Professor Messer's CompTIA SY0-701 Security+ Course Notes

A set of vocabulary flashcards to help facilitate retention of key cybersecurity concepts and terminology from Professor Messer's CompTIA Security+ Course notes.

CIA Triad

The three core principles of security: Confidentiality, Integrity, and Availability.

Non-repudiation

A guarantee that someone cannot deny something.

Authentication, Authorization, and Accounting (AAA)

Framework for controlling user access rights and actions.

Gap Analysis

Assessment of the current state versus desired future state, identifying the 'gap'.

Zero Trust Security

A security model that requires strict identity verification for every person and device trying to access resources.

Public Key Infrastructure (PKI)

A system for managing digital keys and certificates.

Encryption

The process of converting information into a code to prevent unauthorized access.

Malware

Malicious software designed to harm, exploit, or otherwise compromise data or systems.

Denial of Service (DoS) Attack

An attempt to make a machine or service unavailable to its intended users.

Phishing

A type of social engineering attack used to steal user data.

Vulnerability

A weakness in a system that can be exploited to compromise security.

Firewall

A network security device that monitors and controls incoming and outgoing network traffic.

Intrusion Detection System (IDS)

A device or software application that monitors a network for malicious activity or policy violations.

Intrusion Prevention System (IPS)

A system designed to detect and prevent identified threats.

Data Loss Prevention (DLP)

Strategies and tools used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.

Identity and Access Management (IAM)

Framework for ensuring that the right people have the right access to technology resources.