Comptia Security+

Term

the future cost of rectifying present-day shortcuts or less optimal solutions

Technical Debt

AML/KYC

Anti-Money Laundering (AML) and Know Your Customer (KYC). prevent money laundering and fraud for banks

Pharming

redirecting users from legitimate websites to fraudulent ones designed to steal sensitive information

UBA

User Behavior Analytics

SPF

Sender Policy Framework
→ Checks if sender is allowed to send email for a domain

DKIM

DomainKeys Identified Mail
→ Verifies email is not changed (digital signature)

DMARC

Domain-based Message Authentication, Reporting & Conformance
→ Tells what to do if SPF/DKIM fail + provides reports

SMTP

Simple Mail Transfer Protocol
→ Sends emails (no security)

Why is SSL inspection important in a centralized proxy?

Allows proxy to decrypt and inspect HTTPS traffic
→ Detects threats hidden in encrypted traffic

What is configuration enforcement?

Ensures systems follow required security settings
→ Prevents unauthorized changes

EAP

framework used for authentication

• WiFi security (WPA2/WPA3-Enterprise)

• 802.1X network access control

• VPN authentication

Key stretching

method used that repeatedly hashing the password to make it more random and longer than it originally appeared.

Salting

technique used in cryptography to add random data to the input of a hash function to increase security.

Which wireless encryption method is the most secure?

AES
→ Strong modern encryption used in WPA2/WPA3

What is a race condition?

When multiple processes access the same resource at the same time
→ outcome depends on timing

What is a Time-of-Use (TOU) vulnerability?

When data changes between check and use
→ attacker exploits time gap

Pretexting

Fake story to trick victim
→ Attacker pretends to gain trust and get information

Whaling

Targets high-level executives
→ Phishing aimed at CEOs or top management

Cloning attack

Copies a real email and resends it
→ Modified to include malicious content

What is a host-based firewall?

Firewall on a single device
→ Controls its incoming and outgoing traffic

Key escrow

system in which a copy of a cryptographic key is given to a third party

What is UTM?

Unified Threat Management
→ Combines multiple security functions in one system

firewall, antivirus etc

federation

allows different organizations to share digital identities, enabling single sign-on across them.