SEC+ personal flashcard

physical control

Measures to protect assets using physical barriers like locks fencing and guards

operational control

Security measures implemented by people such as training and incident response plans

managerial control

Administrative policies and guidelines directing an organization's overall security stance

DKIM

Cryptographic authentication method that verifies emails were sent by the actual domain owner

SPF

Email authentication protocol listing authorized IP addresses allowed to send mail for a domain

DMARC

Policy framework using SPF and DKIM to determine email authenticity and handle failures

NDA

Legal contract binding parties to keep confidential information secret

MOU

Formal agreement between parties outlining a shared intent and mutual goals without legal bonding

MOA

Document describing specific cooperative activities and financial commitments between parties

MSA

Master contract governing future transactions and defining overall terms of a business relationship

SOW

Detailed document specifying work requirements deliverables and timelines for a project

SLA

Agreement defining expected service levels performance metrics and penalties for non-compliance

BPA

Legal agreement between business partners detailing responsibilities profit sharing and operations

continuous integration

Development practice of frequently merging code changes into a central repository

escalation

Process of routing a security incident to higher authorities or specialists

WPA 3

Latest Wi-Fi security standard featuring improved encryption and protection against brute-force attacks

802.1X

Network authentication standard that restricts unauthorized devices from connecting to a LAN

configuration enforcement

Process of ensuring systems maintain adherence to defined secure baselines

enumeration

Attacker technique used to gather detailed network information like usernames and open shares

security awareness campaign

Program designed to educate employees about cyber threats and safe computing habits

replay attack

Cyberattack where valid data transmission is maliciously repeated or delayed

compliance vaulting

Secure archiving of data to meet regulatory retention and legal requirements

SCAP

Suite of specifications for standardizing flaws and configuration security management

RTOS

Operating system designed to process data and events in real-time with precise timing

CRL

List of digital certificates that have been revoked by the issuing authority before expiration

SASE

Architecture combining network security functions with WAN capabilities delivered as a cloud service

CYOD

Policy allowing employees to choose an approved device from a company-provided list

COPE

Corporate policy where the company owns the device but allows employees personal use

SCADA

Industrial control system architecture used to monitor and operate high-level processes

HTTP: TCP/80

Unencrypted web traffic protocol operating over TCP port 80

HTTPS: TCP/443

Encrypted web traffic protocol using SSL/TLS operating over TCP port 443

Secure Terminal: TCP/22

Secure Shell protocol for encrypted remote access operating over TCP port 22

application layer/management

Network segment handling software interaction and system administration

FIM (File Integrity)

Detects unauthorized file changes in critical system or application files

Endpoint DLP

Prevents data loss from user devices by monitoring data in use in RAM USB or clipboard

Network DLP

Blocks sensitive data traversing the network by inspecting data in motion

Server DLP

Protects stored sensitive data on servers by scanning data at rest

Cloud DLP

Protects data in cloud apps by monitoring cloud application traffic

Email DLP

Blocks sensitive data in inbound or outbound email at the gateway or cloud level

USB Blocking

Endpoint agent feature preventing data exfiltration or malware via USB storage

Data Plane (Forwarding Plane)

Network device component responsible for forwarding packets based on rules

Control Plane

Network device component making routing decisions and populating the Data Plane

Management Plane

Network device interface used for system configuration monitoring and administration

PEP (Policy Enforcement Point)

Security component inspecting every packet entering or leaving a zone like a bouncer

PDP (Policy Decision Point)

The brain making access decisions based on user role device type and factors

PA (Policy Administrator)

Component that issues time-limited access tokens for user access

Mandatory Access Control (MAC)

OS-enforced access restriction based on security labels like Secret or Top Secret

Discretionary Access Control (DAC)

Access model where the data owner decides who gets access permissions

Role-Based Access Control (RBAC)

Access permissions granted based on job functions like Manager or Team Lead

Rule-Based Access Control

System-enforced access model based on specific pre-defined rules

Attribute-Based Access Control (ABAC)

Dynamic access control evaluating multiple user resource and environmental attributes

SIEM

Centralized platform for log aggregation correlation and security data analysis via Syslog or API

Anti-Virus/Malware

Software detecting malicious programs using signature and behavioral detection

DLP

Prevents data exfiltration using content inspection techniques like regex and fingerprinting

SNMP

Device monitoring protocol utilizing polling and traps over UDP ports 161 and 162

NetFlow

Traffic flow analysis tool providing flow-based network statistics over UDP

Vulnerability Scanner

Tool identifying security weaknesses via port scanning and vulnerability signatures