CompTIA Security+ SY0-701 Last Minute Review

These flashcards cover key concepts and terminology from the CompTIA Security+ SY0-701 Last Minute Review guide, useful for exam preparation.

What does CIA stand for in cybersecurity?

Confidentiality, Integrity, and Availability.

What is the primary function of preventive security controls?

To prevent an incident or breach from occurring.

Define what a honeypot is in cybersecurity.

A decoy system or data set up to lure attackers.

What is data encryption?

The process of converting data into a code to prevent unauthorized access.

What does AAA stand for in security terms?

Authentication, Authorization, and Accounting.

What is an Insider Threat?

An individual within an organization who misuses their access to harm the organization.

Explain the concept of zero trust.

A security model that requires strict identity verification for everyone and everything trying to access resources.

What is the goal of incident response?

To manage the aftermath of a security breach or cyberattack to limit damage and reduce recovery time.

What is the purpose of access control lists (ACLs)?

To define who can access a particular resource and what operations they can perform.

Define Risk Appetite.

The level of risk an organization is willing to accept to achieve its objectives.

What is meant by 'Social Engineering' in cybersecurity?

Manipulating individuals into divulging confidential information by exploiting human psychology.

What does DLP stand for?

Data Loss Prevention.

Why is wheel of fortune a metaphor used in change management?

It implies the cycle of change with risk at each turn, emphasizing necessary evaluation.

What are managed service providers (MSPs)?

Companies that remotely manage a customer's IT infrastructure and/or end-user systems.

Define what malware is.

Malicious software designed to harm or exploit computing devices.

What is a Distributed Denial of Service (DDoS) attack?

A cyber-attack that aims to make a machine or network resource unavailable to its intended users by overwhelming it with traffic.

What is meant by segmentation in security?

Dividing a network into smaller segments to isolate data and services for better security.