CompTIA Security+ Vocab List Flashcards
Directory service by Microsoft for Windows domain networks.
Active Directory
Symmetric encryption algorithm.
AES (Advanced Encryption Standard)
Identifying unusual patterns that do not conform to expected behavior.
Anomaly Detection
Layer 7 of the OSI model, providing network services to applications.
Application Layer
Total points where an attacker can try to enter data into or extract data from an environment.
Attack Surface
Record of activities to ensure integrity and track changes.
Audit Trail
IPsec protocol providing connectionless integrity and data origin authentication.
Authentication Header (AH)
Authentication using physical characteristics, like fingerprints or facial recognition.
Biometrics
Testing without knowledge of the internal workings of the application.
Black Box Testing
Group responsible for defending an organization from cyber attacks.
Blue Team
Physical security device to prevent vehicle-based attacks.
Bollard
Video surveillance system.
CCTV (Closed-Circuit Television)
List of certificates that have been revoked by the Certificate Authority.
Certificate Revocation List (CRL)
Documentation showing the seizure, custody, control, transfer, analysis, and disposition of evidence.
Chain of Custody
Encrypted text transformed from plaintext.
Ciphertext
Security controls that provide alternative measures.
Compensating Controls
Ensuring that information is only accessible to those authorized to have access.
Confidentiality
Using different types of controls (administrative, technical, physical) to achieve security.
Control Diversity
Inactive data stored physically in any digital form.
Data-at-Rest
Data actively moving from one location to another.
Data-in-Transit
Process of reducing or eliminating a magnetic field, often used to erase data from magnetic storage.
Degaussing
Physical or logical subnetwork that contains and exposes an organization’s external-facing services.
Demilitarized Zone (DMZ)
Process of uncovering and interpreting electronic data.
Digital Forensics
Searching through waste to find confidential information.
Dumpster Diving
Framework for transporting authentication protocols.
EAP (Extensible Authentication Protocol)
Encryption algorithm based on elliptic curves over finite fields.
Elliptic Curve Cryptography (ECC)
Disturbance affecting an electrical circuit due to electromagnetic radiation.
EMI (Electromagnetic Interference)
Encryption process where decryption keys are held in escrow.
Escrowed Encryption
Rogue wireless access point mimicking a legitimate one.
Evil Twin
Linking a user’s electronic identity and attributes, stored across multiple distinct identity management systems.
Federated Identity Management
Process of validating the integrity of operating system and application software files.
File Integrity Monitoring
Creating a virtual boundary for a geographic area.
Geofencing
Popular password cracking tool.
Hashcat
System that monitors and analyzes the internals of a computing system.
HIDS (Host-based Intrusion Detection System)
System designed to protect a host from malicious attacks.
HIPS (Host-based Intrusion Prevention System)
Combining dictionary and brute-force attacks to crack passwords.
Hybrid Attack
Linking a single identity across multiple systems.
Identity Federation
System that monitors network or system activities for malicious activities.
IDS (Intrusion Detection System)
Protocol used by email clients to retrieve messages from a mail server.
IMAP (Internet Message Access Protocol)
Organized approach to addressing and managing the aftermath of a security breach or attack.
Incident Response Plan
Artifacts observed on a network or in an operating system that with high confidence indicate a computer intrusion.
IoC (Indicators of Compromise)
Creating IP packets with a forged source IP address.
IP Spoofing
Non-parametric way to estimate the probability density function of a random variable.
KDE (Kernel Density Estimation)
Network authentication protocol using tickets.
Kerberos
Secure storage and recovery of encryption keys.
Key Escrow
Protocol for accessing and maintaining distributed directory information services.
LDAP (Lightweight Directory Access Protocol)
Principle of limiting access rights for users to the bare minimum.
Least Privilege
Code inserted into a system that sets off a malicious function when specified conditions are met.
Logic Bomb
Access control policy determined by the system.
MAC (Mandatory Access Control)
Software intentionally designed to cause damage.
Malware
Physical security device that monitors and controls two interlocking doors to a small room.
Mantrap
Widely used cryptographic hash function.
MD5 (Message Digest Algorithm 5)
Attack where the attacker secretly intercepts and relays messages.
MitM (Man-in-the-Middle)
Architecture where a single instance of software serves multiple customers.
Multi-Tenancy
Solutions to define and implement a security policy that grants access to network resources.
NAC (Network Access Control)
Network protocol for collecting IP traffic information.
Netflow
System for monitoring and analyzing network traffic.
NIDS (Network Intrusion Detection System)
Assurance that someone cannot deny the validity of their actions.
Non-Repudiation
Suite of Microsoft security protocols for authentication.
NTLM (NT LAN Manager)
Making something obscure or unclear.
Obfuscation
Open standard for access delegation.
OAuth (Open Authorization)
Identifier used to name an object.
OID (Object Identifier)
Encryption technique that cannot be cracked.
One-Time Pad
Decentralized authentication protocol.
OpenID
Online community creating freely available security-related resources.
OWASP (Open Web Application Security Project)
Authentication protocol that uses a two-way handshake.
PAP (Password Authentication Protocol)
Property ensuring that the compromise of one session key does not affect others.
PFS (Perfect Forward Secrecy)
Redirecting website traffic to another, fraudulent website.
Pharming
Using one compromised system to attack others.
Pivoting
Camera that can be remotely controlled to pan, tilt, and zoom.
PTZ (Pan-Tilt-Zoom)
Precomputed table for reversing cryptographic hash functions.
Rainbow Table
Group playing the role of an adversary to test security.
Red Team
Executing code remotely on a different system.
Remote Code Execution (RCE)
Risk remaining after security measures have been applied.
Residual Risk
Unauthorized wireless access point.
Rogue AP
Adding random data to a hash function to ensure unique outputs.
Salting
Isolated environment for running untrusted programs.
Sandbox
Network management approach enabling programmatically efficient network configuration.
SDN (Software-Defined Networking)
Secure version of FTP using SSH.
SFTP (Secure File Transfer Protocol)
Single sign-on (SSO) solution for web resources.
Shibboleth
Solution for real-time analysis of security alerts.
SIEM (Security Information and Event Management)
DDoS attack using IP spoofing and ICMP.
Smurf Attack
Stack of compatible software programs enabling security operations teams to streamline and standardize activities.
SOAR (Security Orchestration, Automation, and Response)
Targeted phishing attack.
Spear Phishing
Software that secretly monitors user activity.
Spyware
Concealing messages within other non-secret text or data.
Steganography
Attack sending a series of SYN requests to consume resources.
SYN Flood
Standard for message logging.
Syslog
Proactively searching for cyber threats.
Threat Hunting
Replacing sensitive data with unique identification symbols.
Tokenization
Analyzing user behavior to detect anomalies.
UEBA (User and Entity Behavior Analytics)
Phishing conducted through phone calls.
Vishing
Tool for identifying security weaknesses.
Vulnerability Scanner
Searching for Wi-Fi networks by moving around.
War Driving
Self-replicating malware.
Worm
Simple symmetric encryption algorithm.
XOR Cipher
Tool for identifying and classifying malware.
YARA
Security concept assuming no implicit trust.
Zero Trust
Exploiting a vulnerability that is not yet known to the vendor.
Zero-Day Exploit
Dividing a storage area network (SAN) into logical segments.
Zoning
A security framework that ensures only authorized individuals can access resources.
AAA (Authentication, Authorization, and Accounting)
Evaluates attributes to determine access.
ABAC (Attribute Based Access Control)
A list of rules specifying which users or systems are granted or denied access to a particular object or system resource.
ACL (Access Control List)
A specification for encrypting electronic data established by NIST in 2001, stronger than DES and triple DES.
AES (Advanced Encryption Standard)
A service provided by CISA for real-time exchange of cyber threat indicators and defensive measures between public and private organizations.
AIS (Automated Indicator Sharing)
A type of cyber attack where an unauthorized user gains system or network access and remains undetected for an extended period.
APT (Advanced Persistent Threat)
A protocol used to map an IP address to a physical MAC address.
ARP (Address Resolution Protocol)
A technique that prevents attackers from exploiting vulnerabilities by randomizing the location of key data areas in memory.
ASLR (Address Space Layout Randomization)
A strategy ensuring an organization’s ability to prevent or recover from disruptions to operations.
BCP (Business Continuity Planning)
A feature that defends the Layer 2 STP topology against BPDU-related threats.
BDPU Guard (Bridge Protocol Data Units)
Identifies operational and financial impacts resulting from business disruptions.
BIA (Business Impact Analysis)
Firmware found on the motherboard that manages basic system functions like booting and hardware configuration.
BIOS (Basic Input/Output System)
A storage method used by cloud providers for large amounts of text or binary data.
BLOB (Binary Large Object Storage)
An agreement between two companies outlining contributions, responsibilities, and profit distribution.
BPA (Business Partnership Agreement)
A policy allowing employees to use personal devices to access company resources.
BYOD (Bring Your Own Device)
A trusted entity that issues digital certificates to verify identities.
CA (Certificate Authority)
A smart card used as the standard identification for active-duty U.S. Defense personnel.
CAC (Common Access Card)
Software or hardware that enforces security policies between users and their cloud services.
CASB (Cloud Access Security Broker)
A challenge-response test distinguishing humans from automated users.
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart)
A block cipher mode that encrypts data in blocks, using an initialization vector for security.
CBC (Cipher Block Chaining)
Security files issued by a certificate authority to verify website authenticity.
CER (Certificate)
The point where false acceptance rate and false rejection rate are equal.
CER (Crossover Error Rate)
A challenge-response authentication protocol that uses a shared secret without exposing a password.
CHAP (Challenge Handshake Authentication Protocol)
The three core principles of information security: confidentiality, integrity, and availability.
CIA (Confidentiality, Integrity, and Availability)
A team responsible for responding to and mitigating cybersecurity incidents.
CIRT (Computer Incident Response Team)
A policy allowing employees to use company-owned devices for personal use.
COPE (Corporate-Owned, Personally-Enabled)
A mathematical algorithm used to detect errors in data transmission.
CRC (Cyclic Redundancy Check)
A list of revoked certificates, used to check if a certificate is still valid.
CRL (Certificate Revocation List)
A non-profit organization providing resources to enhance cloud security.
CSA (Cloud Security Alliance)
A web security vulnerability that allows attackers to induce users into unintended actions.
CSRF (Cross-Site Request Forgery)
A senior executive responsible for overseeing an organization’s security program.
CSO (Chief Security Officer)
A third-party company providing scalable computing resources over a network.
CSP (Cloud Service Provider)
A request to a certificate authority for a digital certificate.
CSR (Certificate Signing Request)
An attack that forces a user to execute unintended actions on an authenticated web application.
CSV (Comma Separated Values)
A file format storing tabular data, with values separated by commas.
CVE (Common Vulnerabilities and Exposure)
A list of known vulnerabilities maintained by MITRE.
CVSS (Common Vulnerabilities Scoring System)
A ranking system that scores vulnerabilities based on severity.
CYOD (Choose Your Own Device)
A policy where employees choose from a set of company-approved devices.
DAC (Discretionary Access Control)
A method restricting access based on subject identity.
DDoS (Distributed Denial of Service)
A cyber attack where multiple systems flood a target server or network, causing it to become unavailable.
DES (Data Encryption Standard)
A symmetric-key block cipher once widely used but now considered insecure.
DHCP (Dynamic Host Configuration Protocol)
A protocol that automatically assigns IP addresses and network settings.
DMZ (Demilitarized Zone)
A network segment isolating internal networks while providing public-facing services.
DNS (Domain Name System)
A system that translates domain names into IP addresses.
DoS (Denial of Service)
A cyber attack overwhelming a server or network with traffic, making it unavailable.
DPO (Data Protection Officer)
A role ensuring an organization correctly protects personal data according to regulations.
DRP (Disaster Recovery Plan)
A plan preparing for recovery from disasters.
EAP (Extensible Authentication Protocol)
A framework that supports multiple authentication methods for network access.
EFS (Encrypting File System)
A Windows feature that encrypts files and folders using a public key.
EMI (Electromagnetic Interference)
Interference from electromagnetic waves that disrupt electronic devices.
EMP (Electromagnetic Pulse)
A burst of electromagnetic radiation that can damage electronic devices.
ESP (Encapsulating Security Payload)
A security protocol in IPSec ensuring confidentiality, integrity, and availability of network traffic.
FAR (False Acceptance Rate)
A metric measuring the likelihood of granting access to unauthorized users.
FDE (Full Disk Encryption)
A technique encrypting an entire disk or storage device, including the OS and user data.
FISMA (Federal Information Security Management Act)
A U.S. law requiring federal agencies to implement security programs.
FRR (False Rejection Rate)
A metric measuring the likelihood of denying access to authorized users.
FTP (File Transfer Protocol)
A protocol for transferring files between computers over a network.
GDPR (General Data Protection Regulation)
A European regulation governing data protection and privacy.
GPS (Global Positioning System)
A satellite-based system for determining device location.
GRE (Generic Routing Encapsulation)
A protocol used to encapsulate one type of packet within another.
GBAC (Group Based Access Control)
A method granting access to resources based on group membership.
HMAC (Hash-based Message Authentication Code)
A cryptographic authentication technique using a hash function and secret key.
HIDS (Host Intrusion Detection System)
A system monitoring a host for suspicious activities.
HIPAA (Health Insurance Portability And Accountability Act)
A U.S. law protecting patients’ personal health information.
HOTP (HMAC-based One-Time Password)
An algorithm generating one-time passwords for authentication.
HSM (Hardware Security Module)
A hardware device securely storing encryption keys and digital certificates.
HSTS (HTTP Strict Transport Security)
A web security policy preventing protocol downgrade attacks and cookie hijacking.
HTML (Hypertext Markup Language)
The standard markup language for creating web pages.
HTTP (Hypertext Transfer Protocol)
A protocol for transferring hypertext over the internet.
HTTPS (Hypertext Transfer Protocol Secure)
A secure version of HTTP that encrypts data in transit.
IaaS (Infrastructure as a Service)
A cloud computing model where third-party providers offer infrastructure resources.
IAM (Identity and Access Management)
A cybersecurity practice that restricts access to organizational resources.
ICMP (Internet Control Message Protocol)
A network protocol used to diagnose communication issues.
IDS (Intrusion Detection System)
A monitoring system detecting suspicious activities and generating alerts.
IPS (Intrusion Prevention System)
A network security system actively preventing identified threats.
IEEE (Institute of Electrical and Electronics Engineers)
