Security+ CDS Class Exam Content Flashcards
A rehashing of the exam questions with correct answers, expanded concepts presented in each multiple choice answer with definitions, explanations & details added.
Concerning Security Control Functions
What are Preventative Controls?
First of Five
- These controls aim to stop security incidents before they happen. They are the first line of defense, designed to block or deter potential threats.
- Examples: Firewalls, Antivirus & Antimalware, Access Controls (such as Authorization & Authentication), Encryption, etc.
Concerning Security Control Functions
What are Detective Controls?
Second of Five
- Detective controls are designed to identify and alert administrators to security events or breaches that have occurred or are in progress.
- They help uncover potential threats that have bypassed preventive controls.
- Examples: Intrustion Detection Systems (IDS), Security Information and Event Management (SIEM), Security Audits and Assessments, Log Monitoring.
Concerning Security Control Functions
What are Corrective Controls?
Third of Five
- These controls focus on mitigating the impact of a security incident after it has occurred. They aim to restore normal operations, limit damage, and prevent the issue from recurring.
- Examples: Backup & Recovery Systems, Incident Response Plans, Patch Management (software), and System Hardening.
Concerning Security Control Functions
What are Deterrent Controls?
Fourth of Five
- Deterrent controls aim to discourage potential attackers by making it clear that there are consequences for unauthorized activities.
- Examples: Warning Signs and Banners, Security Access, Security Awareness Training, Security Cameras, Guards, etc.
Concerning Security Control Functions
What are Compensating Controls?
Fifth of Five
- These controls are implemented when it’s not feasible or practical to use a primary control. They offer an alternative way to mitigate a risk or fulfill a security requirement.
- Examples: Multi-factor Authentication (MFA), VPNs, and Third Party Security Assessments.
Capitalize on the Purpose of Security Controls
Understanding the 5 different Security Control Types is important because…
A thorough understanding of them is key to building a comprehensive security strategy. By combining preventive, detective, corrective, deterrent, and compensating controls, you create a layered defense that protects your systems and data from a wide range of threats.
- What is Shadow IT?
- Why is it a potential risk?
- Shadow IT is the use of information technology systems, software, or hardware within an organization without explicit IT department approval or knowledge.
- The presence of Shadow IT within an Organizations Network introduces unnecessary Security Risks such as the potential for Data Breaches, Malware via unvetted downloads or applications, Compliance Violations, and increasing the potential Attack Surface of a network as an extra and unknown point of entry/vulnerability within the network.
What is Typosquatting?
A type of attack in which a threat actor registers a domain name that is very similar to the real one (the targetted website to attact unsuspecting traffic) hoping that users will not notice the difference.
Always Check Domains from Links - Use Virus Total to check Hashes & Sources