Comptia
Security+
(SY0-601)
CIA
Triad
-
ANSConfidentially,
Integrity
and
Availability.
Least
privilege
/Need-to-know
basis
-
ANSGiving
someone
the
most
limited
access
required
to
so
they
can
perform
their
job.
Defence
in
Depth
-
ANSProtecting
a
company's
data
with
a
series
of
protective
layers.
Annual
Risk
Assessment
-
ANSA
risk
register
where
the
financial
director
will
look
at
all
of
the
risks
associated
with
money
and
the
IT
manager
will
look
at
all
of
the
risks
posed.
Annual
Security
Awareness
Training
-
ANSWhere
you
are
reminded
about
what
you
should
be
doing
on
a
daily
basis
to
keep
the
company
safe.
Change
Advisory
Board
(CAB)
-
ANSAssists
with
the
prioritisation
of
changes.
Business
Continuity
Plan
(BCP)
-
ANSContingency
planning
to
keep
the
business
up
and
running
when
a
disaster
occurs,
by
identifying
single
points
of
failure.
Firewall
Rule
-
ANSA
rule
in
the
firewall
specifying
if
a
connection
is
allowed
or
denied.
Antivirus/Antimalware
-
ANSSoftware
or
hardware
that
protects
against
or
removes
malicious
software.
Screen
Saver
-
ANSA
feature
that
logs
computers
off
when
they
are
idle.
Screen
Filter
-
ANSA
device
which
prevents
people
from
viewing
your
screen,
while
they
are
walking
past.
Closed
Circuit
Television
(CCTV)
-
ANSEquipment
used
to
record
events
through
cameras
and
or
sensors.
Log
Files
-
ANSText
files
that
record
events
and
times
that
occur.
Write-Once
Read-Many
Drive
(WORM)
-
ANSA
hard
drive
that
can
only
be
written
to
once,
but
read
many
times.
Fire
Suppression
System
-
ANSAn
oxygen
suppressant
system
that
starves
a
fire
to
prevent
damage
to
equipment.
Disable
User
Accounts
-
ANSWhen
someones
leaves
a
company,
their
account
is
disabled
and
password
changed
immediately. Operating
System
Hardening
-
ANSThe
operating
system
is
fully
patched,
all
unused
features
and
services
are
disabled.
Identification
(Access
Controls)
-
ANSAn
identifying
piece
of
information
such
as
a
number
or
list
of
characters.
Security
Identifier
(SID)
-
ANSAn
identifier,
that
is
tied
to
an
account.
Authentication
(Access
Controls)
-
ANSThe
person
making
the
request,
is
who
they
say
they
are.
Authorisation
(Access
Controls)
-
ANSThe
amount
of
access
given
to
a
user.
New
Technology
File
System
(NTFS)
-
ANSA
proprietary
file
system
created
by
Microsoft.
Discretionary
Access
Control
(DAC)
-
ANSA
control
system,
that
the
user
is
only
given
access,
that
they
need
to
perform
their
job.
Full
Control
(DAC)
-
ANSThe
user
has
full
control.
Modify
(DAC)
-
ANSThe
user
can
change,
read
and
execute
data.
Read
and
Execute
(DAC)
-
ANSThe
user
can
read
the
data
or
run
the
program.
List
Folder
Contents
(DAC)
-
ANSThe
user
can
see
the
directory
and
its
subdirectories.
Read
(DAC)
-
ANSThe
user
can
read
the
data.
Write
(DAC)
-
ANSThe
user
can
write
to
the
file.
Special
Permissions
(DAC)
-
ANSThe
user
has
granular
access.
Data
Creator/Owner
(DAC)
-
ANSThe
user
has
permission
to
get
permissions
for
other
users.
Mandatory
Access
Control
(MAC)
-
ANSA
classification
of
data
based
on
how
much
damage
it
could
cause.
Top
Secret
(MAC)
-
ANSThe
highest
level
of
damage.
Secret
(MAC)
-
ANSCauses
serious
damage.
Confidential
(MAC)
-
ANSCauses
damage.
Restricted
(MAC)
-
ANSHas
an
undesirable
effect.
Owner
(MAC)
-
ANSThe
user
who
writes
data
and
determines
classification. Steward
(MAC)
-
ANSThe
user
who
labels
the
data.
Custodian
(MAC)
-
ANSThe
user
who
stores
and
manages
classified
data.
Security
Administrator
(MAC)
-
ANSThe
user
who
gives
access
to
classified
data,
once
approved.
Role-Based
Access
Control
(RBAC)
-
ANSAn
access
control
system,
which
uses
roles
to
determine
access.
Rule
Based
Access
Control
(RBAC)
-
ANSAn
access
control
system,
which
uses
rules
to
determine
access.
Attribute-Based
Access
Controls
(ABAC)
-
ANSAn
access
control
system,
which
uses
account
attributes
to
determine
access.
Group-Based
Access
Control
(GBAC)
-
ANSAn
access
control
system,
which
uses
account
groups
to
determine
access.
Linux-Based
Access
Control
(LBAC)
-
ANSAn
access
control
system,
which
is
used
by
Linux
to
determine
access
and
uses
a
numeric
or
alpha
format.
Owner
(LBAC)
-
ANSThe
first
number
listed
in
the
LBAC
permissions.
Group
(LBAC)
-
ANSThe
second
number
listed
in
the
LBAC
permissions.
All
other
uses
(LBAC)
-
ANSThe
third
number
listed
in
the
LBAC
permissions.
Read
(LBAC)
-
ANSRepresented
as
an
'r'
in
LBAC
permissions.
Write
(LBAC)
-
ANSRepresented
as
an
'w'
in
LBAC
permissions.
Execute
(LBAC)
-
ANSRepresented
as
an
'x'
in
LBAC
permissions.
Signage
-
ANSHighly
visible
signs
warning,
this
is
a
secure
area.
Fence/Gates
-
ANSUsed
to
block
unauthorised
physical
access
to
a
secure
area.
Armed
Guards
-
ANSPeople
who
manage
physical
access
to
a
secure
area.
Lighting
-
ANSUsed
to
illuminate
areas,
which
could
be
used
to
gain
unauthorised
access
to
a
secure
area.
Cameras
-
ANSUsed
to
monitor
the
perimeter
of
a
secure
area.
Robot
Sentries
-
ANSRobots
used
to
patrol
the
perimeter
of
a
secure
area. Industrial
Camouflage
-
ANSCamouflage
used
by
buildings
to
obscure
the
building
from
aerial
photos.
Two-Person
Integrity/Control
-
ANSWhen
two
people
are
guarding
a
secure
area,
in
case
one
is
occupied
with
something
else.
Badge
-
ANSAn
item
with
a
photo,
name
and
signature,
used
to
identify
someone.
Key
Management
-
ANSDepartmental
keys
are
signed
in
and
out,
to
prevent
someone
from
taking
keys
away
and
making
copies.
Mantrap
-
ANSA
turnstile
device
used
to
limit
one
person
from
entering
at
a
time.
Proximity
Card
-
ANSContactless
card
used
to
gain
access
to
secure
areas.
Tokens
(Physical)
-
ANSSmall
physical
device
used
to
gain
access
to
a
secure
area.
Biometric
Lock
-
ANSA
lock
that
uses
biometric
authentication.
Eletronic
Lock
-
ANSA
lock
that
uses
a
PIN
code
to
allow
access.
Internal
Protection
-
ANSSeparation
of
secure
and
non-secure
areas.
Conduit
-
ANSA
container
to
secure
cables
from
tampering
or
being
destroyed.
Heating,
Ventilation
,
and
Air
Conditioning
(HVAC)
-
ANSA
system
used
to
control
environmental
conditions
within
a
building.
Cable
Lock
-
ANSA
cable
with
a
lock
at
the
end,
to
stop
people
from
stealing
devices.
Air
Gap
-
ANSA
computer
with
no
network
connections.
USB
Data
Blocker
-
ANSA
device
that
blocks
the
data
pins
on
a
USB
device.
Juice
Jacking
-
ANSStealing
data
from
a
machine
when
it's
charging.
Vault
-
ANSA
cloud
server
that
stores
encrypted
data.
Faraday
Cage
-
ANSA
metal
structure
that
blocks
wireless
or
cellular
signals.
Forensic
Process
19
-
ANSA
digital
forensic
process
made
up
of:
Collection,
Examination,
Analysis
and
Reporting.
National
Institute
of
Standards
and
Technology
(NIST)
-
ANSA
physical
sciences
laboratory
and
a
non-regulatory
agency
of
the
United
States
Department
of
Commerce
Admissibility
-
ANSA
measure
of
whether
a
piece
of
evidence
is
relevant
or
legally
acquired.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Qualitydocs. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.49. You're not tied to anything after your purchase.