Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > Security Goals & Controls > Flashcards

Security Goals & Controls Flashcards

1
Q

What is a strict mathematical model where access to resources is determined by the system based on predefined security labels and rules?
A. ABAC
B. RBAC
C. MAC
D. DAC

A

MAC (Mandatory Access Control): MAC is a highly restrictive access control model where the system enforces access based on security labels assigned to both subjects (users) and objects (resources). These labels define the level of sensitivity or clearance required to access a resource. Access decisions are made by the system, not by the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the process of granting an authenticated entity permission to access a resource or perform a specific function?
A. Authorization
B. Accounting
C. Authentication
D. Availability

A

A. Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which security goal controls an attacker’s ability to get unauthorized access to data or information from an application or system?
A. Availability
B. Integrity
C. Non-repudiation
D. Confidentiality

A

D. Confidentiality
Confidentiality: Ensures that sensitive information is protected from unauthorized access, use, disclosure, copying, modification, or destruction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of these are common ways to authenticate people? Choose more than one option.
A. An X.509 device certificate
B. A password, PIN, or passphrase they know
C. A smart card token or fob that they possess
D. A network interface MAC address
E. A QR or other code they present on a device
F. A biometric attribute

A

B. A password, PIN, or passphrase they know
C. A smart card token or fob that they possess
E. A QR or other code they present on a device
F. A biometric attribute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is one way to enable authentication of non-traditional network endpoints such as smart card readers, HVAC systems, medical equipment, and IP-enabled door locks?
A. Protected access files
B. Packet mode
C. Repudiation
D. Endpoint fingerprinting

A

D. Endpoint fingerprinting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which security control enforces the inability of a subject to deny that they participated in a digital transaction, agreement, contract, or communication such as an email?
A. Integrity
B. Availability
C. Non-repudiation
D. Confidentiality

A

C. Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which type of security control is made up of mandatory policies and regulations that are in place to maintain consistency and compliance?
A. Deterrent
B. Corrective
C. Preventative
D. Directive

A

D. Directive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which category of controls supports ongoing maintenance, due care, and continual improvement such as conducting tested patch management?
A. Operational
B. Managerial
C. Physical
D. Technical

A

A. Operational
These controls are implemented and executed to ensure the security of systems and data. They include activities like patch management, user access controls, and incident response procedures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions