Sy0 501 - Study guides, Class notes & Summaries

Comptia Security+ SY0-501 (FedVTE): Risk Management Security Policy Awareness Purpose - To enhance security by: - Improving awareness of the need to protect system resources - Developing skills/knowledge so computer uses can perform their jobs more securely End User Training - - Purpose, explanation, importance of adhering to security policy/procedures - Training should be initial, periodic, and ongoing Role Based Training - Specialized training that is customized to the specif...

Test Bank For CompTIA Security+ SY0-501 Cert Guide, Academic Edition 2nd Edition All Chapters

CompTIA SY0-501 CompTIA SY0-501 Exam Actual Questions Exam CompTIA SY0-501 CompTIA SY0-501 Exam Actual Questions Exam When identifying a company's most valuable assets as part of a BIA, which of the following should be the FIRST priority? A. Life B. Intellectual property C. Sensitive data D. Public reputation A. Life A company's user lockout policy is enabled after five unsuccessful login attempts. The help desk notices a user is repeatedly locked out over the course of a work...

Use Case CORRECT ANSWERS: A goal that an organization wants to achieve. (Chp. 1) Confidentiality CORRECT ANSWERS: Prevents the unauthorized disclosure of data. It ensures that data is only viewable by authorized users. (Chp. 1) What is the CIA triad? CORRECT ANSWERS: Confidentiality, Integrity, Availability (Chp.1) What does PII stand for? CORRECT ANSWERS: Personally Identifiable Information (Chp.1) Access Controls use _________, __________, and _________ combined to provide acce...

3DES CORRECT ANSWERS: Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide confidentiality. It is a block cipher that encrypts data in 64-bit blocks. AAA CORRECT ANSWERS: Authentication, authorization, and accounting. A group of technologies used in remote access systems. Authentication verifies a user's identification. Authorization determines if a user should have access. Accounting tracks a user's access with logs. Sometimes called AAAs of security...

Which of the following should risk assessments be based upon as a best practice? A. A quantitative measurement of risk and impact and asset value B. An absolute measurement of threats C. A qualitative measurement of risk and impact D. A survey of annual loss and potential threats and asset value CORRECT ANSWERS: A. A quantitative measurement of risk and impact and asset value A risk management concept where operations resume at some capacity, despite the presence of a failure, i...

You're the chief security contact for MTS. One of your Primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task? A. Policies B. Standards C. Guidelines D. BIA CORRECT ANSWERS: C. Guidelines help clarify processes to maintain standards. Guidelines tend to be less formal than policies or stan...

Explain SFTP CORRECT ANSWERS: SFTP or Secure FTP uses SSH to harden FTP. Uses SSH TCP Port 22. What is the difference between Recovery Time Objective and Recovery Point objective? CORRECT ANSWERS: Recovery Time Objective is the the target for how long it takes to get a system back online while Recovery Point Objective is how far back the recovery needs to go (Example: Server backups contain can go back 1 month). What are the two purposes of a proxy? CORRECT ANSWERS: Filtering and monito...