1.0 General Security Concepts Flashcards
Which type of control would a firewall be classified as?
a) Technical
Security awareness training for employees is an example of which control type?
b) Managerial
Which control type is most likely to be automated?
a) Technical
Which control type is most focused on day-to-day security activities?
c) Operational
A company’s disaster recovery plan would be considered what type of control?
b) Managerial
Biometric access systems are an example of which control type?
d) Physical
Which control type is most likely to be implemented through written policies and procedures?
b) Managerial
Log review and monitoring would typically be classified as what type of control?
c) Operational
Which control type is most focused on overall security strategy and governance?
b) Managerial
A security guard conducting patrols is an example of which control type?
c) Operational
Which control type is most likely to require regular software updates or patches?
a) Technical
Risk assessments are typically considered what type of control?
b) Managerial
Which control type is most prone to human error or inconsistency?
c) Operational
Encryption of data at rest is an example of which control type?
a) Technical
Which control type is most likely to be visible to employees and visitors?
d) Physical
Which type of control is designed to discourage potential attackers from attempting a security breach?
b) Deterrent
An intrusion detection system (IDS) is an example of which type of control?
c) Detective
When a primary control cannot be implemented due to technical limitations, what type of control would be most appropriate?
a) Compensating
Which control type is most closely associated with security policies and procedures?
c) Directive
A firewall is primarily an example of which type of control?
c) Preventive
Incident response plans are best categorized as which type of control?
c) Corrective
Which control type aims to limit damage and restore systems to normal after a security incident?
c) Corrective
Security awareness training programs are primarily examples of which two types of controls?
a) Preventive and Directive
Which control type is most likely to involve psychological elements to influence potential attackers?
b) Deterrent
A SIEM system that alerts security personnel to potential threats is an example of which control type?
c) Detective
Which control type is most closely associated with providing alternative security measures?
b) Compensating
Encryption is primarily an example of which type of control?
a) Preventive
Which control type is most likely to be implemented after a security incident has occurred?
d) Corrective
Access control systems are primarily examples of which type of control?
a) Preventive
Which control type is most closely associated with ensuring compliance with security policies?
c) Directive
What are the three components of the CIA triad?
Confidentiality, Integrity, Availability
Which principle ensures that data remains unaltered and trustworthy throughout its lifecycle?
Integrity
What is the primary purpose of non-repudiation in information security?
To ensure that a user cannot deny performing a specific action
In the AAA framework, what does the first “A” stand for?
Authentication
Which authentication method might use fingerprints or retinal scans?
Biometrics
What is the main difference between authentication and authorization?
Authentication verifies identity, while authorization determines access rights
Which authorization model assigns permissions based on a user’s job function or title?
Role-Based Access Control (RBAC)
In ABAC, what are four types of attributes that might be considered for access decisions?
User
Resource
Action
Environmental Attributes
Who typically controls access rights in a Discretionary Access Control (DAC) model?
The resource owner
Which access control model is most commonly used in high-security government environments?
Mandatory Access Control (MAC)
What is the primary goal of a gap analysis in security?
To identify differences between current and desired security states
In the Zero Trust model, what does “adaptive identity” refer to?
Continuous evaluation and adaptation to user behavior and context
What is the role of the Policy Engine in the Zero Trust Control Plane?
To evaluate access requests against policies and make decisions
What is an “implicit trust zone” in the context of Zero Trust architecture?
An area within the network where some level of trust is assumed
Which physical security measure is designed to control vehicle access?
Bollards
What type of sensor detects heat signatures?
Infrared sensors
What is the primary purpose of a honeypot?
To attract and detect attacks
How does a honeytoken differ from a honeyfile?
A honeytoken is false data
A honey file is a fake file
In the Zero Trust model, what is the function of the Policy Enforcement Point?
To enforce access decisions made by the Policy Engine
What is the main difference between the Control Plane and Data Plane in Zero Trust architecture?
The Control Plane makes decisions
The Data Plane enforces them and handles data flow
What is the primary purpose of a backout plan in change management?
b) To revert changes if problems occur
Which of the following is NOT typically included in an impact analysis?
c) Marketing strategy
What does SOP stand for in the context of change management?
b) Standard Operating Procedure
Which of the following is a key benefit of version control in change management?
c) Maintains a history of modifications
In change management, what does the term “stakeholder” refer to?
c) Individuals or groups affected by the change
What is the primary purpose of a maintenance window?
b) To schedule changes during off-peak hours
Which of the following is NOT typically part of the change approval process?
c) Marketing campaign planning
What is the main goal of impact analysis in change management?
b) To assess potential consequences of a change
Which of the following is a key consideration when dealing with legacy applications in change management?
c) Balancing security needs with system limitations
What is the purpose of allow lists and deny lists in the context of change management?
b) To control access to systems or resources
Which of the following is NOT a typical step in the change approval process?
c) Implementation of the change
What is the primary purpose of assigning ownership in change management?
b) To ensure accountability throughout the change process
Which of the following best describes the relationship between change management and risk management?
c) Change management helps identify and mitigate risks associated with changes
What is the main purpose of updating diagrams as part of change management documentation?
b) To maintain accurate visual representations of the IT environment
Which of the following is NOT a typical technical implication of change management?
c) Increased system performance
What is the primary purpose of a backout plan in change management?
To revert changes and restore systems to their previous state if unexpected issues occur
Which of the following is NOT typically a stakeholder in the change management process?
a) IT staff
b) End-users
c) Competitors
d) Compliance officers
c) Competitors
How does version control contribute to effective change management?
Answer: Tracks changes over time, enables rollbacks, and facilitates auditing
What is the main benefit of conducting an impact analysis before implementing a change?
Answer: Identifies potential effects on various aspects of the organization before implementation
In the context of change management, what does “ownership” refer to?
Answer: Assigning responsibility for the change to a specific individual or team
Why is it important to update documentation after implementing changes?
Answer: Ensures accuracy, maintains compliance, and provides up-to-date guidance
What role does a maintenance window play in the change management process?
Answer: Scheduled period for implementing changes with minimal business disruption
How can allow lists and deny lists be affected by system changes?
Answer: May require updates to accommodate new systems or block potential threats
What is the purpose of a Standard Operating Procedure (SOP) in change management?
Answer: Provides consistent, documented processes for routine operations and changes
Why might legacy applications pose a challenge during the change management process?
Answer: Limited support, potential conflicts with new security measures, special accommodations needed
What is the primary goal of the approval process in change management?
Answer: To review and authorize proposed changes, ensuring they align with organizational needs and policies
How can proper change management help with compliance and auditing efforts?
Answer: Provides documented processes, change history, and accountability
What potential issues can arise from neglecting to consider dependencies when implementing changes?
Answer: Unintended consequences, system failures, or security vulnerabilities
Why is it important to involve the security team in the change management process?
Answer: Ensures changes align with security policies and don’t introduce vulnerabilities
What role do test results play in the change management process?
Answer: Validate effectiveness, identify potential issues, and inform decision-making
What is the significance of documenting changes in network diagrams?
Answer: Maintains accurate visual representations of systems and their relationships
How can change management processes help mitigate risks associated with technical changes?
Answer: Provides structured approach to assess, implement, and monitor changes
How does change management relate to incident response procedures?
Answer: Helps identify recent changes that may have contributed to an incident
What factors should be considered when scheduling a maintenance window?
Answer: Business impact, stakeholder availability, adequate time for implementation and testing
How can effective change management contribute to an organization’s overall security posture?
Answer: Ensures controlled implementation of changes, risk assessment, and maintenance of security controls
What is the primary difference between symmetric and asymmetric encryption?
c) Number of keys used
Which encryption level protects all data on a storage device?
b) Full-disk encryption
What is the purpose of a Hardware Security Module (HSM)?
b) To manage and safeguard cryptographic keys
Which of the following is NOT a function of a Certificate Authority (CA)?
c) Encrypting network traffic
What is the main purpose of key stretching?
b) To make weak passwords more resistant to brute-force attacks
Which cryptographic concept ensures the integrity and authenticity of a message?
c) Digital signature
What is steganography used for in the context of cryptography?
b) Hiding the existence of information
Which protocol is used to check the revocation status of digital certificates in real-time?
b) OCSP
Which type of certificate can secure multiple subdomains of a single domain?
c) Wildcard certificate
What is the primary purpose of a Trusted Platform Module (TPM)?
b) To store and protect cryptographic keys
What is the main advantage of asymmetric encryption over symmetric encryption?
d) Ability to securely exchange keys over an insecure channel
Which of the following is NOT a common use of blockchain technology?
c) Full-disk encryption
What is the purpose of salting in the context of password hashing?
b) To make rainbow table attacks more difficult
Which encryption level is most appropriate for protecting specific records within a database?
c) Record encryption
What is the primary purpose of a Certificate Signing Request (CSR)?
c) To initiate the process of obtaining a digital certificate
