Sec+ practice test stuff

compensating control

Alternative security measure deployed when a primary safeguard is impractical or cannot be implemented

OSINT (open-source intelligence)

Data gathered from publicly available feeds mass media and internet records for investigative purposes

Wireless deauthentication

Spoofed management frames sent to sever the link between a client station and an access point forcing a reconnect

wireless disassociation

A formal protocol notification that gracefully terminates an active wireless session before a device roams

DNS poisoning

Exploiting vulnerabilities in name resolution servers to inject forged records and redirect traffic to malicious servers

RBAC (Role based Access control)

Authorization framework where system permissions are tied directly to specific job functions and organizational positions

SDN(Software-defined networking)

Architecture that decouples the network routing logic from the underlying physical hardware forwarding assets

Shadow IT

Hardware software or cloud services deployed within an organization without the explicit approval or knowledge of the department

Nation state

Highly sophisticated and well-funded cyber actors operating under the direction of a sovereign government for espionage

Hacktivist

Individuals or groups executing disruptive digital campaigns to promote a specific political agenda or social cause

Organized crime

Structured syndicates executing sophisticated digital operations primarily driven by financial theft and monetary extortion

Self-assessment

An internal evaluation conducted by an organization to measure its own security posture against specific frameworks

Regulatory compliance

Adherence to external laws governmental mandates and industry-specific legal requirements regarding data handling

Vendor monitoring

Continuous oversight and risk evaluation of third-party service providers to ensure security standards are maintained

Attestation

A formal declaration or technical proof verifying that a specific system state or configuration meets strict requirements

OCSP stapling

A mechanism where a web server queries certificate validity on behalf of the client to speed up connection validation

CSR generation

Creating a formal request containing a public key to be submitted to an authority for digital signing

Wildcard

A public key certificate that uses an asterisk to secure a base domain along with all its immediate subdomains

TLS handshake

The initial negotiation phase where cryptographic protocols keys and cipher suites are established between client and server

Resource consumption

The exhaustion of computational assets like memory CPU or storage often caused by poorly optimized code or denial attacks

RAID (Redundant Array of Independent Disks)

Storage technology that combines multiple physical drives into a single logical unit for fault tolerance

Due diligence

The investigative research and vetting an organization performs before entering into a business contract or partnership

Right-to-audit

A contractual clause permitting an organization to inspect the security controls and operational records of a third party

Chain of custody

Chronological documentation showing the continuous seizure control transfer and analysis of digital evidence

Legal hold

An internal directive ordering the preservation of all relevant data and documents for potential or active litigation

E-discovery

The process of identifying locating and securing electronic records to be used as evidence in a legal proceeding

HIPS (Host-based IPS)

An endpoint security application that actively monitors local system behavior to block malicious activities

UTM logs

Unified threat management logs - Consolidated security records aggregating events from firewalls web filters and intrusion detection systems

MFA(Multi-Factor Authentication )

Identity verification process requiring at least two distinct categories of credentials before granting access

ACL(Access Control List )

A sequential registry of rules determining which users or network packets are permitted or denied entry

physical control

Measures to protect assets using physical barriers like locks fencing and guards

operational control

Security measures implemented by people such as training and incident response plans

managerial control

Administrative policies and guidelines directing an organization's overall security stance

DKIM

Cryptographic authentication method that verifies emails were sent by the actual domain owner

SPF

Email authentication protocol listing authorized IP addresses allowed to send mail for a domain

DMARC

Policy framework using SPF and DKIM to determine email authenticity and handle failures

NDA

Legal contract binding parties to keep confidential information secret

MOU

Formal agreement between parties outlining a shared intent and mutual goals without legal bonding

MOA

Document describing specific cooperative activities and financial commitments between parties

MSA

Master contract governing future transactions and defining overall terms of a business relationship

SOW

Detailed document specifying work requirements deliverables and timelines for a project

SLA

Agreement defining expected service levels performance metrics and penalties for non-compliance

BPA

Legal agreement between business partners detailing responsibilities profit sharing and operations

continuous integration

Development practice of frequently merging code changes into a central repository

escalation

Process of routing a security incident to higher authorities or specialists

WPA 3

Latest Wi-Fi security standard featuring improved encryption and protection against brute-force attacks

802.1X

Network authentication standard that restricts unauthorized devices from connecting to a LAN

configuration enforcement

Process of ensuring systems maintain adherence to defined secure baselines

enumeration

Attacker technique used to gather detailed network information like usernames and open shares

security awareness campaign

Program designed to educate employees about cyber threats and safe computing habits

replay attack

Cyberattack where valid data transmission is maliciously repeated or delayed

compliance vaulting

Secure archiving of data to meet regulatory retention and legal requirements

SCAP

Suite of specifications for standardizing flaws and configuration security management

RTOS

Operating system designed to process data and events in real-time with precise timing

CRL

List of digital certificates that have been revoked by the issuing authority before expiration

SASE

Architecture combining network security functions with WAN capabilities delivered as a cloud service

CYOD

Policy allowing employees to choose an approved device from a company-provided list

COPE

Corporate policy where the company owns the device but allows employees personal use

SCADA

Industrial control system architecture used to monitor and operate high-level processes

HTTP: TCP/80

Unencrypted web traffic protocol operating over TCP port 80

HTTPS: TCP/443

Encrypted web traffic protocol using SSL/TLS operating over TCP port 443

Secure Terminal: TCP/22

Secure Shell protocol for encrypted remote access operating over TCP port 22

application layer/management

Network segment handling software interaction and system administration

FIM (File Integrity)

Detects unauthorized file changes in critical system or application files

Endpoint DLP

Prevents data loss from user devices by monitoring data in use in RAM USB or clipboard

Network DLP

Blocks sensitive data traversing the network by inspecting data in motion

Server DLP

Protects stored sensitive data on servers by scanning data at rest

Cloud DLP

Protects data in cloud apps by monitoring cloud application traffic

Email DLP

Blocks sensitive data in inbound or outbound email at the gateway or cloud level

USB Blocking

Endpoint agent feature preventing data exfiltration or malware via USB storage

Data Plane (Forwarding Plane)

Network device component responsible for forwarding packets based on rules

Control Plane

Network device component making routing decisions and populating the Data Plane

Management Plane

Network device interface used for system configuration monitoring and administration

PEP (Policy Enforcement Point)

Security component inspecting every packet entering or leaving a zone like a bouncer

PDP (Policy Decision Point)

The brain making access decisions based on user role device type and factors

PA (Policy Administrator)

Component that issues time-limited access tokens for user access

Mandatory Access Control (MAC)

OS-enforced access restriction based on security labels like Secret or Top Secret

Discretionary Access Control (DAC)

Access model where the data owner decides who gets access permissions

Role-Based Access Control (RBAC)

Access permissions granted based on job functions like Manager or Team Lead

Rule-Based Access Control

System-enforced access model based on specific pre-defined rules

Attribute-Based Access Control (ABAC)

Dynamic access control evaluating multiple user resource and environmental attributes

SIEM

Centralized platform for log aggregation correlation and security data analysis via Syslog or API

Anti-Virus/Malware

Software detecting malicious programs using signature and behavioral detection

DLP

Prevents data exfiltration using content inspection techniques like regex and fingerprinting

SNMP

Device monitoring protocol utilizing polling and traps over UDP ports 161 and 162

NetFlow

Traffic flow analysis tool providing flow-based network statistics over UDP

Vulnerability Scanner

Tool identifying security weaknesses via port scanning and vulnerability signatures