COMPTIA SEC+ !!

Confidentiality

Ensures data is not disclosed to unintended people

Integrity

Ensures data is not tampered with

Availability

Uptime of system to make data accessible

Non-repudiation

Validation of a message’s origin

Security

Protection against danger, damage, loss, and criminal activity

Asset

Value to an individual/organization

Threat

Potential to cause the loss of an asset

Threat Agent

Person/entity attempting to carry out a threat

Vulnerability

Weakness in a system

Exploit

Act/procedure/software taking advantage of a vulnerability

Malware

Software to take over/damage a computer without consent

Virus

Program damaging computer systems and replicating

Worm

Self-replicating malware

Trojan horse

Malicious program disguised as legitimate software

Zombie

Infected computer controlled by a central command center

Botnet

Group of zombie computers controlled centrally

Rootkit

Programs allowing hidden admin access

Logic Bomb

Malware executing under predefined conditions

Spyware

Software intercepting or controlling a user’s computer

Adware

Monitors user preferences and sends matching ads

Ransomware

Denies access until a ransom is paid

Scareware

Deceptive emails to trick users

Crimeware

Malware for identity theft

Social engineering

Attack involving human interaction for access

Footprinting

Gathering info about an organization

Pretexting

Persuading someone with a fake scenario

Elicitation

Extracting info without arousing suspicion

Pharming

Redirecting URL traffic to attacker’s site

Typosquatting

Leading users to URLs due to mistakes

Whaling

Targeting senior executives and high-profile victims

Vishing

Using VoIP for phishing

Spear phishing

Sending personalized emails to victims

Air gap

Physically isolating a network portion

Faraday cage

Blocks electromagnetic emissions

Hardening

Securing devices by reducing security exposure

Hotfix

Quick fix for a specific software problem

Patch

Thoroughly tested fix for wider deployment

Service pack

Collection of patches and enhancements for deployment.

Trusted Operating System/TOS

Operating system hardened and validated to a specific security level, supporting multilevel security where users can't access data at different classification levels.

Security baseline

Part of a configuration baseline ensuring workstations and servers comply with security goals of the organization.

Standard Operating Environment/SOE

Implemented as a standard disk image for deploying new computers, based on TOS and fully patched.

Manage software

Ensuring up-to-date licenses, installing security software, needed software only, avoiding untrusted software, and reducing attack surface by limiting applications and services.

Security zone

Network/system portion with specific security concerns.

Wireless network

Network without physical connections.

Guest network

Provides internet access to guest users with firewall regulation.

Honeynet

Special network to trap potential attackers.

Ad hoc

Decentralized network allowing direct connections between devices.

Intranet zone

Private network using internet services internally.

Internet

Public network with publicly available servers.

Extranet

Privately controlled network between the internet and a private LAN.

Demilitarized zone

Network with publicly accessible resources between private network and untrusted network.

Proxy server

Firewall intermediary between clients and servers.

Internet content filter

Software to monitor and restrict web content.

Network access control

Software controlling network access based on security requirements.

All-in-one security appliance

Device combining multiple security functions.

Application-aware device

Device managing network traffic based on application-layer protocol.

Intelligence Fusion

Sharing information between multiple government agencies and private security firms.

Vulnerability Scan

Process of capturing and analyzing packets to identify security weaknesses in a network, computer system, local applications, or web applications.

Common Vulnerability Scoring System (CVSS)

System that ranks vulnerabilities based on severity.

Security Information and Event Management (SIEM)

Tool that gathers network information and centralizes it for analysis to detect threats.

Security Orchestration, Automation, and Response (SOAR)

Solution stack of compatible software programs that collect and respond to security threats automatically.

Man-In-The-Middle (MITM) Attack

Hacker intercepts communication between two devices.

ARP Poisoning

Attack targeting the ARP protocol where the attacker changes the ARP cache by spoofing the IP address of a target.

MAC Spoofing

Hacker spoofs the MAC address of the gateway to overwrite the gateway’s MAC address in the switch’s CAM table.

MAC Flooding

Attack where the attacker overwhelms a network switch by sending a large number of Ethernet frames with various MAC addresses.

DNS Attack

Attack that targets the Domain Name System service.

Distributed Denial of Service (DDoS)

Attack designed to overwhelm a target with more data than it can handle, causing a shutdown.

Macros

Code used to perform a series of steps or functions within an application.

Brute Force Attack

Password attack where a cracking tool submits every possible combination of letters, numbers, and symbols in a short amount of time.

Password Spraying

Brute force attack that uses the same password across multiple user accounts.

Dictionary Attack

Brute force attack where a hacker uses a list of words or phrases to guess the password.

Rainbow Attack

Attack using special tables with common passwords and generated hashes of each password.

Dumpster Diving

Social engineering attack where an attacker searches through trash to find important documents or information.

Packet Capture

Process of collecting Layer 3 (Network) information over the wire, like IP addresses.

TCPDUMP

Linux tool for collecting packet data for later analysis.

Wireshark

Network protocol analyzer tool.

Secure Shell (SSH)

Remote admin protocol for secure connections to remote systems.

PuTTY

Open-source software supporting various protocols like SSH and Telnet.

Secure Sockets Layer (SSL)

Encryption protocol for secure connections to remote systems.

Public Key Infrastructure (PKI)

System for secure data transmission using key pairs and certificates for verification.

Fault Tolerance

Ability to respond to unexpected hardware/software failures without data loss.

Redundancy

Method for providing fault tolerance by using duplicate or multiple components performing the same function.

Geo Dispersion

Storing data in multiple locations to mitigate downtime due to loss of availability at one location.

Multipath

Fault-tolerance technique providing multiple physical paths between a CPU and a mass-storage device.

Load Balancers

Process distributing processing among multiple nodes.

Uninterrupted Power Supply (UPS)

Stand-alone power supply allowing servers to be gracefully shut down during a power outage.

Active/Active

Two load balancers working together to distribute network traffic.

Active/Passive

Two load balancers with one active and the other in standby mode to take over if the active one fails.

Virtual IP

IP address usable by multiple endpoints, commonly used in failover systems and for load balancing.

Storage Area Network (SAN)

High-speed network of storage devices, typically used for file shares.

Full Backup

Captures all data on a machine, usually the first backup to be run.

Incremental Backup

Contains all changes since the last incremental backup.

Differential Backup

Contains all changes since the last full backup.

Snapshot

Instant copy of an individual computer, often used on virtual machines for reverting changes.

Network Storage Appliance (NAS)

Device used to store backups or other files.

Scalability

Ability to increase or decrease data storage space.

Restoration Order

Pre-planned sequence for restoring servers following a disastrous event based on their importance.

3-2-1 Rule

Backup strategy requiring three copies of each complete backup, two kept on-site on different appliances, and one kept off-site.