Dion Security+ Practice Exam 1 Review Notes

UTM (Unified Threat Management)

consolidates various security functionalities into a single appliance. It provides comprehensive protection by merging multiple security features, including intrusion detection/prevention, firewall capabilities, content filtering, and anti-malware tools, into one solution.

SOW (Statement of Work)

specifies the detailed scope of work, tasks, deliverables, timelines, and costs for a specific project or engagement with the vendor.

Service-level agreement (SLA)

a specific type of agreement that defines the level of service expected from the vendor, including performance metrics, response times, and other service-related terms.

DKIM (DomainKeys Identified Mail)

allows senders to associate a domain name with an email, thus vouching for its authenticity using a cryptographic signature.

SPF (Sender Policy Framework)

used to specify which mail servers are permitted to send email for a domain.

RPO (Recovery point objective)

defines the maximum acceptable amount of data loss measured in time, determining how old backup data can be to resume normal operations after a failure.

RTO (Recovery Time Objective)

indicates the target amount of time to restore IT and business activities post-disaster, focusing on downtime rather than data loss.

EAP (Extensible Authentication Protocol)

a protocol that provides a standard interface for integrating multiple authentication methods. It can be used in various network access scenarios, including wireless

Federation

a system allows different organizations to share digital identities, enabling single sign-on across them.

Whaling

a type of phishing attack that specifically targets high-profile employees, like executives or CEOs, to steal sensitive information.

AES (Advanced Encryption Standard)

is currently the most secure and widely used encryption protocol for wireless networks. It offers strong encryption algorithms and has withstood extensive testing demonstrating its resilience against various attacks.

Data Steward

person responsible for managing, maintaining, and ensuring the quality, security, and proper use of data within an organization.

Data Processor

a person or organization that processes personal data on behalf of a data controller.

Data Controller

the person or organization that determines how and why personal data is collected and processed.

Data Subject

any individual whose personal data is being collected, held, or processed by a data controller or processor.

NDA (Non-Disclosure Agreement)

a legal contract between parties (like a company and an employee, contractor, or third-party vendor) that defines what information must be kept confidential and not disclosed to anyone outside the agreement.

SDLC (Systems Development Life Cycle)

refers to the process of creating and maintaining computer applications

Change management

the process for reviewing and authorizing changes to IT systems in order to ensure that all changes are properly reviewed and authorized before being implemented.

In-Line Device

actively evaluates network traffic as it passes through, allowing it to reject or modify packets according to predefined security policies.

Certificate Revocation Lists (CRLs)

lists of certificates that have been revoked by a Certificate Authority before their scheduled expiration date.

SRTP (Secure Real-time Transport Protocol)

a protocol that provides encryption, message authentication, and integrity for voice communications over IP.

privilege escalation attack

a type of application attack that involves exploiting a vulnerability or misconfiguration to gain higher privileges or access than intended on a system or application.

Shadow IT

a type of threat actor that is the result of unauthorized or unapproved IT systems or devices within an organization. I

Insider Threat

a type of threat actor that has authorized access to an organization's network, systems, or data and has variable resources/funding and level of sophistication/capability depending on their role and position. They can abuse their authorized access, leak information, sabotage operations, or collaborate with external actors.

Impact analysis

the process of assessing and predicting the potential consequences of a proposed change, taking into account various aspects of an organization or system.

Logical segmentation

a technique of dividing a network into smaller subnetworks or segments based on criteria such as function, location, or security level. This provides better performance, security, and manageability of the network.

Risk Identification

the proactive process of recognizing and recording potential threats that could adversely affect an organization.

Master Service Agreement (MSA)

designed to establish the overall framework for a long-term business relationship between an organization and a vendor. It provides a foundation for future agreements and contracts by outlining general terms, conditions, and responsibilities.

Technology forecasting

the process of predicting future trends, threats, tools, and defense mechanisms by analyzing current and emerging technologies.

Risk transference

a method that involves transferring some or all of the risk associated with an activity or asset to another party, such as an insurance company or a vendor.

Mean Time to Repair (MTTR)

refers to the measure of the time taken to repair a system or process after it experiences a failure or disruption. It is the average time it takes to restore functionality.

Centralized governance

involves decision-making authority concentrated in a single authority or department within an organization.

Decentralized governance

involves distributing decision-making power among different departments or units within the organization, rather than being concentrated in a single authority.

Jump Server

also known as a jump host, acts as an intermediary server through which administrators can connect to other servers.

SCAP (Security Content Automation Protocol)

is a cybersecurity framework that combines various security standards, enabling automated vulnerability assessment, and compliance checking.

PGP

a cryptographic software tool for secure email communication and data protection

TOC/TOU (Time of Check / Time of Use)

A type of vulnerability where the state of a resource is verified at one point in time but may change before the resource is actually used

EDR (Endpoint Detection and Response)

a security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats at the device level

DEP (Data Execution Prevention)

prevents malicious code from executing in certain memory regions intended for data

IPSec (Internet Protocol Security)

A Layer 3 protocol that defines encryption, authentication, and key management for TCP/IP transmissions. Commonly used in VPNs

SGW (Secure Web Gateways)

are security checkpoints between your devices (like computers or phones) and the internet.

They filter, monitor, and control all web traffic to block threats (like malware, phishing, data leaks) before they ever reach your systems

SNMP (Simple Network Management Protocol)

is a network monitoring and management protocol that enables devices to send and receive alerts and data about their performance and status.

UPS (Uninterrupted Power Supply)

a device that provides emergency power to a load when the input power source fails, thus ensuring continuous operation

Enumeration

the process where an attacker actively gathers information about the target system, device, network, or application that they want to attack.

Reconnasiance

The process where an attacker passively gathers information information about the target system, device, network, or application

Spear Phishing

targeted cyberattack where a hacker sends a very personalized fake email (or message) to trick a specific person into giving up sensitive info or installing malware.

Different from regular phishing which is sent to random people

Attestation

a periodic review process where data owners or managers validate and confirm the access rights of all users.

KRI (Key Risk Indicators)

metrics that provide early warnings of increasing risk exposures, enabling organizations' leadership to manage these risks proactively.

RTOS (Real Time Operating System)

A type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks.

Policy Engine

a software component that decides whether an action should be allowed or denied based on predefined security rules (policies).

WAF (Web Application Firewall)

a firewall that is designed to filter, monitor, and block HTTP traffic to and from a web application, making it the most appropriate choice for temporary mitigation against a known vulnerability.

EOL (End of Life)

a type of vulnerability that occurs when a manufacturer no longer supports or updates software. It can allow an attacker to compromise the security or functionality of the device, or use it as a gateway to access other systems or networks.

Agent-based web filters

are filters installed directly on user devices, allowing for consistent enforcement of web filtering policies no matter where the device connects from.

MTBF (Mean Time Between Failures)

represents the typical interval between failures for a system or component, used as a reliability indicator.

Network Access Control (NAC)

enforces security policies for all devices connecting to the network by verifying compliance before granting access, helping to block unauthorized or insecure endpoints.

Concurrent session usage

an indicator of malicious activity that shows that an attacker or malware has compromised an account and is using it simultaneously with the legitimate user, creating multiple sessions from different locations or devices.

Decommissioning

a technique that can help reduce the risk of data breaches or theft by securely disposing of systems and devices that are no longer needed or used. Involves following a set of procedures to erase or destroy any sensitive data stored on the systems and devices, and to physically dispose of them in a safe and environmentally friendly manner.

Ephemeral credentials

are temporary, short-lived security credentials that exist only for a limited time — then automatically expire.

End of Service (EOS)

when a vendor or manufacturer stops supporting a product — no more updates, patches, or technical help. Pretty much when a product still might be used, but it no longer gets support or updates.