CompTIA SY0-701 Security+ Essential Vocabulary

Comprehensive vocabulary flashcards covering fundamental security concepts, threats, cryptography, identity management, and risk processes for the CompTIA SY0-701 exam.

CIA Triad

The cornerstone of information security consisting of Confidentiality (authorized access), Integrity (unaltered data), and Availability (reliable access).

Non-repudiation

A security concept ensuring that a person cannot deny performing a specific action, often achieved through digital signatures.

Gap Analysis

The process of identifying deviations between an organization's current security systems and the requirements of a cybersecurity framework.

Managerial Controls

Security controls that provide oversight of information systems, such as risk identification and evaluation tools.

Compensating Controls

Alternative security measures used to satisfy a requirement when a primary control is too difficult or expensive to implement.

Zero-Day Vulnerability

A software or hardware flaw that is unknown to the developer and for which no patch yet exists.

Advanced Persistent Threat (APT)

An adversary, often nation-state backed, with sophisticated levels of expertise and significant resources that allow it to maintain ongoing access to a network.

Attack Surface

The total sum of all points where a threat actor can interact with, and potentially exploit, a network or system.

Pharming

A social engineering attack that redirects users from legitimate websites to malicious ones by corrupting name resolution (DNS).

Symmetric Encryption

A cryptographic method that uses the same secret key for both encryption and decryption.

Asymmetric Encryption

Also known as public key cryptography, it uses a pair of related keys (public and private) for encryption and decryption.

Perfect Forward Secrecy (PFS)

A feature of key agreement protocols that ensures session keys are not compromised even if the server's private key is stolen in the future.

Trusted Platform Module (TPM)

A dedicated cryptoprocessor chip on a motherboard used for secure key generation, storage, and hardware-based authentication.

Multifactor Authentication (MFA)

An authentication method that requires two or more distinct types of factors, such as something you know, something you have, or something you are.

Least Privilege

The principle that users should be granted only the minimum level of access or permissions needed to perform their job functions.

Zero Trust Architecture (ZTA)

A security model that assumes no inherent trust and requires continuous verification and authorization for every access request.

Software Defined Networking (SDN)

An architecture that abstracts network functions into management, control, and data planes to simplify configuration through automation and APIs.

Honeypot

A decoy system designed to mimic a real production system to attract and monitor attacker activity.

Endpoint Detection and Response (EDR)

Security software that provides real-time visibility and investigative capabilities into threats on endpoint devices.

Indicator of Compromise (IoC)

Evidence or residual signs that a system or network has been successfully breached by an attacker.

Data Sovereignty

The concept that data is subject to the laws and jurisdictional restrictions of the country where it is physically stored.

Business Impact Analysis (BIA)

A systematic process to determine the potential consequences of disrupting critical business functions.

Recovery Time Objective (RTO)

The maximum length of time that a business process can be down after a disaster before unacceptable consequences occur.

Data Loss Prevention (DLP)

Software solutions that identify, monitor, and protect sensitive data from unauthorized disclosure or transfer.