CompTIA Security+ SY0-701 - Vocabulary Flashcards

A set of vocabulary flashcards covering core terms and concepts from the CompTIA Security+ SY0-701 lecture objectives.

CIA

Confidentiality, Integrity, and Availability; the three core objectives of information security.

AAA

Authentication, Authorization, and Accounting; components for verifying identity, granting access, and auditing activity.

Non-repudiation

A guarantee that a sender cannot deny sending a message or action, often supported by digital signatures and logs.

Zero Trust

Security model that requires verification of every access attempt, regardless of location or network origin.

Data Plane

The network layer responsible for forwarding data and enforcing policies, separate from the Control Plane.

Control types

Categories of security controls: Preventive, Deterrent, Detective, Corrective, Compensating, and Directive.

Physical security

Measures to protect hardware and facilities (e.g., bollards, fencing, lighting, guards, video surveillance).

Honeypot/Honeynet/Honeytoken

Deception technologies: a honeypot is a decoy system, a honeynet is a network of decoys, and a honeytoken is decoy data.

PKI

Public Key Infrastructure; system for creating, managing, and validating digital certificates and keys.

Encryption

Process of converting plaintext to ciphertext to protect confidentiality; includes symmetric/asymmetric and data-at-rest/in-transit protections.

Hashing

One-way function that produces a fixed-length digest; often salted and used for data integrity.

Digital signatures

Cryptographic signatures that verify the origin and integrity of data.

Certificates

Digital credentials issued by a Certificate Authority; include CRLs, OCSP, CSR; establish a chain of trust (root of trust) and can be wildcard.

Change management

Formal process for approving, implementing, and backing out changes; includes ownership, impact analysis, maintenance windows, SOPs, and version control.

Threat actors

Entities that carry out attacks: nation-state, insider threat, hacktivist, organized crime, shadow IT; with varying access and goals.

Threat vectors

Paths and methods attackers use: email, SMS, IM, file-based, web, removable media, supply chain, and social engineering.

SQL injection (SQLi)

Web-based vulnerability where attacker injects SQL to manipulate backend databases.

Cross-site scripting (XSS)

Vulnerability allowing injection of malicious scripts into web pages viewed by other users.

Buffer overflow

Memory boundary overflow that can lead to code execution or crashes.

Time-of-check/Time-of-use (TOC/TOU)

Race-condition vulnerabilities where a check occurs at one time but state changes before use.

Supply chain risk

Risks introduced by third-party vendors, MSPs, or components in products and services.

OSINT

Open-source intelligence; gathering information from publicly available sources.

Vulnerability management

Process to identify, classify, prioritize, remediate, and validate vulnerabilities (uses CVSS/CVE).

CVSS

Common Vulnerability Scoring System; standard for rating vulnerability severity.

CVE

Common Vulnerabilities and Exposures; a catalog of publicly known vulnerabilities.

Penetration testing

Authorized, simulated cyberattack to identify and validate security weaknesses.

Indicators of compromise (IoC)

Evidence of security incidents (e.g., account lockouts, impossible travel, anomalous logs).

Data classifications

Categories for data sensitivity: Sensitive, Confidential, Public, Restricted, Private, Critical.

Data states

Data at rest, data in transit, and data in use; each requires different protections.

Data sovereignty

Legal and regulatory jurisdiction based on data location and geolocation concerns.

High availability

Design approach to minimize downtime and ensure continuous service operation.

Load balancing

Distributing network or application traffic across multiple servers to optimize performance and availability.

Backups

Copies of data stored onsite or offsite, often encrypted with snapshots and recovery capabilities.

Incident response lifecycle

Phases: Preparation, Detection/Analysis, Containment, Eradication, Recovery, and Lessons learned.

Governance structures

Bodies like boards and committees that oversee security policy, standards, and compliance.

Risk management

Process of identifying, assessing, and prioritizing risks; involves risk tolerance, appetite, and treatment strategies (transfer, mitigate, avoid, accept).

Third-party risk management

Assessment and oversight of external vendors: due diligence, NDAs, SLAs, MOA/MOU/MSA/SOW, and monitoring.

Security awareness

Programs to educate about phishing, social engineering, password hygiene, and policy adherence.

Multifactor authentication (MFA)

Authentication requiring two or more factors: something you know, have, or are (and sometimes location).

SSO/OAuth/SAML

Identity and access management concepts: SSO enables one sign-on; OAuth and SAML enable federated access.

NAC

Network Access Control; restricts network access to compliant devices.

EDR/XDR

Endpoint Detection and Response; XDR expands detection and response across multiple domains.

DLP

Data Loss Prevention; systems that detect and prevent sensitive data leakage.

VPN

Virtual Private Network; secure remote access to a network.

TLS

Transport Layer Security; cryptographic protocol that provides secure communications over a computer network.

IPSec

Internet Protocol Security; suite of protocols to secure IP communications, often used in VPNs.

WAF

Web Application Firewall; protects web applications from common web exploits.

NGFW

Next-generation firewall; includes application-level filtering and integrated security features.

IDS/IPS

Intrusion Detection System monitors for suspicious activity; Intrusion Prevention System can block it.