CompTIA Security+ Section 20

What is WEP?

Old wireless encryption protocol that is weak and insecure.

What is WPA?

Improved version of WEP using TKIP encryption.

What is WPA2?

Standard Wi-Fi security using AES encryption.

What is WPA3?

Most secure Wi-Fi standard with stronger encryption and protections.

What is OWE?

Encrypts traffic on open Wi-Fi networks without passwords.

What is AAA?

Authentication, Authorization, and Accounting protocol for access control.

What is EAP?

Framework used in wireless networks for authentication methods.

What is static code analysis (SAST)?

Scanning source code for vulnerabilities before running it.

What is fuzzing?

Testing software by inputting random data to find crashes or bugs.

What is code signing?

Uses digital signatures to verify software authenticity.

What is sandboxing?

Running untrusted code in isolation to prevent damage.

What is network access control (NAC)?

Restricts network access based on device compliance.

What is a persistent agent?

NAC component installed on a device to continuously enforce compliance.

What is web filtering?

Blocks harmful or inappropriate websites.

What is DNS filtering?

Blocks sites at the DNS level before connection.

What is reputation-based filtering?

Blocks traffic based on known malicious IPs or domains.

What is URL scanning?

Checks website links for malicious content.

What is DKIM?

Email security that verifies message integrity and sender identity.

What is SPF?

Email validation system that prevents spoofing.

What is DMARC?

Combines SPF and DKIM to prevent email impersonation.

What is endpoint detection and response (EDR)?

Monitors and responds to endpoint-level threats.

What is file integrity monitoring (FIM)?

Detects changes to critical system files.

What is extended detection and response (XDR)?

Integrates multiple security tools for unified threat detection.

What is user behavior analytics (UBA)?

Tracks normal user actions to detect anomalies.