Practice Exam 1 Flashcards
(25 cards)
Which of the following answers can be used to describe technical security controls? (Select 3 answers)
Answer: Sometimes called logical security controls, Executed by computer systems (instead of people), and Implemented with technology
Technology-based (e.g., firewalls, encryption, antivirus)
Executed by systems (not humans)
Also called logical controls
Used to enforce security policies automatically
Controls access, protects data, detects threats
Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)
Answer: Encryption, IDSs, and Firewalls.
Encryption – protects data confidentiality
Firewalls – control network traffic
IDSs (Intrusion Detection Systems) – monitor for malicious activity
Which of the following answers refer to the characteristic features of managerial security controls? (Select 3 answers)
Answer: Also known as administrative controls, Focused on reducing the risk of security incidents, and Documented in written policies
Managerial controls = “paper-based” and policy-driven, guiding how security is managed and enforced across the organization
Examples of managerial security controls include: (Select 3 answers)
Answer: Organizational security policies, Risk assessments, and Security awareness training
Organizational security policies – define rules and expectations
Risk assessments – identify and evaluate risks
Security awareness training – educates employees on threats
Managerial controls = “Plan, Assess, Educate”
(They set the framework for security, not the tech.)
Which of the answers listed below can be used to describe operational security controls (Select 3 answers)
Answer: Focused on the day-to-day procedures of an organization, Used to ensure that the equipment continues to work as specified, and Primarily implemented and executed by people (as opposed to computer systems)
Day-to-day procedures (daily ops & tasks)
Executed by people, not systems
Ensure equipment functions properly
Operational controls are hands-on activities that support and maintain security—like monitoring logs, managing backups, and performing maintenance.
“People + Procedures = Operational”
(Think: routine, manual actions that keep security running daily.)
Which of the following examples fall into the category of operational security controls? (Select 3 answers)
Answer: Configuration management, System backups, Patch management
Configuration management – maintains secure system settings
System backups – protects data in case of failure
Patch management – keeps systems updated and secure
These are routine tasks performed by IT staff to maintain and support security on a daily basis.
“Maintain, Backup, Patch = Operational”
(Hands-on, recurring tasks = operational controls)
Which of the answers listed below refers to security controls designed to deter, detect, and prevent unauthorized access, theft, damage, or destruction of material assets?
Answer: Physical security controls.
What they do:
Prevent unauthorized physical access
Deter, detect, and prevent theft/damage
Protect material assets (buildings, hardware, etc.)
Examples:
Locks, Security guards, Cameras, Fencing, Fire suppression
“If you can touch it, physical controls protect it.”
(Security for the real world, not virtual.)
Which of the following examples do not fall into the category of physical security controls? (Select 3 answers)
Answer: Data backups, Firewalls, and Asset management.
Data backups (protect data, not physical assets)
Firewalls (technical/network control)
Asset management (process/policy, not physical barrier)
These are technical or managerial controls, not physical barriers or protections.
“If you can’t physically touch it, it’s NOT physical security.”
What are the examples of preventive security controls? (Select 3 answers)
Answer: Encryption, Firewalls, and AV software.
Encryption – protects data confidentiality
Firewalls – block unauthorized network access
Antivirus software – stops malware before it infects
Preventive controls stop security incidents before they happen by blocking or limiting threats.
“Prevent = Stop before damage.”
(Think shields and barriers.)
Examples of deterrent security controls include: (Select 3 answers)
Answer: Warning signs, Lighting, and Fencing/Bollards.
Warning signs – discourage unauthorized actions
Lighting – makes areas visible to prevent sneaking
Fencing/Bollards – physical barriers that discourage entry
Quick Explanation:
Deterrent controls discourage or warn potential attackers before they try to cause harm.
“Deterrent = ‘Don’t even try.’”
(Signs and barriers that say, “Stay away!”)
Which of the answers listed below refer(s) to detective security control(s)? (Select all that apply)
Answer: Log monitoring, Security audits, CCTV, IDS, and Vulnerability scanning.
Log monitoring – tracks system activity for anomalies
Security audits – review and assess security posture
CCTV – records physical activity
IDS (Intrusion Detection Systems) – alerts on suspicious network behavior
Vulnerability scanning – finds security weaknesses
Quick Explanation:
Detective controls identify and alert when security events or breaches occur.
“Detective = Spot and alert.”
(They don’t block— they watch and report.)
Which of the following answers refer(s) to corrective security control(s)? (Select all that apply)
Answer: Recovering data from backup copies, Applying software updates and patches to fix vulnerabilities, developing and implementing IRPs to respond to and recover from security incidents, and activating and executing DRPs to restore operations after a major incident.
Recovering data from backups
Applying patches and updates
Developing/using Incident Response Plans (IRPs)
Activating Disaster Recovery Plans (DRPs)
Quick Explanation:
Corrective controls fix issues and restore systems after a security incident or failure.
Memory Tip:
“Corrective = Fix and recover.”
(They help you bounce back after an attack.)
Which of the answers listed below refer(s) to compensating security control(s)? (Select all that apply)
Answer: Backup power systems, MFA, Application sandboxing, and Network segmentation.
Backup power systems – keep systems running if main power fails
MFA (Multi-Factor Authentication) – adds extra layer if primary control is weak
Application sandboxing – isolates apps to limit damage
Network segmentation – divides network to contain threats
Quick Explanation:
Compensating controls provide alternative protection when the primary control is unavailable or insufficient.
Memory Tip:
“Compensate = Backup or extra safety net.”
(They fill in security gaps.)
The term “Directive security controls” refers to the category of security controls that are implemented through policies and procedures.
Answer: True.
What Directive Security Controls Are:
Controls implemented through policies and procedures
Provide instructions and guidance on security practices
Help direct behavior to meet security goals
Quick Explanation:
Directive controls tell people what should be done to maintain security, but don’t enforce it technically.
Memory Tip:
“Directive = Rules and instructions.”
(They guide how to act securely.)
Which of the following terms fall into the category of directive security controls? (Select 2 answers)
Answer: IRP and AUP.
IRP (Incident Response Plan) – guides how to handle incidents
AUP (Acceptable Use Policy) – defines proper use of resources
Quick Explanation:
Both are documents/policies that provide instructions and rules to direct user behavior.
Memory Tip:
“Directive = Written rules and plans.”
(Policies that tell you what to do.)
Which of the terms listed below can be used to describe the basic principles of information security?
Answer: CIA.
Confidentiality – keep data private
Integrity – ensure data is accurate and unaltered
Availability – ensure data/systems are accessible when needed
Quick Explanation:
CIA triad is the foundation of information security, balancing privacy, accuracy, and access.
Memory Tip:
“CIA = Protect data’s secrets, truth, and access.”
The term “Non-repudiation” describes the inability to deny responsibility for performing a specific action. In the context of data security, non-repudiation ensures data confidentiality, provides proof of data integrity, and proof of data origin.
Answer: False.
What Non-repudiation Is:
Cannot deny performing an action (proof of origin and integrity)
Does NOT ensure confidentiality
Provides proof that data came from a specific source and wasn’t altered
Quick Explanation:
Non-repudiation prevents someone from denying they sent/created data, but it doesn’t keep data secret.
Memory Tip:
“Non-repudiation = No ‘I didn’t do it’ defense.”
(Proof of who did what, not who can see it.)
Which of the following best applies to the concept of non-repudiation?
Answer: Digital certificate.
Digital certificate – proves identity and ownership of data
Used in digital signatures to verify sender authenticity
Helps ensure sender can’t deny their action
Quick Explanation:
Digital certificates link a person to a cryptographic key, providing proof they performed a specific action (like signing a document).
Memory Tip:
“Digital certificate = Your digital ID card.”
(It proves it’s really you.)
Which type of user account violates the concept of non-repudiation?
Answer: Shared account.
Shared account – multiple users use the same login
Makes it impossible to prove who performed an action
Breaks accountability and traceability
Quick Explanation:
Non-repudiation requires individual accountability, which shared accounts eliminate.
Memory Tip:
“Shared accounts = No proof of who did what.”
(Non-repudiation fails when identities are shared.)
Which part of the AAA security architecture deals with the verification of the identity of a person or process?
Answer: Authentication.
Authentication – confirms who you are (user/process)
Examples: passwords, biometrics, tokens
Quick Explanation:
Authentication checks credentials to prove identity before granting access.
Memory Tip:
“Authentication = ID check.”
(It’s the “Who are you?” step.)
In the AAA security architecture, the process of granting or denying access to resources is known as:
Answer: Authorization.
Authorization – decides what you’re allowed to do after identity is verified
Controls access to resources based on permissions
Quick Explanation:
After authentication confirms who you are, authorization determines what actions or resources you can access.
Memory Tip:
“Authorization = Permission check.”
(“What can you do?”)
In the AAA security architecture, the process of tracking accessed services and logging resource consumption is called:
Answer: Accounting.
Accounting – tracks and logs user activities and resource usage
Helps with auditing, billing, and monitoring
Quick Explanation:
Accounting records who did what and when, providing an activity trail.
Memory Tip:
“Accounting = The audit log.”
(Tracks actions for review later.)
Which of the following solutions provide(s) the AAA functionality? (Select all that apply)
Answer: TACACS+ and RADIUS.
TACACS+ – separates authentication, authorization, and accounting; Cisco-focused
RADIUS – combines auth and accounting; widely used for network access
Quick Explanation:
Both protocols manage authentication, authorization, and accounting for network access control.
Memory Tip:
“TACACS+ & RADIUS = AAA managers.”
(They control who gets in, what they can do, and track it.)
In the context of the AAA framework, common methods for authenticating people include: (Select 3 answers)
Answer: Usernames and passwords, Biometrics, and MFA.
Usernames and passwords – basic credential check
Biometrics – fingerprint, face recognition, etc.
MFA (Multi-Factor Authentication) – combines multiple methods for stronger verification
Quick Explanation:
Authentication uses these methods to confirm identity before access is granted.
Memory Tip:
“Auth = Who you are (password), what you are (biometrics), and what you have (MFA).”
