🃏 Security+ Flashcards

Q: What is the CIA triad?

A: Confidentiality (only authorized access), Integrity (data is accurate/unmodified), Availability (systems accessible when needed).

Q: What is Zero Trust?

A: Security model: never trust, always verify. Every access request authenticated/authorized regardless of location. Microsegmentation.

Q: What is the difference between symmetric and asymmetric encryption?

A: Symmetric: one shared key (fast, AES). Asymmetric: public/private key pair (slower, RSA/ECC). Asymmetric often used to exchange symmetric keys.

Q: What is a SIEM?

A: Security Information and Event Management — collects, correlates, and analyzes logs from multiple sources for threat detection.

Q: What is the incident response process?

A: Preparation → Detection/Analysis → Containment → Eradication → Recovery → Lessons Learned.

Q: What is SQL injection?

A: Inserting malicious SQL into input fields to manipulate database queries. Mitigated by parameterized queries/prepared statements.

Q: What is MFA?

A: Multi-Factor Authentication — requires 2+ different factor types: something you know, have, are, or somewhere you are.

Q: What is RBAC?

A: Role-Based Access Control — permissions assigned to roles, users assigned to roles. Simplifies access management.

Q: What is a certificate chain of trust?

A: Root CA → Intermediate CA → End-entity certificate. Browser trusts root CAs in its trust store.

Q: What is the difference between IDS and IPS?

A: IDS: detects and alerts (passive). IPS: detects and blocks (inline, active prevention).