100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CompTIA SEC+ Exam Questions With Correct Answers $11.49   Add to cart

Exam (elaborations)

CompTIA SEC+ Exam Questions With Correct Answers

 12 views  0 purchase
  • Course
  • CompTIA
  • Institution
  • CompTIA

CompTIA SEC+ Exam Questions With Correct Answers AAA - answerA group of technologies used in remote access systems. ____verifies a user's identification. ___ determines if a user should have access. ___ tracks a user's access with logs. Sometimes called AAAs of security. ACL (Access Control Li...

[Show more]

Preview 3 out of 22  pages

  • August 17, 2024
  • 22
  • 2024/2025
  • Exam (elaborations)
  • Questions & answers
  • CompTIA
  • CompTIA
avatar-seller
Brightstars
EXAM STUDY MATERIALS 8/7/2024 11:29 AM




CompTIA SEC+ Exam Questions With
Correct Answers

AAA - answer✔✔A group of technologies used in remote access systems. ____verifies a user's
identification. ___ determines if a user should have access. ___ tracks a user's access with logs.
Sometimes called AAAs of security.

ACL (Access Control List) - answer✔✔A set of data (user names, passwords, time and date, IP
address, MAC address, etc.) that is used to control access/permissions to a resource such as a
computer, file, or network. (R,W,X, Delete)

AES (Advanced Encryption Standard) - answer✔✔A strong symmetric block cipher that
encrypts data in 128-bit blocks. ____ can use key sizes of 128 bits, 192 bits, or 256 bits.
Replaced DES.

AH (Authentication Header) - answer✔✔An IPSec protocol that provides authentication for the
origin of transmitted data as well as integrity and protection against replay attacks.

AI (artificial intelligence) - answer✔✔simulates human thinking and behavior, such as the
ability to reason and learn. Its ultimate goal is to build a system that can mimic human
intelligence.

(AIS)Automated Indicator Sharing - answer✔✔An initiative from the US DHS that enables the
exchange of cybersecurity threat indicators.

ALE (Annual Loss Expectancy) - answer✔✔The total cost of a risk to an organization on an
annual basis. This is determined by multiplying the single loss expectancy (SLE) by the annual
rate of occurrence (ARO).
ALE = SLE*ARO

AP (Access Point) - answer✔✔A device that provides a connection between wireless devices
and can connect to wired networks. Also known as wireless access point or WAP.

API (Application Programming Interface) - answer✔✔A library of programming utilities used,
for example, to enable software developers to access functions of the TCP/IP network stack
under a particular operating system.

, EXAM STUDY MATERIALS 8/7/2024 11:29 AM

APT (Advanced Persistent Threat) - answer✔✔A threat that is rooted in the capability to
infiltrate a network and remain inside while going undetected. Usual aim is for more targeted and
strategic objectives.

ARO (Annualized Rate of Occurrence) - answer✔✔the likelihood of an event occurring within a
year
Calculated by / number of failures into the number of years between failures.


Ex: 1 failure in 5 years (1/5 = .20) or 20%

ARP (Address Resolution Protocol) - answer✔✔A communications protocol that resolves IP
addresses to MAC addresses.

ASLR (Address Space Layout Randomization) - answer✔✔A technique that randomizes where
components in a running application are placed in memory to protect against buffer overflows.

ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) - answer✔✔A
knowledge base maintained by the MITRE Corporation for listing and explaining specific
adversary tactics, techniques, and procedures.

AUP (Acceptable Use Policy) - answer✔✔Defines what action employees may or may not
preform on company equipment, including computers, phones, printers, and even the network
itself. This policy defines the handling of passwords, e-mail, and many other issues.

AV (AntiVirus) - answer✔✔Software program used to protect the user environment that scans
for downloadable malicious code.
Typically uses signature-based detection, and not effective against zero-days or polymorphic
malware.

bash (Bourne again shell) - answer✔✔Powerful UNIX/LINUX shell and command language
Used to issue commands that get executed, which can also be turned into shell scripts
Often used for automation

BCP (Business Continuity Plan) - answer✔✔the plans we put in place to ensure that critical
business functions can continue operations in the event of an emergency

BGP (Border Gateway Protocol) - answer✔✔Dubbed the "protocol of the Internet," this path-
vector routing protocol is the only current EGP and is capable of considering many factors in its
routing metrics.

, EXAM STUDY MATERIALS 8/7/2024 11:29 AM

BIA (Business Impact Analysis) - answer✔✔Identifies critical business or mission requirements
and includes elements such as Recovery Time Objectives (RTOs) and Recovery Point Objectives
(RPOs), but it doesn't identify solutions.

BIOS (basic input/output system) - answer✔✔Firmware that can control much of a computer's
input/output functions, such as communication with the keyboard and the monitor.

BPA (Business Partners Agreement) - answer✔✔An agreement between partners in a business
that outlines their responsibilities, obligations, and sharing of profits and losses.

BPDU (Bridge Protocol Data Unit) - answer✔✔the data message exchanged by switches
participating in the Spanning Tree Protocol.

BYOD (bring your own device) - answer✔✔The practice of allowing users to use their own
personal devices to connect to an organizational network.

CA (Certificate Authority) - answer✔✔A server that can issue digital certificates and the
associated public/private key pairs. A primary component of PKI.

CAR (Corrective Action Report) - answer✔✔A report used to document actions taken to correct
an event, incident, or outage.

CASB (Cloud Access Security Broker) - answer✔✔A software tool or service that enforces
cloud-based security requirements. It is placed between the organization's resources and the
cloud, monitors all network traffic, and can enforce security policies.

CBC (Cipher Block Chaining) - answer✔✔Encryption technique where each plaintext block is
XORed with the previous cipher text block. Performs a different set of input and output to the
data to add some randomization.
Provides confidentiality ONLY not integrity.

CCMP (Counter Mode CBC-MAC Protocol) - answer✔✔WPA2 security protocol based on AES
encryption

CCTV - answer✔✔This is a detective control that provides video surveillance. Video
surveillance provides reliable proof of a person's location and activity. It can be used by an
organization to verify if any equipment or data is being removed.

CERT (Computer Emergency Response Team) - answer✔✔A group of people integrated at the
enterprise with clear lines of reporting and responsibilities for standby support in case of an
information systems emergency. This group will act as an efficient corrective control, and should
also act as a single point of contact for all incidents and issues related to information systems.

CHAP (Challenge Handshake Authentication Protocol) - answer✔✔Common remote access
protocol authentication method; the serving system challenges the remote client, usually by
means of asking for a password. (The hash is transmitted)

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Brightstars. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $11.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

76799 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$11.49
  • (0)
  Add to cart