Flashcards · CompTIA Security+ · Free
CompTIA Security+ flashcards, generated for you.
Example CompTIA Security+ study cards to learn from right now — then generate a full set from your own notes (plus a practice quiz) and export to Quizlet or Anki. Free, no account needed.
Example CompTIA Security+ flashcards
What is the primary purpose of the CIA triad in information security?
The CIA triad (Confidentiality, Integrity, Availability) provides the foundational framework for evaluating and implementing security controls to protect information assets and ensure organizational security objectives are met.
Define confidentiality and identify a control that enforces it.
Confidentiality ensures that information is not disclosed to unauthorized parties. Encryption is a primary control that enforces confidentiality by rendering data unreadable without proper cryptographic keys.
What is the difference between authentication and authorization?
Authentication verifies a user's identity (who you are), typically using credentials like passwords or MFA. Authorization determines what authenticated users can access (what you can do), based on assigned permissions and roles.
Explain the principle of least privilege and why it is critical.
Least privilege grants users only the minimum permissions necessary to perform their job functions. This reduces the attack surface and limits damage from compromised accounts or insider threats.
What is the purpose of multi-factor authentication (MFA) and list two factor types.
MFA requires two or more verification methods to authenticate users, significantly reducing unauthorized access risk. Two factor types include: something you know (password), something you have (security token), something you are (biometric), and somewhere you are (location).
Describe the difference between symmetric and asymmetric encryption.
Symmetric encryption uses a single shared key for both encryption and decryption (fast, but key distribution is difficult). Asymmetric encryption uses a public key (encrypt) and private key (decrypt) pair, enabling secure key exchange and digital signatures.
What is a digital signature and what security properties does it provide?
A digital signature is created by encrypting a message hash with a private key. It provides authentication (proves sender identity), non-repudiation (sender cannot deny signing), and integrity (confirms message was not altered).
What is the purpose of a Security Information and Event Management (SIEM) system?
A SIEM system aggregates, correlates, and analyzes security logs and events from multiple sources in real-time to detect threats, enable incident response, maintain compliance, and provide security visibility across the enterprise.
Distinguish between vulnerability scanning and penetration testing.
Vulnerability scanning is an automated process that identifies known weaknesses without exploiting them. Penetration testing is a manual, authorized attempt to exploit vulnerabilities to assess real-world security impact and business risk.
What is the principle of defense in depth and how does it improve security posture?
Defense in depth employs multiple overlapping security controls across network, application, and endpoint layers. If one control fails, others remain effective, reducing the likelihood that a single breach compromises the entire system.
Make your own CompTIA Security+ study set
Flashcards for related topics
Studying CompTIA Security+ to build with AI? MindloomHQ turns it into real skills — structured courses, agent projects, and certificates.
Explore MindloomHQ →