CompTIA A+ Vocabulary List

Question 1

Access Control

Answer 1

Methods to restrict access to resources.

Question 2

ACL (Access Control List)

Answer 2

A list of permissions attached to an object.

Question 3

Adware

Answer 3

Software that displays unwanted ads.

Question 4

Antivirus

Answer 4

Software that detects and removes malware.

Question 5

APT (Advanced Persistent Threat)

Answer 5

A prolonged and targeted cyberattack.

Question 6

Authentication

Answer 6

The process of verifying identity.

Question 7

Authorization

Answer 7

Granting access to resources.

Question 8

Backup

Answer 8

Copying data to prevent loss.

Question 9

Botnet

Answer 9

Network of infected devices under a hacker’s control.

Question 10

Brute Force Attack

Answer 10

Trying many passwords to gain access.

Question 11

Certificate Authority (CA)

Answer 11

Entity that issues digital certificates.

Question 12

CIA Triad

Answer 12

Confidentiality, Integrity, and Availability.

Question 13

Clickjacking

Answer 13

Trick users into clicking on something different from what they perceive.

Question 14

Cloud Computing

Answer 14

Delivery of services over the internet.

Question 15

Cross-site Scripting (XSS)

Answer 15

Injecting malicious scripts into webpages.

Question 15

Cryptography

Answer 15

Securing information through encoding.

Question 16

Cybersecurity

Answer 16

Protecting systems, networks, and data from attacks.

Question 17

Data Breach

Answer 17

Unauthorized access to data.

Question 18

DDoS (Distributed Denial of Service)

Answer 18

Overwhelming a service with traffic.

Question 19

Digital Signature

Answer 19

A mathematical scheme for verifying authenticity.

Question 20

Disaster Recovery

Answer 20

Restoring operations after a disaster.

Question 21

Encryption

Answer 21

Converting information into a secure format.

Question 22

DNS (Domain Name System)

Answer 22

Translates domain names to IP addresses.

Question 23

Endpoint

Answer 23

Any device connected to a network.

Question 23

Hashing

Answer 23

Transforming data into a fixed-size value.

Question 24

Exploit

Answer 24

Using a vulnerability to execute an attack.

Question 24

Honeypot

Answer 24

A decoy system to attract attackers.

Question 25

Firewall

Answer 25

A network security device that monitors traffic.

Question 26

IDS (Intrusion Detection System)

Answer 26

Monitors for suspicious activity.

Question 26

IoT (Internet of Things)

Answer 26

Network of interconnected devices.

Question 27

Keylogger

Answer 27

Software or hardware that records keystrokes.

Question 27

IPsec (Internet Protocol Security)

Answer 27

A suite for securing IP communications.

Question 28

Malware

Answer 28

Malicious software designed to harm.

Question 29

Man-in-the-Middle Attack

Answer 29

Intercepting communication between two parties.

Question 30

Multi-factor Authentication (MFA)

Answer 30

Using multiple methods for verification.

Question 31

NAC (Network Access Control)

Answer 31

Enforces security policies on devices.

Question 32

Enforces security policies on devices.

Answer 32

Dividing a network into smaller parts.

Question 33

Penetration Testing

Answer 33

Testing security by simulating attacks.

Question 34

Phishing

Answer 34

Fraudulent attempts to obtain sensitive information.

Question 35

Proxy Server

Answer 35

Intermediary for requests from clients.

Question 36

Public Key Infrastructure (PKI)

Answer 36

A framework for managing digital keys and certificates.

Question 37

Rootkit

Answer 37

Software designed to hide the existence of certain processes.

Question 37

Ransomware

Answer 37

Malware that encrypts files and demands payment.

Question 38

Sandboxing

Answer 38

Running code in an isolated environment.

Question 39

Secure Socket Layer (SSL)

Answer 39

Protocol for encrypting internet traffic.

Question 40

SIEM (Security Information and Event Management)

Answer 40

Tools for analyzing security data.

Question 41

Social Engineering

Answer 41

Manipulating people into divulging information.

Question 42

Spam

Answer 42

Unsolicited messages, often containing malware.

Question 43

Spyware

Answer 43

Software that secretly monitors user activity.

Question 44

SQL Injection

Answer 44

Inserting malicious SQL queries.

Question 45

Trojan Horse

Answer 45

Malicious software disguised as legitimate.

Question 46

Two-Factor Authentication (2FA)

Answer 46

Using two methods to verify identity.

Question 47

VPN (Virtual Private Network)

Answer 47

Creates a secure connection over the internet.

Question 48

Zero-Day Exploit

Answer 48

Exploiting a previously unknown vulnerability.

Question 48

Vulnerability

Answer 48

A weakness that can be exploited.

Question 49

Whitelist

Answer 49

List of approved entities.

Question 50

Backdoor

Answer 50

Hidden method to bypass security.

Question 50

Worm

Answer 50

Malware that replicates itself to spread.

Question 51

Breach

Answer 51

Unauthorized access to data or systems.

Question 52

Cipher

Answer 52

Algorithm for performing encryption or decryption.

Question 53

Cold Site

Answer 53

Backup site that is not immediately operational.

Question 54

Cookie

Answer 54

Small data file used to store information.

Question 55

Credential Stuffing

Answer 55

Using stolen credentials to gain access.

Question 56

Data Encryption

Answer 56

Converting data into a secure format.

Question 57

Decryption

Answer 57

Converting encrypted data back to its original form.

Question 58

Directory Traversal

Answer 58

Exploiting a web server to access files.

Question 59

Domain Hijacking

Answer 59

Taking control of a domain name.

Question 60

Escalation of Privileges

Answer 60

Gaining higher access than intended.

Question 60

Eavesdropping

Answer 60

Intercepting private communications.

Question 60

Incident Response

Answer 60

Handling security breaches.

Question 61

False Positive

Answer 61

Incorrectly identifying benign activity as malicious.

Question 62

Hash Function

Answer 62

Algorithm that maps data to a fixed size.

Question 63

Injection

Answer 63

Malicious code execution by manipulating input.

Question 64

Integrity

Answer 64

Ensuring data is accurate and unchanged.

Question 65

Key Exchange

Answer 65

Sharing cryptographic keys securely.

Question 66

IP Spoofing

Answer 66

Faking an IP address to impersonate another device.

Question 67

Key Management

Answer 67

Handling cryptographic keys securely.

Question 68

Least Privilege

Answer 68

Limiting access to only what is necessary.

Question 69

Load Balancer

Answer 69

Distributing network traffic across multiple servers.

Question 70

MAC Address

Answer 70

Unique identifier for network interfaces.

Question 71

Malvertising

Answer 71

Using online ads to spread malware.

Question 72

Message Authentication Code (MAC)

Answer 72

Ensuring message integrity.

Question 73

Patch Management

Answer 73

Updating software to fix vulnerabilities.

Question 74

Password Cracking

Answer 74

Recovering passwords from data.

Question 75

Plaintext

Answer 75

Unencrypted information.

Question 76

Polymorphic Malware

Answer 76

Malware that changes to evade detection.

Question 77

Rogue Access Point

Answer 77

Unauthorized wireless access point.

Question 78

Session Hijacking

Answer 78

Taking over a session between a client and server.

Question 79

Spear Phishing

Answer 79

Targeted phishing attack.

Question 80

Spoofing

Answer 80

Faking an identity or source.

Question 81

Steganography

Answer 81

Hiding data within other data.

Question 82

Surveillance

Answer 82

Monitoring activities or communications.

Question 83

Symmetric Encryption

Answer 83

Using the same key for encryption and decryption.

Question 84

Threat Actor

Answer 84

Entity responsible for an attack.

Question 85

Tokenization

Answer 85

Replacing sensitive data with tokens.

Question 86

Traffic Analysis

Answer 86

Monitoring and analyzing network traffic.

Question 87

URL Filtering

Answer 87

Blocking access to specific URLs.

Question 88

User Behavior Analytics (UBA)

Answer 88

Analyzing user behavior for threats.

Question 89

Virtualization

Answer 89

Creating virtual versions of resources.

Question 90

Wireless Security

Answer 90

Protecting wireless networks from threats.