Domain 1:General Security Concepts
This process ensures evidence is tracked and protected from collection to presentation in court.
What is a chain of custody?
This is the first step attackers take to gather information before trying to break into a system.
What is reconnaissance?
This type of access control lets users decide who can access the files and resources they own.
What is discretionary access control (DAC)?
This command helps you find the IP address of a website or domain name.
What is nslookup?
This policy explains how a company should protect and use customer information.
What is a data privacy policy?
This type of control includes policies and procedures created to guide an organization’s security.
What is a managerial control?
This type of malware locks or encrypts your files and demands money to unlock them.
What is ransomware? OR What is crypto-ransomware?
A dual-homed gateway typically has this many network interfaces.
What is 2?
This document logs who accessed evidence and when, helping ensure its integrity.
What is a chain of custody document?
This policy tells employees what they can and cannot do with company computers and devices.
What is an acceptable use policy (AUP)?
This team watches over an organization’s systems and responds to security threats as they happen.
What is a Security Operations Center (SOC)?
This happens when employees use apps or tools at work without telling the IT department.
What is shadow IT?
This firewall function filters data packets to determine whether they are allowed through.
What is packet filtering?
This fast and effective malware recovery method restores a system to a clean state.
What is re-imaging the computer?
This risk strategy moves the responsibility for a risk to someone else, like buying insurance.
What is risk transference?
This type of risk analysis uses numerical values, such as asset value, exposure factor, and annualized rate of occurrence, to calculate potential financial loss.
What is quantitative risk analysis?
In this type of attack, a hacker forces a system to use a weaker, older version of security to make it easier to break in.
What is a downgrade attack?
This cloud service lets you use software through the internet without installing it on your computer.
What is Software as a Service (SaaS)?
This MFA factor uses the device's geographic location to authenticate users.
What is somewhere you are?
This is the risk that remains after you put security measures in place.
What is residual risk?
This type of security protects buildings, rooms, and equipment from unauthorized access.
What is physical security?
In this type of attack, a hacker sends harmful code into a program to trick it into doing something it shouldn’t.
What is an injection attack?
This advanced security device offers Layer 7 filtering, can block threats, check apps, and control traffic based on users.
What is a Next Generation Firewall (NGFW)?
This security tool watches network traffic and alerts you if it sees suspicious activity, but does not take direct action to block it.
What is an Intrusion Detection System (IDS)
This document lists all the risks a company faces, who is responsible, and how to handle them.
What is a risk register?