CompTIA Security+ TB 3.0 Security Tech And Tools Flashcards
Firewall
A firewall is a network security device that monitors and controls incoming and outgoing traffic based on predefined rules.
Intrusion Detection System (IDS)
An IDS is a security tool that monitors network traffic and system activities for suspicious patterns or known attack signatures.
Intrusion Prevention System (IPS)
An IPS is an advanced version of an IDS that not only detects suspicious activities but also takes automated actions to block and prevent potential threats in real-time
Antivirus/Antimalware Software
Antivirus and antimalware software are designed to detect, prevent, and remove malicious software, such as viruses, worms, trojans, and ransomware from systems and networks.
Secure Email Gateway
A secure email gateway filters and scans incoming and outgoing emails to detect and block spam, phishing attempts, and malicious attachments or links.
Data Loss Prevention (DLP) Tools
DLP tools help organizations identify, monitor, and protect sensitive data to prevent unauthorized access, leakage, or accidental disclosure
Encryption Tools
Encryption tools are used to secure sensitive data by converting it into an unreadable format, ensuring confidentiality during transmission and storage
Virtual Private Network (VPN)
VPNs provide encrypted and secure communication over public networks, enabling remote users to access an organization’s resources securely.
Multi-Factor Authentication (MFA)
MFA adds an extra layer of security to user authentication by requiring multiple factors, such as a password and a one-time code sent to a mobile device, to access accounts or systems
Web Application Firewall (WAF)
A WAF is a security tool that protects web applications by filtering and monitoring HTTP traffic between a web application and the internet. It helps prevent web application attacks, such as SQL injection and cross-site scripting (XSS)
Security Information and Event Management (SIEM)
SIEM tools collect and analyze log data from various sources to identify security incidents, correlate events, and provide real-time threat detection and response capabilities
Endpoint Security Solutions
Endpoint security solutions protect individual devices, such as computers and smartphones, from malware, unauthorized access, and data breaches
Penetration Testing Tools
Penetration testing tools are used to simulate cyberattacks to identify vulnerabilities in networks, systems, and applications
Network Monitoring Tools
Network monitoring tools continuously monitor network traffic, devices, and performance to identify anomalies and potential security issues
Identity and Access Management (IAM) Solutions
IAM solutions manage user identities, access rights, and permissions to ensure that only authorized users can access specific resources
Secure File Transfer Protocol (SFTP)
SFTP is a secure version of FTP (File Transfer Protocol) that encrypts data during file transfer, preventing unauthorized access to sensitive data.
Security Assessment and Compliance Tools
Security assessment and compliance tools help organizations evaluate their adherence to cybersecurity standards and regulations
Container Security Tools
Container security tools protect containerized applications by detecting vulnerabilities and monitoring container runtime behavior.
Mobile Device Management (MDM) Solutions
MDM solutions manage and secure mobile devices used by employees, ensuring compliance with security policies and protecting data.
Security Awareness Training Platforms
Security awareness training platforms offer interactive training modules to educate employees about cybersecurity best practices and threats
Incident Response Platforms
Incident response platforms help organizations streamline and coordinate incident response efforts during security breaches or cyberattacks
Patch Management Tools
Patch management tools automate the process of applying software updates and security patches to systems and applications, reducing vulnerability risks
Cloud Security Tools
Cloud security tools provide additional security layers for cloud environments, protecting data, applications, and infrastructure
Behavioral Analytics Tools
Behavioral analytics tools analyze user behavior and network activities to detect anomalies and potential insider threats.
Secure Web Gateways
Secure web gateways protect users from web-based threats by filtering web traffic, URLs, and content.
What are the two primary types of Intrusion Detection Technologies?
- NIDS- Network-Based Intrusion Detection Systems
- HIDS: Host-Based Intrusion Detection Systems
What is a Network-Based Intrusion Detection System (NIDS)?
NIDS monitors network traffic in real-time to detect and respond to potential threats
What is a Host-Based Detection System (HIDS)?
HIDS monitors and