Fundamentals Of Security

Question 1

Protecting data and information from unauthorized access, modification,
disruption, disclosure, and destruction

Answer 1

Information Security

Question 2

Protecting the systems (e.g., computers, servers, network devices) that hold and
process critical data

Answer 2

Information Systems Security

Question 3

CIA Triad

Answer 3

Confidentiality, Integrity, Availability

Question 4

Ensures information is accessible only to authorized personnel (e.g.,
encryption)

Answer 4

Confidentiality

Question 5

Ensures data remains accurate and unaltered (e.g., checksums)

Answer 5

Integrity

Question 6

Ensures information and resources are accessible when needed (e.g.,
redundancy measures)

Answer 6

Availability

Question 7

Guarantees that an action or event cannot be denied by the involved parties
(e.g., digital signatures)

Answer 7

Non-Repudiation

Question 8

An extension of the CIA triad with the addition of non-repudiation and
authentication

Answer 8

CIANA Pentagon

Question 9

Triple A’s of Security

Answer 9

Authentication, Authorisation, Accounting

Question 10

Verifying the identity of a user or system (e.g., password checks)

Answer 10

Authentication

Question 11

Determining actions or resources an authenticated user can access (e.g.,
permissions)

Answer 11

Authorisation

Question 12

Tracking user activities and resource usage for audit or billing purposes

Answer 12

Accounting

Question 13

Security Control Categories

Answer 13

Technical, Managerial, Operational, Physical

Question 14

Security Control Types

Answer 14

Preventative, Deterrent, Detective, Corrective, Compensating, Directive

Question 15

Security Control: Technical

Answer 15

Software & Hardware, Firewall, Antivirus

Question 16

Security Control: Managerial

Answer 16

Administrative Controls: Policies & Training Programs

Question 17

Security Control: Operational

Answer 17

Password change every 90 days

Question 18

Security Control: Physical

Answer 18

Locks, Lighting, Sensors, Guard’s

Question 19

Security Control Types: Preventative

Answer 19

Firewall

Question 20

Security Control Types: Deterrent

Answer 20

Warning Signs

Question 21

Security Control Types: Detective

Answer 21

Antivirus

Question 22

Security Control Types: Corrective

Answer 22

Antivirus (Quarantine)

Question 23

Security Control Types: Compensating

Answer 23

WPA3 is not feasible so instead WPA2 with the addition of VPN to compensate for the missing security Factor.

Question 24

Security Control Types: Directive

Answer 24

An order or directive such as Changing passwords every 90 days

Question 25

Operates on the principle that no one should be trusted by default. Trust no one, verify everyone

Answer 25

Zero Trust Model

Question 26

Adaptive identity, threat scope reduction, policy-driven access
control, and secured zones

Answer 26

Control Plane