) Mobile device management - CORRECT ANSWERS Manages Phones,
remote wipe, geolocation, installs certain apps Ex) jampf
Smishing - CORRECT ANSWERS SMS phishing
Unsecure networks Vulnerabilities - CORRECT ANSWERS MAC Address
cloning, VLAN Hopping
Vulnerability in Bluetooth protocol - CORRECT ANSWERS Blueborne --
vulnerabilities in bluetooth technology that can allow can attacher to take over
devices
BlueSmack -- type of DoS attack that targets bluetooth enabled devices
Questions and Answers 100% Pass 2025
CIA triad (Confidentiality, Integrity, Availability) - CORRECT ANSWERS
AAA Of Security - CORRECT ANSWERS Authentication, Authorization, and
Accounting
Checksums - CORRECT ANSWERS Method to verify the integrity of data
during transmission
Digital Signatures - CORRECT ANSWERS Ensure Both Integrity of data during
transaction
Server Redundancy - CORRECT ANSWERS Involves using multiple servers in
a load balanced or failover configuration so that if one is overloaded or fails, the
other servers can take over the load to continue supporting your end users
Network Redundancy - CORRECT ANSWERS Ensures that if one network path
fails, the data can travel through another route
data redundancy - CORRECT ANSWERS involves storing data in multiple
places
Power Redundancy - CORRECT ANSWERS involves using backup power
sources, like generators and ups systems
Non-repudiation - CORRECT ANSWERS provides undeniable proof in the
world of digital transactions. Cant deny participation or authenticity of their actions
Syslog servers - CORRECT ANSWERS used to aggregate logs from various
network devices and systems so that system administrators can analyze them to
detect patterns or anomalies in the organizations systems
Technical Controls - CORRECT ANSWERS "technology", hardware, and
software mechanisms that are implemented to manage and reduce risks
,CompTIA Security+ 701 Study Guide
Questions and Answers 100% Pass 2025
Managerial Controls - CORRECT ANSWERS ("Managing" things) also referred
to administrative controls, involve the strategic planning and governance side of
security
Operational Controls - CORRECT ANSWERS Procedures and measures that
are designed to protect data on a day to day basis. Are mainly governed by internal
processes and human actions
Preventive - CORRECT ANSWERS Proactive measures implemented to thwart
potentical security threats or breaches
Deterrent Controls - CORRECT ANSWERS Discourage potential attackers by
making the effort seem less appealing or more challenging
Detective Controls - CORRECT ANSWERS (detect) Monitor and alert
organizations to malicious activities as they occur
Corrective Controls - CORRECT ANSWERS Mitigate any potential damage
and restore our systems to their normal state
Compensating Controls - CORRECT ANSWERS Alternative measures that are
implemented when primary security controls are not feasible or effective
Directive Controls - CORRECT ANSWERS Guide, inform, or mandate actions.
Often rooted in Policy.
gap analysis - CORRECT ANSWERS Process of evaluating the differences
between an organizations current performance and its desired performance
Zero Trust - CORRECT ANSWERS Demands verification for every device,
user, and transaction with the network
, CompTIA Security+ 701 Study Guide
Questions and Answers 100% Pass 2025
Data plane - CORRECT ANSWERS Ensures policies are properly executed
honeypot - CORRECT ANSWERS decoy systems to attract and deceive
attackers
honeynets - CORRECT ANSWERS network of decoy systems for observing
complex attacks
honeyfiles - CORRECT ANSWERS decoy files to detect unauthorized access
or data breaches
(APT) Advanced Persistent Threat - CORRECT ANSWERS Nation-state actor
because of their long term persistence and stealth
Threat Vector - CORRECT ANSWERS Means or pathway by which an attacker
can gain unauthorized access to a computer or network
Vishing - CORRECT ANSWERS Voice Phishing
(MDM) Mobile device management - CORRECT ANSWERS Manages Phones,
remote wipe, geolocation, installs certain apps Ex) jampf
Smishing - CORRECT ANSWERS SMS phishing
Unsecure networks Vulnerabilities - CORRECT ANSWERS MAC Address
cloning, VLAN Hopping
Vulnerability in Bluetooth protocol - CORRECT ANSWERS Blueborne --
vulnerabilities in bluetooth technology that can allow can attacher to take over
devices
BlueSmack -- type of DoS attack that targets bluetooth enabled devices
