Domain 1 Flashcards
1
Q
Ccvv
A
2
Q
Example: Using a username and password to log into a system.
A
3
Q
Authorization
A
4
Q
Definition: Determines what actions or resources a user is allowed to access after
A
5
Q
authentication.
A
6
Q
Example: A manager has access to employee records, but an intern does not.
A
7
Q
Accounting
A
8
Q
Definition: Tracks and records user activities for auditing and monitoring.
A
9
Q
Example: Logs showing when users log in and what resources they access.
A
10
Q
Confidentiality
A
11
Q
Definition: Ensures that data is only accessible to authorized individuals.
A
12
Q
Example: Encrypting sensitive emails to prevent unauthorized access.
A
13
Q
Integrity
A
14
Q
Definition: Ensures that data remains accurate, consistent, and unaltered unless authorized.
A
15
Q
Example: Using SHA-256 to verify the integrity of a file after downloading.
A
16
Q
Availability
A
17
Q
Domain 1: Glossary of Terms 1Definition: Ensures that resources and systems are accessible
A
18
Q
when needed by authorized users.
A
19
Q
Example: A website with redundant servers to prevent downtime during high traffic.
A
20
Q
Zero Trust
A
21
Q
Definition: A security model that assumes no trust by default and requires continuous
A
22
Q
verification.
A
23
Q
Example: Implementing MFA and network segmentation for all users.
A
24
Q
Symmetric Encryption
A
25
Definition: Uses the same key for encryption and decryption.
26
Example: AES (Advanced Encryption Standard) for encrypting database files.
27
Asymmetric Encryption
28
Definition: Uses a pair of public and private keys for encryption and decryption.
29
Example: RSA is used for secure key exchanges during HTTPS connections.
30
Hashing
31
Definition: Converts data into a fixed-length hash value to ensure integrity.
32
Example: Verifying software integrity using a SHA-256 checksum.
33
Public Key Infrastructure (PKI)
34
Definition: A framework for managing digital certificates and public keys.
35
Example: A website uses a digital certificate to secure HTTPS traffic.
36
Intrusion Detection System (IDS)
37
Definition: Monitors network traffic for suspicious activities and alerts administrators.
38
Example: Detecting a brute-force attack on a login page.
39
Intrusion Prevention System (IPS)
40
Definition: Monitors and actively blocks identified threats in real time.
41
Example: Dropping malicious packets from known attackers.
42
Multi-Factor Authentication (MFA)
43
Definition: Requires multiple verification factors to authenticate a user.
44
Example: Logging in using a password and a one-time code sent to your phone.
45
Certificate Revocation List (CRL)
46
Definition: A list of digital certificates that are no longer valid or trusted.
47
Example: A revoked certificate for a compromised server is added to the CRL.
48
Online Certificate Status Protocol (OCSP)
49
Definition: A protocol used to check the status of a digital certificate in real time.
50
Example: A browser checks the validity of a website’s certificate using OCSP.
51
Role-Based Access Control (RBAC)
52
Definition: Grants permissions based on the user’s role within an organization.
53
Example: A doctor can access patient records, but a receptionist cannot.
54
Mandatory Access Control (MAC)
55
Definition: Access is determined by system-enforced rules and classification levels.
56
Example: A user needs "Top Secret" clearance to access certain files.
57
Discretionary Access Control (DAC)
58
Definition: Access is determined at the discretion of the resource owner.
59
Example: A file owner grants specific users access permissions to the file.
60
Secure/Multipurpose Internet Mail Extensions (S/MIME)
61
Definition: A standard for securing email communications through encryption and digital
62
signatures.
63
Example: Encrypting an email with S/MIME to prevent unauthorized access.
64
Full Disk Encryption (FDE)
65
Definition: Encrypts the entire storage drive to protect data at rest.
66
Example: A laptop with BitLocker encrypts all files on the disk.
67
Access Control List (ACL)
68
Definition: A list of permissions attached to an object, specifying who or what
69
can access the object and what operations can be performed.
70
Example: Firewall rules that allow traffic from specific IP addresses.
71
HMAC (Hashed Message Authentication Code)
72
Definition: A method for verifying the integrity and authenticity of a message using a
73
cryptographic hash function and a secret key.
74
Example: Used in APIs to ensure that messages have not been tampered with.
75
Transport Layer Security (TLS)
76
Definition: A cryptographic protocol designed to provide secure communication over a network.
77
Example: Securing data in transit on HTTPS websites.
78
Virtual Private Network (VPN)
79
Definition: Creates a secure and encrypted connection over a less secure network, such as the
80
Internet.
81
Example: Remote employees use a VPN to securely access company resources.
82
Message Digest 5 (MD5)
83
Definition: A hashing algorithm that creates a fixed-size 128-bit hash but is no longer considered
84
secure.
85
Example: Verifying data integrity in legacy systems.
86
Secure Hash Algorithm (SHA)
87
Definition: A family of cryptographic hash functions used to ensure data integrity.
88
Example: SHA-256 is commonly used to verify file downloads.
89
Redundant Array of Independent Disks (RAID)
90
Definition: A data storage virtualization technology that combines multiple
91
physical disk drives to improve performance or provide redundancy.
92
Example: RAID 5 is used for fault tolerance in servers.
93
Least Privilege
94
Definition: A security principle ensuring users have only the access necessary to perform their
95
job functions.
96
Example: An intern has read-only access to general documents, not administrative systems.
97
Micro-Segmentation
98
Definition: Dividing a network into smaller segments for improved security.
99
Example: Restricting communication between departments to prevent lateral movement of
100
threats.
