CompTIA Security+ (SY0-701) Study Notes

This array of flashcards focuses on key terminology and concepts related to the CompTIA Security+ (SY0-701) exam, designed to support studying and mastery of the course content.

CompTIA Security+ (SY0-701) certification

An intermediate level information technology certification focusing on assessing the security posture of an enterprise environment.

CIA Triad

Framework for addressing security that stands for Confidentiality, Integrity, and Availability.

Zero Trust Model

Security concept that assumes no user or device should be trusted by default, and verification is required for each access request.

Vulnerability

Any weakness in the system design or implementation that can be exploited by a threat.

Risk Management

The process of identifying, assessing, and controlling risks to minimize the impact of potential losses.

Authentication

The process of verifying the identity of a user or system.

Authorization

Determining actions or resources that an authenticated user can access.

Non-Repudiation

A security principle ensuring that an action or event cannot be denied by the involved parties.

Malware

Malicious software designed to infiltrate or damage computer systems without user consent.

Phishing

A social engineering attack aimed at tricking individuals into revealing personal information by impersonating a trusted entity.

Password Management

Techniques and policies for creating, storing, and managing passwords to enhance security.

Social Engineering

Manipulative strategies that exploit human psychology to gain unauthorized access to systems, data, or physical spaces.

Insider Threats

Security risks that originate from within the organization, often involving employees or contractors.

Endpoint Detection and Response (EDR)

Security solution that continuously monitors endpoint devices to identify and respond to cyber threats.

Patch Management

Process for managing software updates that fix vulnerabilities in software, applications, and systems.

Incident Response

The systematic approach to managing and mitigating security incidents.

Threat Intelligence Feeds

Continuous streams of data providing information about potential or current threats to an organization's security.

Compensating Controls

Alternative measures implemented when primary security controls cannot be effectively enacted.

Audit Trail

A record showing who accessed or modified data, useful for tracking changes and identifying security breaches.

Security Information and Event Management (SIEM)

A comprehensive platform that aggregates and analyzes security data from across an organization to detect and respond to threats.

Ransomware

Malicious software that locks or encrypts a user's data and demands a ransom for access.

Data Loss Prevention (DLP)

Strategies to prevent sensitive information from being lost, misused, or accessed by unauthorized users.

Multi-Factor Authentication (MFA)

A security mechanism that requires two or more forms of verification before granting access.

Common Vulnerabilities and Exposures (CVE)

A list of publicly disclosed cybersecurity vulnerabilities, each assigned a unique identifier for tracking.

Bus Factor

A measure of risk in a project or organization, indicating how many people need to be unavailable for the work to stop.

Cloud Security

Policies and technologies designed to protect data and applications hosted in cloud computing environments.

Access Control List (ACL)

A list that specifies which users have permission to access particular resources in a system.

Security Policies

Formal guidelines defining expected security behavior within an organization.