CompTIA Security+ Section 2
Studied by 0 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/36
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
37 Terms
What is data exfiltration?
Unauthorized transfer of sensitive data.
What motivates financial gain attacks?
Money from ransomware or banking trojans.
What is blackmail in cybersecurity?
Threatening to leak data unless paid.
What is a service disruption?
Attack that stops services, like DDoS.
What is hacktivism?
Hacking for political or social causes.
What is ethical hacking?
Finding security issues to help fix them.
What motivates revenge attacks?
Personal payback, often by ex-employees.
Why do some hack for chaos?
They enjoy causing harm or disruption.
What is cyber espionage?
Spying to steal sensitive info.
What is cyber war?
Attacks to damage enemy infrastructure.
What are internal threat actors?
People inside an org who misuse access.
What are external threat actors?
People outside trying to hack in.
Why do resources matter for attackers?
More tools = stronger attack ability.
What are low-skilled attackers called?
Script kiddies.
What are script kiddies?
Unskilled users who rely on tools.
What is a hacktivist?
Person who hacks for a cause.
What is cyber organized crime?
Groups hacking for money.
Who are nation-state actors?
Government-backed hackers.
What is a false flag attack?
Making it seem like someone else did it.
What is an insider threat?
Internal user who causes harm.
What is shadow IT?
Tech used without IT approval.
What is stealth IT?
Another name for shadow IT.
What is unsanctioned technology?
Unauthorized tech used in a workplace.
What is BYOD?
Using personal devices for work.
What is a threat vector?
Path used to launch an attack.
What are attack surfaces?
All points where a system is vulnerable.
What are deception technologies?
Tools like honeypots to trick attackers.
What are disruption technologies?
Tools used to confuse or stop attackers.
What is a honeypot?
Fake system meant to lure attackers.
What are honeynets?
Network of honeypots to catch attackers.
What are honeyfiles?
Fake files designed to trigger alerts.
What are honeytokens?
Fake credentials or data used to detect misuse.
What are bogus DNS entries?
Fake domain names set to mislead attackers.
What are decoy directories?
Fake folders set up to bait attackers.
What is dynamic page generation?
Pages that change based on activity to trap attackers.
What is port triggering?
Opens a port when certain traffic is seen.
What is spoofing fake telemetry data?
Sending false system info to confuse attackers.