4.3 - CompTIA Security+

Vulnerability scan

Examinations of a particular system (e.g., port, device, application) to check for exploitable security flaws.

Application security

Measures and practices designed to protect applications from threats throughout their lifecycle, including secure coding practices, regular code reviews, and deployment of security tools to identify vulnerabilities.

Static analysis

A method of debugging by examining the source code before a program is run, which helps identify potential vulnerabilities and code quality issues without executing the code.

Dynamic analysis

A technique that involves taking random input and placing it into an application to analyze behavior during its execution.

Package monitoring

Techniques and tools designed to mitigate risks from application vulnerabilities in third-party code, such as libraries and dependencies.

Threat feed

An automated stream of information about potential threats and vulnerabilities, including malware signatures, phishing URLs, and exploits, enabling organizations to proactively defend against cyber threats.

Open-source intelligence (OSINT)

Gathering and analyzing publicly available information to identify potential security threats.

Proprietary/closed

Software code or security research that remains in the ownership of the developer and may only be used under permitted license conditions.

Information-sharing organizations

Collaborative groups that exchange data about emerging cybersecurity threats and vulnerabilities.

Dark web

A part of the internet that is not indexed by search engines and is only accessible via specialized software (Tor Browser), typically associated with illegal activity/cybercrime.

Penetration testing

A simulation of a cyber attack on a system, designed to identify and exploit vulnerabilities to enhance security measures.

Responsible disclosure program

A process that allows researchers and reviewers to safely disclose vulnerabilities to a software developer.

Bug bounty

A reward scheme operated by software and web services vendors for reporting vulnerabilities.

System/process audit

An audit process with a wide scope, including assessment of supply chain, configuration, support, monitoring, and cybersecurity factors.

False positive

An instance where a security software/analysis marks a threat that is actually harmless.

False negative

An instance where security software/analysis marks a threat harmless when it is actually harmful.

Threat prioritization

In cybersecurity, it is crucial to prioritize threats based on their potential impact and likelihood of occurrence to effectively allocate resources and manage risks.

Common Vulnerability Scoring System (CVSS)

A scoring system, provided by NIST, that is used to rank the severity of security vulnerabilities from 0-10.

Common Vulnerability Enumeration (CVE)

A standardized system that provides a reference method for publicly known information security vulnerabilities.

Vulnerability classification

Categorizing vulnerabilities based on their characteristics, such as the type of system or application affected, the nature of the vulnerability, or the potential impact.

Exposure factor

In risk calculation, the percentage of an asset's value that would be lost during a security incident or disaster scenario.

Environmental variables

In vulnerability assessment, factors or metrics due to local network or host configuration that increase or decrease the base likelihood and impact risk level.

Risk tolerance

The acceptable level of risk that an organization is willing to take on in pursuit of its objectives.

Patching

The process of applying updates to software or systems to address known vulnerabilities, thereby minimizing potential risks.

Cybersecurity insurance

Financial protection against losses that occur due to security vulnerabilities.

Segmentation

Dividing a network into separate pieces to contain potential security breaches.

Compensating controls

Measures put in place to mitigate the risk of a vulnerability when security teams cannot directly eliminate it or when direct remediation is not immediately possible.

Exceptions and exemptions

Conditions under which certain policies or procedures may not apply, allowing for flexibility in security protocols while still maintaining an acceptable level of risk management.

Validation of remediation

The process of assessing implemented security controls to ensure they are effective in mitigating identified vulnerabilities and that any compensating controls are functioning as intended.

Re-scanning

Performing additional vulnerability scans after remediation actions have been implemented.

Audit

In-depth examination of the remediation process/review of the steps taken to address the vulnerability.

Verification

Confirming the results of remediation actions - this involves manual checks, automated testing, or system log review.

Vulnerability report

A document that highlights the existing vulnerabilities and ranks them based on their severity and potential impact on the organization's assets, enabling management to prioritize remediation efforts effectively.