Security + SY0-701
In the AAA security architecture, the process of tracking accessed services as well as the amount of consumed resources is called:
Accounting
Which part of the AAA security architecture deals with the verification of the identity of a person or process?
Authentication
In the AAA security architecture, the process of granting or denying access to resources is known as:
Authorization
Application transactions are logged in a public ledger
Blockchain
Which of the terms listed below can be used to describe the basic principles of information security?
CIA
A company would like to prevent the transfer of non-encrypted credit card numbers over the network. Which of the following would be the BEST choice for this requirement?
Data loss prevention
Which of the following best applies to the concept of non-repudiation?
Digital certificate
The term "Non-repudiation" describes the inability to deny responsibility for performing a specific action. In the context of data security, non-repudiation ensures data confidentiality, provides proof of data integrity, and proof of data origin.
False
A known vulnerability passes through an IPS without an alert
False negative
A client uses an API to access an application function
Microservices
Which of the answers listed below refers to security controls designed to deter, detect, and prevent unauthorized access, theft, damage, or destruction of material assets?
Physical security controls
All data on a mobile device is encrypted
Secure enclave
Which type of user account violates the concept of non-repudiation?
Shared account
The term "Directive security controls" refers to the category of security controls that are implemented through policies and procedures.
True
Which of the following answers refer to the characteristic features of managerial security controls?
a. Also known as administrative controls b. Focused on reducing the risk of security incidents c. Documented in written policies
Which of the following examples fall into the category of operational security controls?
a. Configuration management b. System backups c. Patch management
Which of the following examples do not fall into the category of physical security controls?
a. Data backups b. Firewalls c. Asset management
Which of the answers listed below refer to common methods of device authentication used within the AAA framework?
a. Digital certificates b. IP addresses c. MAC addresses
What are the examples of preventive security controls?
a. Encryption b. Firewalls c. AV software
Which of the answers listed below refer to examples of technical security controls?
a. Encryption b. IDSs c. Firewalls
Which of the answers listed below can be used to describe operational security controls
a. Focused on day to day procedures of an organization b. Used to ensure that the equipment continues to work as specified c. Primarily implemented and executed by people (as opposed to computer systems)
Which of the following terms fall into the category of directive security controls?
a. IRP b. AUP
Which of the following answers refer(s) to corrective security control(s)?
a. IRPs b. Backups and system recovery c. DRPs d. Forensic analysis
Which of the answers listed below refer(s) to detective security control(s)?
a. Log monitoring b. Security audits c. CCTV d. IDS e. Vulnerability scanning
Examples of managerial security controls include
a. Organizational security policy b. Risk assessment c. Security awareness training
Which of the following answers can be used to describe technical security controls?
a. Sometimes called logical security controls b. Executed by computer systems (instead of people) c. Implemented with technology
Which of the following solutions provide(s) the AAA functionality?
a. TACACS+ b. RADIUS
Which of the answers listed below refer(s) to compensating security control(s)?
a. Temporary service disablement b. MFA c. Backup power systems d. Sandboxing e. Temporary port blocking
In the context of the AAA framework, common methods for authenticating people include:
a. Usernames and passwords b. Biometrics c. MFA
Examples of deterrent security controls include
a. Warning signs b. Lighting c. Fencing / Bollards
