CompTIA SY0-701 Security+ Certification Exam Vocabulary

0.0(0)
Studied by 1 person
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/49

flashcard set

Earn XP

Description and Tags

Comprehensive vocabulary flashcards covering threat actors, security protocols, cloud architecture, and risk management concepts from the CompTIA SY0-701 exam notes.

Last updated 6:22 PM on 7/13/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

50 Terms

1
New cards

Organized crime

A type of threat actor motivated by financial gain that may be hired by foreign governments to conduct cyberattacks on critical systems such as power grids or military networks.

2
New cards

Salting

The process of adding extra random data to a password before applying a hash function to increase complexity and prevent identical passwords from producing identical hash values.

3
New cards

Phishing

A type of social engineering attack that involves sending fraudulent emails appearing to be from legitimate sources to trick recipients into providing sensitive information.

4
New cards

SSO (Single Sign-On)

A method of authentication that allows users to access multiple applications or services with one set of credentials.

5
New cards

BEC (Business Email Compromise)

A type of phishing attack where an attacker impersonates a trusted person, such as an executive or vendor, to request fraudulent payments or confidential data.

6
New cards

Jump server

A device or virtual machine that acts as an intermediary between a user’s workstation and a remote network segment to provide secure access to servers like database servers.

7
New cards

WAF (Web Application Firewall)

A type of firewall that monitors and filters traffic between a web application and the internet to block common attacks like SQL injection and buffer overflows.

8
New cards

Buffer overflow

A software vulnerability where an application writes more data to a memory buffer than it can hold, overwriting adjacent memory and potentially allowing code execution.

9
New cards

Smishing

A social engineering technique that uses SMS text messages to trick victims into revealing sensitive information or downloading malware.

10
New cards

Vishing

A social engineering technique that uses voice calls to trick victims into revealing sensitive information like passwords or bank details.

11
New cards

Impersonation

Pretending to be someone else, such as an authority figure or trusted colleague, to gain trust and obtain information or access.

12
New cards

Typosquatting

Registering domain names with intentional typos that are similar to well-known websites to redirect users to malicious or fraudulent sites.

13
New cards

Rules of engagement

Detailed guidelines regarding the execution of security testing, defining the scope, objectives, methods, and boundaries of a penetration test.

14
New cards

Active reconnaissance

A reconnaissance type involving sending packets or requests to a target to gather information on open ports, services, or operating systems.

15
New cards

DRP (Disaster Recovery Plan)

A set of policies and procedures aimed at restoring normal operations in the event of a system failure, natural disaster, or emergency.

16
New cards

Side loading

The process of installing software on a device outside of a manufacturer’s approved application repository.

17
New cards

Password spraying

A brute force attack that tries a single common password across multiple accounts to find a match and bypass account lockout protocols.

18
New cards

Zero Trust

A security model that assumes no user or network is trustworthy by default and requires strict, continuous verification for every transaction.

19
New cards

Data plane

Also known as the forwarding plane, this is the part of the network responsible for carrying user traffic and data packets between devices.

20
New cards

Bastion host

A special-purpose, hardened server designed to withstand attacks and provide secure gateway access to an internal network.

21
New cards

Endpoint log

A file containing a record of activities on an end-user device, such as processes running, files accessed, and executable details.

22
New cards

Threat hunting

The proactive process of searching through networks to find signs of malicious activity or hidden threats that have evaded standard security tools.

23
New cards

Risk Transfer

A risk management strategy where the burden of potential loss is shifted to a third party, such as an insurance company or a vendor.

24
New cards

FDE (Full Disk Encryption)

An encryption technique that protects all data on a hard drive, including the operating system and applications, to prevent unauthorized access if Hardware is lost.

25
New cards

AUP (Acceptable Use Policy)

A set of rules defining how users are permitted to use a corporate network or the internet and identifying prohibited activities.

26
New cards

Least privilege

A security principle that restricts access to resources to the minimum level necessary for a user to perform their job functions.

27
New cards

Risk register

A document used to record and track identified risks, including their probability, impact, owners, and mitigation strategies.

28
New cards

Bug bounty

A program that rewards security researchers for finding and reporting vulnerabilities in a company’s applications or systems.

29
New cards

Nation-state

A government-sponsored threat actor that conducts cyberattacks for strategic objectives such as espionage, sabotage, or warfare.

30
New cards

SQL injection

An attack where malicious SQL statements are inserted into input fields to manipulate a database and bypass authentication or view sensitive data.

31
New cards

Intellectual property

Data consisting of creative works like ideas, inventions, or designs that have commercial value and are protected by law.

32
New cards

Rootkit

A type of malware that modifies or replaces system files to hide its presence and activity from the operating system and antivirus tools.

33
New cards

SOW (Statement of Work)

A contract document that outlines the project scope, cost, deliverables, milestones, and completion time frame for a specific engagement.

34
New cards

Input validation

An application security technique that checks user input for malicious or unexpected data to prevent attacks like Cross-site scripting (XSS).

35
New cards

Sanitization

The process of removing sensitive data from a storage device or system to make it unrecoverable before disposal or reuse.

36
New cards

Non-repudiation

A security concept ensuring that a sender cannot deny having sent a message and a recipient cannot deny having received it, often achieved through digital signatures.

37
New cards

Shadow IT

The use of information technology resources, software, or applications within an organization without the explicit approval or knowledge of the IT department.

38
New cards

CVSS (Common Vulnerability Scoring System)

A standardized framework used to quantitatively measure the severity and impact of security vulnerabilities on a scale of 0 to 10.

39
New cards

FIM (File Integrity Monitoring)

A security tool used to detect and alert on unauthorized changes or modifications to files, directories, or system settings.

40
New cards

Steganography

The process of concealing data such as code or secret text within a non-secret carrier like a graphical image or audio file.

41
New cards

Tabletop exercise

A discussion-based simulation where stakeholders walk through a hypothetical security incident to test response plans and clarify roles.

42
New cards

Honeypot

A decoy system designed to mimic a production server to attract and monitor attacker activity without risking actual organization assets.

43
New cards

ACL (Access Control List)

A set of rules defining which users or systems are permitted or denied access to specific network resources based on IP, port, or protocol.

44
New cards

SASE (Secure Access Service Edge)

A cloud-based solution that combines network functions (like a VPN) with security services (like a firewall) to provide secure remote access.

45
New cards

BIA (Business Impact Analysis)

A process within business continuity planning that prioritizes the recovery of the most essential business functions and data based on their criticality.

46
New cards

ARO (Annualized Rate of Occurrence)

An analysis element used in risk assessment to measure the frequency or likelihood of a specific risk event occurring within a year.

47
New cards

ALE (Annualized Loss Expectancy)

The calculated product of the Single Loss Expectancy (SLE) and the Annualized Rate of Occurrence (ARO), representing the annual expected financial loss from a risk: ALE=SLE×AROALE = SLE \times ARO.

48
New cards

MTTR (Mean Time to Repair)

A metric reflecting the average amount of time required to repair a failed component or system and restore it to service.

49
New cards

VDI (Virtual Desktop Infrastructure)

A technology that hosts desktop environments on a centralized server, allowing remote users to access a secure virtual desktop without storing data locally.

50
New cards

Cryptojacking

A type of attack where malware hijacks a system's resources to mine cryptocurrency, often without obvious signs of performance degradation.