Domain 1

Question 1

Ccvv

Question 2

Example: Using a username and password to log into a system.

Question 3

Authorization

Question 4

Definition: Determines what actions or resources a user is allowed to access after

Question 5

authentication.

Question 6

Example: A manager has access to employee records, but an intern does not.

Question 7

Accounting

Question 8

Definition: Tracks and records user activities for auditing and monitoring.

Question 9

Example: Logs showing when users log in and what resources they access.

Question 10

Confidentiality

Question 11

Definition: Ensures that data is only accessible to authorized individuals.

Question 12

Example: Encrypting sensitive emails to prevent unauthorized access.

Question 13

Integrity

Question 14

Definition: Ensures that data remains accurate, consistent, and unaltered unless authorized.

Question 15

Example: Using SHA-256 to verify the integrity of a file after downloading.

Question 16

Availability

Question 17

Domain 1: Glossary of Terms 1Definition: Ensures that resources and systems are accessible

Question 18

when needed by authorized users.

Question 19

Example: A website with redundant servers to prevent downtime during high traffic.

Question 20

Zero Trust

Question 21

Definition: A security model that assumes no trust by default and requires continuous

Question 22

verification.

Question 23

Example: Implementing MFA and network segmentation for all users.

Question 24

Symmetric Encryption

Question 25

Definition: Uses the same key for encryption and decryption.

Question 26

Example: AES (Advanced Encryption Standard) for encrypting database files.

Question 27

Asymmetric Encryption

Question 28

Definition: Uses a pair of public and private keys for encryption and decryption.

Question 29

Example: RSA is used for secure key exchanges during HTTPS connections.

Question 30

Hashing

Question 31

Definition: Converts data into a fixed-length hash value to ensure integrity.

Question 32

Example: Verifying software integrity using a SHA-256 checksum.

Question 33

Public Key Infrastructure (PKI)

Question 34

Definition: A framework for managing digital certificates and public keys.

Question 35

Example: A website uses a digital certificate to secure HTTPS traffic.

Question 36

Intrusion Detection System (IDS)

Question 37

Definition: Monitors network traffic for suspicious activities and alerts administrators.

Question 38

Example: Detecting a brute-force attack on a login page.

Question 39

Intrusion Prevention System (IPS)

Question 40

Definition: Monitors and actively blocks identified threats in real time.

Question 41

Example: Dropping malicious packets from known attackers.

Question 42

Multi-Factor Authentication (MFA)

Question 43

Definition: Requires multiple verification factors to authenticate a user.

Question 44

Example: Logging in using a password and a one-time code sent to your phone.

Question 45

Certificate Revocation List (CRL)

Question 46

Definition: A list of digital certificates that are no longer valid or trusted.

Question 47

Example: A revoked certificate for a compromised server is added to the CRL.

Question 48

Online Certificate Status Protocol (OCSP)

Question 49

Definition: A protocol used to check the status of a digital certificate in real time.

Question 50

Example: A browser checks the validity of a website’s certificate using OCSP.

Question 51

Role-Based Access Control (RBAC)

Question 52

Definition: Grants permissions based on the user’s role within an organization.

Question 53

Example: A doctor can access patient records, but a receptionist cannot.

Question 54

Mandatory Access Control (MAC)

Question 55

Definition: Access is determined by system-enforced rules and classification levels.

Question 56

Example: A user needs “Top Secret” clearance to access certain files.

Question 57

Discretionary Access Control (DAC)

Question 58

Definition: Access is determined at the discretion of the resource owner.

Question 59

Example: A file owner grants specific users access permissions to the file.

Question 60

Secure/Multipurpose Internet Mail Extensions (S/MIME)

Question 61

Definition: A standard for securing email communications through encryption and digital

Question 62

signatures.

Question 63

Example: Encrypting an email with S/MIME to prevent unauthorized access.

Question 64

Full Disk Encryption (FDE)

Question 65

Definition: Encrypts the entire storage drive to protect data at rest.

Question 66

Example: A laptop with BitLocker encrypts all files on the disk.

Question 67

Access Control List (ACL)

Question 68

Definition: A list of permissions attached to an object, specifying who or what

Question 69

can access the object and what operations can be performed.

Question 70

Example: Firewall rules that allow traffic from specific IP addresses.

Question 71

HMAC (Hashed Message Authentication Code)

Question 72

Definition: A method for verifying the integrity and authenticity of a message using a

Question 73

cryptographic hash function and a secret key.

Question 74

Example: Used in APIs to ensure that messages have not been tampered with.

Question 75

Transport Layer Security (TLS)

Question 76

Definition: A cryptographic protocol designed to provide secure communication over a network.

Question 77

Example: Securing data in transit on HTTPS websites.

Question 78

Virtual Private Network (VPN)

Question 79

Definition: Creates a secure and encrypted connection over a less secure network, such as the

Question 80

Internet.

Question 81

Example: Remote employees use a VPN to securely access company resources.

Question 82

Message Digest 5 (MD5)

Question 83

Definition: A hashing algorithm that creates a fixed-size 128-bit hash but is no longer considered

Question 84

secure.

Question 85

Example: Verifying data integrity in legacy systems.

Question 86

Secure Hash Algorithm (SHA)

Question 87

Definition: A family of cryptographic hash functions used to ensure data integrity.

Question 88

Example: SHA-256 is commonly used to verify file downloads.

Question 89

Redundant Array of Independent Disks (RAID)

Question 90

Definition: A data storage virtualization technology that combines multiple

Question 91

physical disk drives to improve performance or provide redundancy.

Question 92

Example: RAID 5 is used for fault tolerance in servers.

Question 93

Least Privilege

Question 94

Definition: A security principle ensuring users have only the access necessary to perform their

Question 95

job functions.

Question 96

Example: An intern has read-only access to general documents, not administrative systems.

Question 97

Micro-Segmentation

Question 98

Definition: Dividing a network into smaller segments for improved security.

Question 99

Example: Restricting communication between departments to prevent lateral movement of

Question 100

threats.