Authentication & Access Control
This method relies on something you know, something you have, and something you are.
What is multifactor authentication? (Q108)
This decoy system is designed to lure attackers and monitor their actions.
attackers and monitor their actions.What is a honeypot? (Q80)
This technique protects stored data so it remains unreadable if a device is stolen.
What is encryption at rest? (Q125)
This step ensures patches are planned, reviewed, and approved before implementation.
What is a change control request? (Q72)
This design principle ensures that a critical emergency web app is always usable.
What is availability? (Q116)
This physical object can serve as a second authentication factor when smartphones aren’t allowed.
What is a smart card? (Q156)
This logging activity is often used after a breach to understand what occurred.
What is a detective control? (Q92)
This visual obfuscation technique is used to hide all but the last four digits of credit card numbers.
What is masking? (Q114)
This planned activity window is used to perform updates with minimal business disruption.
What is scheduled downtime? (Q98
This form of evidence ensures a message cannot be denied by its sender.
What is non-repudiation? (Q84)
This access control method uses a scannable item to permit entry.
What is badge access (Q121)
This system analyzes logs and alerts security teams of suspicious activity.
What is a SIEM system? (Q139)
This method transforms sensitive data into an unreadable format and allows future decryption.
What is encryption? (Q141)
This security hardening strategy disables unnecessary services to protect older systems.
What is hardening? (Q105)
This protocol checks if a certificate has been revoked in real-time.
What is OCSP? (Q102)
This physical security feature uses two interlocking doors to prevent tailgating.
What is an access control vestibule? (Q140)
This control type is used to monitor and detect malicious activity within systems.
What is a detective control? (Q139)
This technique replaces sensitive data with meaningless placeholders for lower risk exposure.
What is tokenization? (Q141-related)
This process evaluates the impact and approval of IT changes via formal review.
What is change management? (Q72 – deeper)
This method is used by banks to secure data on laptops in case of theft.
What is encryption at rest? (Q125)
This form of access control enforces strict verification at every access request, regardless of location.
What is Zero Trust? (Q146)
This Zero Trust concept applies network segmentation to protect sensitive data zones.
What are secured zones? (Q160)
This technique hides data inside another file type, like an image or audio file.
What is steganography? (Q106)
These types of controls protect legacy systems when standard controls aren't viable.
What are compensating controls? (Q175)
This security model enforces policy, limits threat exposure, and assumes no default trust.
What is Zero Trust? (Q146)