Professor Messer's CompTIA SY0-701 Security+ Practice Exam Review

A set of 350 vocabulary flashcards directly grounded in the Professor Messer CompTIA SY0-701 Security+ Practice Exams transcript, covering security concepts, attacks, and architecture.

Injection

An attack where an attacker accesses a database directly from a web browser by submitting malicious commands.

On-Path Attack

An attack where the attacker intercepts all communication between a client and a web server, often sitting invisibly between two devices.

RFID Cloning

Matching a description to an attack type involving the duplication of Radio Frequency Identification tags.

Keylogger

Malware or hardware that captures all information typed into a keyboard, including screenshots and media.

Vishing

obtaining sensitive information like bank account numbers or birth dates by calling the victim.

Rootkit

Malware designed to remain hidden on a computer system, often by modifying core system files or kernel drivers.

DDoS

Distributed Denial of Service; an attack where multiple attackers overwhelm a web server to create an outage.

Supply Chain Attack

An attack focusing on the equipment or raw materials used to deliver products or services to an organization.

Security Guard

An operational control used to check authorization of anyone entering a building.

Authentication Token

A hardware or software component used in multi-factor authentication, such as a code generator.

Access Badge

A physical credential used to unlock doors in high-security areas like data centers.

Lighting

A physical security control used in parking lots and visitor drop-offs to improve safety and visibility.

Access Control Vestibule

A room designed to restrict and manage the flow of individuals through a checkpoint.

Fencing

A physical security control used to surround parking lots and exterior areas to control access.

Biometrics

Something you are; using physical characteristics like fingerprints or handprints for authentication.

Technical Control

Security controls implemented through systems, such as firewalls, operating system controls, and automated processes.

Managerial Control

Administrative controls associated with security design and implementation, including policies and procedures.

Operational Control

Security controls often implemented by people, such as awareness programs and security guards.

Physical Control

Controls used to limit physical access, such as fences, badge readers, and guard shacks.

Somewhere You Are

An authentication factor based on geographic location, such as IP address or GPS coordinates.

Something You Have

An authentication factor like a smart ID card, a phone receiving a passcode, or a hardware token.

Something You Are

An authentication factor based on biometrics, such as a fingerprint scan.

Something You Know

An authentication factor based on information like a PIN or a password.

Stateful Firewall

A firewall that allows the first packet in a flow and automatically permits return traffic associated with that original flow.

TCP Port 80

The well-known port used for the HTTP protocol.

TCP Port 443

The well-known port used for the HTTPS protocol.

TCP Port 22

The well-known port used for the SSH (Secure Shell) protocol.

Passive Reconnaissance

Gathering information from open sources such as social media, corporate websites, and business organizations without direct network access.

Vulnerability Scanning

Active reconnaissance that queries systems directly to see if a specific vulnerability currently exists.

Supply Chain Analysis

Examining the security associated with a supplier rather than a company's own internal data.

Regulatory Audit

A detailed security analysis based on existing laws or private guidelines that commonly requires internal system access.

SPF

Sender Policy Framework; a DNS record listing all authorized mail servers for a specific domain.

DMARC

Domain-based Message Authentication Reporting and Conformance; specifies the disposition (accept, spam, reject) of unauthorized emails.

DKIM

Domain Keys Identified Mail; provides a method to validate digitally signed messages from a specific email server.

NAC

Network Access Control; a method to limit network access based on device health checks or user authorization.

Organized Crime

A threat actor motivated by money whose objectives can be easily exchanged for financial capital.

Hacktivist

A threat actor focused on a political agenda and motivated by a particular philosophy.

Nation State

A well-funded threat actor whose primary objective is usually obtaining confidential government info or disrupting operations.

Shadow IT

An internal group within an organization that circumvents IT policies to build their own infrastructure.

Root Cause Analysis

The process of explaining the ultimate cause of an incident to protect against future similar attacks.

E-discovery

The collection, preparation, review, and production of electronic documents, typically for legal purposes.

Risk Appetite

A broad description of the amount of risk an organization is willing to take before acting to reduce it.

Data Subject

Information relating to an identified or identifiable natural person.

System Availability

The requirement that critical services, like emergency medical dispatching, are always accessible when needed.

Automation

Using systems to perform compliance checks or security responses regularly without human intervention.

Maintenance Window

Scheduled downtime for updates and changes where systems generally have limited availability.

Attestation

The final verification or formal opinion of the accuracy of compliance documentation.

External Audit

A verification of the compliance process performed by a third-party organization.

Removable Media

Hot-pluggable storage drives like USB sticks that can be used for data exfiltration.

Host-Based Firewall Logs

Logs created on a local computer that monitor traffic flows; distinct from logs managing hardware access.

UTM

Unified Threat Manager; an appliance that watches traffic flows across the network.

Data In Use

Information actively being processed in system RAM, CPU registers, or CPU cache.

Obfuscated Data

Data modified to make it very difficult to understand while remaining functional.

Trade Secrets

Private business details a company uses that are not shared with any other organization.

Regulated Data

Data created for governmental use that is subject to specific laws regarding its disclosure.

SIEM

Security Information and Event Manager; used to consolidate logs from all devices into a single database for auditing.

GPS Location

A parameter used to restrict data access by ensuring login occurs only inside a specific country.

Time-of-Day Restrictions

Authentication server settings that report or block access occurring outside of normal working hours.

Trojan Horse

Malware disguised as legitimate software that allows an attacker to control a system.

Federation

Allowing members of one organization to authenticate using credentials from a third-party organization.

MTBF

Mean Time Between Failures; a prediction of how often a repairable system will fail.

RTO

Recovery Time Objectives; the timeframe needed to restore a particular service level.

MTTR

Mean Time to Restore (or Repair); the average amount of time it takes to repair a component.

RPO

Recovery Point Objective; the minimum data or operational state required to categorize a system as recovered.

Social Engineering

Attacks using impersonation, authority, or urgency to convince victims to circumvent security controls.

Watering Hole Attack

Infecting a third-party website visited by specific targets to perform attacks outside their local network.

MOA

Memorandum of Agreement; a formal document where two parties agree to broad goals and objectives.

NDA

Non-Disclosure Agreement; a confidentiality agreement between parties to protect private information.

Integrity

The trustworthiness of data; confirmed via digital signatures to ensure data hasn't changed.

Confidentiality

The privacy of data; achieved through encryption to protect data in transit or at rest.

Availability

The inability of authorized users to be denied access to data; a core part of the CIA Triad.

Memory Injection

A technique used by malware to add malicious code into the memory of an existing process.

Resource Consumption

An issue where a system is unusable due to running out of storage space, memory, or CPU time.

Race Condition

Occurs when two processes execute simultaneously with unexpected results, such as a reboot occurring before a fix is applied.

Malicious Update

When a software patch installs unwanted or unauthorized code into a system.

Password Complexity

A policy that makes passwords more difficult to brute force by requiring multiple character types.

Password Expiration

A policy requiring a password change after a predefined period of time.

Password Reuse

Restricting the use of previous passwords to ensure a unique entry for every change.

Account Lockout

Disabling an account after a predefined number of unsuccessful login attempts.

Deterrent Control

A control that discourages an action without directly stopping it, such as a login banner.

Preventive Control

A control that physically or logically limits access to a device or area before an event starts.

Corrective Control

A control that actively works to mitigate damage or restore systems after an occurrence.

Detective Control

A control that identifies and records intrusion attempts or unauthorized access.

Compensating Control

A control that restores from or mitigates an issue using alternative means, such as a UPS.

Directive Control

A control relying on user compliance with instructions and guidance, such as a security policy.

Security Exception

A rare and specific permission allowing a system to bypass a standard security control for a limited time.

Continuity of Operations

Planning alternative processes to ensure the business continues to run during an outage.

Cold Site

A disaster recovery location that takes significant time and expense to build and activate.

Tabletop Exercise

A meeting where members of a team talk through a disaster scenario and recovery logistics.

Pressure Sensors

Physical controls used on doors or windows to detect force or movement.

Bollards

Barricades on the exterior of a facility used to prevent vehicle access and channel pedestrians.

Full-Disk Encryption

Protecting all information on a storage drive so none of it remains as plaintext.

Record-Level Encryption

Encrypting specific columns or categories within a database while leaving others as plaintext.

Key Escrow

Storage and management of decryption keys by a trusted third-party as a backup option.

Journaling

Writing data to a temporary store before the database to minimize corruption if power is lost.

Replication

Creating a duplicate copy of data to provide backup and high availability.

Segmentation (User Information)

Separating user personal information from company data on mobile devices.

MDM

Mobile Device Manager; a centralized console for managing security policies on various mobile devices.

False Negative

A scanning result that fails to detect a vulnerability when one actually exists.

Exploit

An active attack targeted against a known or unknown vulnerability.