CompTIA Security+ Exam Flashcards

Flashcards covering the key concepts from the CompTIA Security+ exam lecture notes.

What is Information Security?

The act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure and corruption, and destruction.

What is Information Systems Security?

The act of protecting the systems that hold and process the critical data.

What is a Threat?

Anything that could cause harm, loss, damage, or compromise to IT Systems.

What are some examples of external sources of threats?

Natural disasters, cyber-attacks, data integrity breaches, disclosure of confidential information.

What is a Vulnerability?

Any weakness in the system, design, or implementation.

What are some examples of internal sources of threats?

Software bugs, misconfigured software, improperly protected network devices, missing security patches, lack of physical security.

What is Risk Management?

Finding different ways to minimize the likelihood of an outcome occurring and achieve the desired outcomes.

What is Confidentiality?

Refers to the protection of information from unauthorized access and disclosure.

What are the main reasons for Confidentiality?

Protect personal privacy, maintain a business advantage, achieve regulatory compliance.

What elemental methods are used to maintain confidentiality?

Encryption, Access Controls, Data Masking, Physical Security Measures, Training and Awareness.

What is Data Masking?

Method that involves obscuring data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and user for authorized users.

What is Hashing?

Process of converting data into a fixed-size value.

What is Integrity?

Helps to ensure information and data remain accurate and unchanged from their original state unless intentionally modified by an authorized individual.

What are the goals of Integrity?

Ensure data accuracy, maintain trust, ensure system operability.

What methods are used to keep Integrity?

Hashing, Digital Signatures, Checksums, Access Controls, Regular Audits.

What are Digital Signatures?

Use encryption to ensure integrity and authenticity.

What are Checksums?

Method to verify the integrity of data during transmission.

What is Availability?

Used to ensure that information, systems, and resources are accessible and operational when needed by authorized user.

What are the goals of Availability?

Ensuring Business Continuity, Maintaining Customer Trust, Upholding an Organization’s Reputation.

What is Redundancy?

Duplication of critical components or functions of a system with the intention of enhancing its reliability.

What are the types of Redundancy?

Server redundancy, data redundancy, network redundancy, power redundancy

What is Non-repudiation?

Focused on providing undeniable proof in digital transactions.

What are the main reasons for Non-repudiation?

Confirming the Authenticity of Digital Transactions, Ensuring Integrity, Providing Accountability.

What is Authentication?

Security measure that ensures individuals or entities are who they claim to be during a communication or transaction.

What are the common user Authentication methods?

Something you know, Something you have, Something you are, Something you do, Somewhere you are.

What is Multi-factor Authentication?

The security process that requires users to provide multiple methods of identification to verify their identity

What is Authorization?

Permissions and privileges granted to users or entities after they have been authenticated.

What are Syslog servers?

Used to aggregate logs from various network devices and systems so that system administrators can analyze them to detect patterns or anomalies in the organization’s systems.

What is SIEM (Security Information & Event Management)?

Provides real-time analysis of security alerts generated by various hardware and software infrastructures in an organization.

What are Managerial Controls?

Involve the strategic planning and governance side of security.

What are Operational Controls?

Procedures and measures that are designed to protect data on a day-to-day basis and are mainly governed by internal processes and human actions.

What are Physical Controls?

Tangible, real-world measures taken to protect assets.

What are Preventive Controls?

Proactive measures implemented to toward potential security threats or breaches

What are Deterrent Controls?

Aim to discourage potential attackers by making the effort seem less appealing or more challenging.

What are Detective Controls?

Monitor and alert organizations to malicious activities as they occur or shortly thereafter.

What are Corrective Controls?

Mitigate any potential damage and restore the systems to their normal state.

What are Compensating Controls?

Alternative measures that are implemented when primary security controls are not feasible or effective.

What are Directive Controls?

Often rooted in policy or documentation and set the standards for behavior within an organization.

What is Policy Engine?

Cross-references the access request with its predefined policies.

What is Policy Administrator?

Used to establish and manage the access policies.

What is Policy Enforcement Point?

Allow or restrict access, and it will effectively act as a gatekeeper to the sensitive areas of the systems or networks.

What is Gap Analysis?

Process of evaluating the differences between an organization’s current performance and its desired performance.

What is Plan of Action and Milestones (POA&M)?

Outlines the specific measures to address each vulnerability, allocate resources, and set up timelines for each remediation task that is needed.

What is a Threat Actor?

An individual or entity responsible for incidents that impact security and data protection.

What are Honeypots?

Decoy systems or servers designed to attract and deceive potential attackers, simulating real-world IT assets to study their techniques.

What are Honeynets?

Creates an entire network of decoy systems to observe complex, multi-stage attacks.

What is Data Exfiltration?

The unauthorized transfer of data from a computer.

What is Espionage?

Involves spying on individuals, organizations, or nations to gather sensitive or classified information.

Who are Ethical Hackers?

Ethical hackers, also known as Authorized hackers, are motivated by a desire to improve security.

Who are Hactivists?

Individuals or groups that use their technical skills to promote a cause or drive social change instead of for personal gain.

What is a False Flag Attack?

Attack that is orchestrated in such a way that it appears to originate from a different source or group.

What are Insider Threats?

Cybersecurity threats that originate from within the organization.

What is Shadow IT?

The use of information technology systems, devices, software, applications, and services without explicit organizational approval.

What is a Threat Vector?

The means of pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload or carry out an unwanted action.

What is an Attack Surface?

Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment.

What are Tactics, Techniques, and Procedures (TTPs)?

Specific methods and patterns of activities or behaviors associated with a particular threat actor or group of threat actors.

What is a Fence?

Structure that encloses an area using interconnected panels or posts.

What are Bollards?

Robust, short vertical posts, made of steel or concrete, that are designed to manage or redirect vehicular traffic.

What is Brute Force?

Attack where access to a system is gained by trying all of the possibilities until breaking through.

What are Surveillance Systems?

Maintains the security and safety of facilities, including business, home, or commonly used public areas

What is Access Control Vestibule?

Double-door system that is designed with two doors that are electronically controlled to ensure that only one door can be opened at a given time.

What is Piggybacking?

Person with legitimate access intentionally allows another person without authorization to enter a secure area with them.

What is Tailgating?

Unauthorized person follows someone with legitimate access to the secure space without their knowledge or consent.

What is a Door Lock?

Physical security control that is designed to secure entryways by restricting and regulating access to a particular space or property.

What is False Acceptance Rate (FAR)?

The rate that the system authenticates a user as valid, even though that person should not have been granted access to the system.

What is False Rejection Rate (FRR)?

Occurs any time the biometrics system denies a user who should have been allowed access to the system.

What is Access Badge Cloning?

Refers to copying the data from an RFID or NFC card or badge onto another card or device.

What is Social Engineering?

Manipulative strategy that exploits human psychology to gain unauthorized access to systems, data, or physical spaces.

What is Phishing?

Fraudulent attack using deceptive emails from trusted sources to trick individuals into disclosing personal information like password and credit card numbers.

What is Business Email Compromise (BEC)?

Advanced phishing attack that leverages internal email accounts within a company to manipulate employees into carrying out malicious actions for the attacker.

What is a Scam?

Fraudulent or deceptive act or operation.

What is Fraud?

Wrongful or criminal deception intended to result in financial or personal gain.

What is Misinformation?

Inaccurate information shared unintentionally.

What is Disinformation?

Intentional spread of false information to deceive or mislead.

What is a Hoax?

Malicious deception that is often spread through social media, email, or other communication channels.

What is Shoulder Surfing?

Looking over someone’s shoulder to gather personal information.

What is Baiting?

Planting a malware-infected device for a victim to find and unintentionally introduce malware to their organization’s system.

What is Malware?

Any software that is designed to infiltrate a computer system without the user’s knowledge.

What are Virus?

Malicious software that attaches to clean files and spreads into a computer system.

What are Worms?

Standalone malware programs that replicate and spread to other systems by exploiting software vulnerabilities

What are Trojans?

Malicious programs which appear to be legitimate software that allow unauthorized access to a victim’s system when executed.

What is Ransomware?

Encrypts a user’s data and holds it hostage until a ransom is paid to the attacker for decryption.

What are Zombies?

Compromised computers that are remotely controlled by attackers and used in coordination to form a botnet.

What are Rootkits?

Malicious tools that hide their activities and operate at the OS level to allow for ongoing privileged access.

What are Keyloggers?

Record a user’s keystrokes and are used to capture passwords or other sensitive information.

What is Spyware?

Secretly monitors and gathers user information or activities and sends data to third parties.

What are the types of Viruses?

Boot Sector, Macro, Program, Multipartite, Encrypted, Polymorphic, Metamorphic, Stealth, Armor, Hoax

What is Exploit Technique?

Used to describe the specific method by which malware code infects a target host

What is Data Protection?

Process of safeguarding important information from corruption, compromise, or loss.

What is Data Classification?

Category based on the organization’s value and the sensitivity of the information if it were to be disclosed.

What is Data Sovereignty?

Information is subject to the laws and governance structures within the nation where it is collected.

Who is a Data Owner?

Senior executive role that has the responsibility for maintaining the confidentiality, integrity, and availability of the information asset.

Who is a Data Steward?

Is focused on the quality of the data and the associated metadata

What is Regulated Data?

Information controlled by laws, regulations, or industry standards

What is Intellectual property (IP)?

Creations of the mind, such as inventions, literary and artistic works, designs, and symbols.

What is Data Sovereignty?

Concept that digital information is subject to the laws of the country in which it is located.

What is Geofencing?

Involves setting up virtual boundaries to restrict data access based on geographic location.

What is Encryption?

Process of converting ordinary information (plaintext) into an unintelligible form (ciphertext).

What is Tokenization?

Replaces sensitive data with non-sensitive substitutes, known as tokens

What is Obfuscation?

Involves making data unclear or unintelligible, making it difficult for unauthorized users to understand.