General Concepts Flashcards
Acronym List
AAA Authentication, Authorization, and
Accounting
ACL Access Control List
AES Advanced Encryption Standard
AES-256 Advanced Encryption Standards 256-bit
AH Authentication Header
AI Artificial Intelligence
AIS Automated Indicator Sharing
ALE Annualized Loss Expectancy
AP Access Point
API Application Programming Interface
APT Advanced Persistent Threat
ARO Annualized Rate of Occurrence
ARP Address Resolution Protocol
ASLR Address Space Layout Randomization
ATT&CK Adversarial Tactics, Techniques, and
Common Knowledge
AUP Acceptable Use Policy
AV Antivirus
BASH Bourne Again Shell
BCP Business Continuity Planning
BGP Border Gateway Protocol
BIA Business Impact Analysis
BIOS Basic Input/Output System
BPA Business Partners Agreement
BPDU Bridge Protocol Data Unit
BYOD Bring Your Own Device
CA Certificate Authority
CAPTCHA Completely Automated Public Turing Test to
Tell Computers and Humans Apart
CAR Corrective Action Report
CASB Cloud Access Security Broker
CBC Cipher Block Chaining
CCMP Counter Mode/CBC-MAC Protocol
CCTV Closed-circuit Television
CERT Computer Emergency Response Team
CFB Cipher Feedback
Acronym Spelled Out
CHAP Challenge Handshake Authentication
Protocol
CIA Confidentiality, Integrity, Availability
CIO Chief Information Officer
CIRT Computer Incident Response Team
CMS Content Management System
COOP Continuity of Operation Planning
COPE Corporate Owned, Personally Enabled
CP Contingency Planning
CRC Cyclical Redundancy Check
CRL Certificate Revocation List
CSO Chief Security Officer
CSP Cloud Service Provider
CSR Certificate Signing Request
CSRF Cross-site Request Forgery
CSU Channel Service Unit
CTM Counter Mode
CTO Chief Technology Officer
CVE Common Vulnerability Enumeration
CVSS Common Vulnerability Scoring System
CYOD Choose Your Own Device
DAC Discretionary Access Control
DBA Database Administrator
DDoS Distributed Denial of Service
DEP Data Execution Prevention
DES Digital Encryption Standard
DHCP Dynamic Host Configuration Protocol
DHE Diffie-Hellman Ephemeral
DKIM DomainKeys Identified Mail
DLL Dynamic Link Library
DLP Data Loss Prevention
DMARC Domain Message Authentication Reporting
and Conformance
DNAT Destination Network Address Translation
DNS Domain Name System
DoS Denial of Service
DPO Data Privacy Officer
CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0
Copyright © 2023 CompTIA, Inc. All rights reserved.
Acronym Spelled Out
DRP Disaster Recovery Plan
DSA Digital Signature Algorithm
DSL Digital Subscriber Line
EAP Extensible Authentication Protocol
ECB Electronic Code Book
ECC Elliptic Curve Cryptography
ECDHE Elliptic Curve Diffie-Hellman Ephemeral
ECDSA Elliptic Curve Digital Signature Algorithm
EDR Endpoint Detection and Response
EFS Encrypted File System
ERP Enterprise Resource Planning
ESN Electronic Serial Number
ESP Encapsulated Security Payload
FACL File System Access Control List
FDE Full Disk Encryption
FIM File Integrity Management
FPGA Field Programmable Gate Array
FRR False Rejection Rate
FTP File Transfer Protocol
FTPS Secured File Transfer Protocol
GCM Galois Counter Mode
GDPR General Data Protection Regulation
GPG Gnu Privacy Guard
GPO Group Policy Object
GPS Global Positioning System
GPU Graphics Processing Unit
GRE Generic Routing Encapsulation
HA High Availability
HDD Hard Disk Drive
HIDS Host-based Intrusion Detection System
HIPS Host-based Intrusion Prevention System
HMAC Hashed Message Authentication Code
HOTP HMAC-based One-time Password
HSM Hardware Security Module
HTML Hypertext Markup Language
HTTP Hypertext Transfer Protocol
HTTPS Hypertext Transfer Protocol Secure
HVAC Heating, Ventilation Air Conditioning
IaaS Infrastructure as a Service
IaC Infrastructure as Code
IAM Identity and Access Management
ICMP Internet Control Message Protocol
ICS Industrial Control Systems
IDEA International Data Encryption Algorithm
IDF Intermediate Distribution Frame
IdP Identity Provider
IDS Intrusion Detection System
Acronym Spelled Out
IEEE Institute of Electrical and Electronics
Engineers
IKE Internet Key Exchange
IM Instant Messaging
IMAP Internet Message Access Protocol
IoC Indicators of Compromise
IoT Internet of Things
IP Internet Protocol
IPS Intrusion Prevention System
IPSec Internet Protocol Security
IR Incident Response
IRC Internet Relay Chat
IRP Incident Response Plan
ISO International Standards Organization
ISP Internet Service Provider
ISSO Information Systems Security Officer
IV Initialization Vector
KDC Key Distribution Center
KEK Key Encryption Key
L2TP Layer 2 Tunneling Protocol
LAN Local Area Network
LDAP Lightweight Directory Access Protocol
LEAP Lightweight Extensible Authentication
Protocol
MaaS Monitoring as a Service
MAC Mandatory Access Control
MAC Media Access Control
MAC Message Authentication Code
MAN Metropolitan Area Network
MBR Master Boot Record
MD5 Message Digest 5
MDF Main Distribution Frame
MDM Mobile Device Management
MFA Multifactor Authentication
MFD Multifunction Device
MFP Multifunction Printer
ML Machine Learning
MMS Multimedia Message Service
MOA Memorandum of Agreement
MOU Memorandum of Understanding
MPLS Multi-protocol Label Switching
MSA Master Service Agreement
MSCHAP Microsoft Challenge Handshake
Authentication Protocol
MSP Managed Service Provider
MSSP Managed Security Service Provider
MTBF Mean Time Between Failures
MTTF Mean Time to Failure
CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0
Copyright © 2023 CompTIA, Inc. All rights reserved.
Acronym Spelled Out
MTTR Mean Time to Recover
MTU Maximum Transmission Unit
NAC Network Access Control
NAT Network Address Translation
NDA Non-disclosure Agreement
NFC Near Field Communication
NGFW Next-generation Firewall
NIDS Network-based Intrusion Detection System
NIPS Network-based Intrusion Prevention System
NIST National Institute of Standards & Technology
NTFS New Technology File System
NTLM New Technology LAN Manager
NTP Network Time Protocol
OAUTH Open Authorization
OCSP Online Certificate Status Protocol
OID Object Identifier
OS Operating System
OSINT Open-source Intelligence
OSPF Open Shortest Path First
OT Operational Technology
OTA Over the Air
OVAL Open Vulnerability Assessment Language
P12 PKCS #12
P2P Peer to Peer
PaaS Platform as a Service
PAC Proxy Auto Configuration
PAM Privileged Access Management
PAM Pluggable Authentication Modules
PAP Password Authentication Protocol
PAT Port Address Translation
PBKDF2 Password-based Key Derivation Function 2
PBX Private Branch Exchange
PCAP Packet Capture
PCI DSS Payment Card Industry Data Security
Standard
PDU Power Distribution Unit
PEAP Protected Extensible Authentication
Protocol
PED Personal Electronic Device
PEM Privacy Enhanced Mail
PFS Perfect Forward Secrecy
PGP Pretty Good Privacy
PHI Personal Health Information
PII Personally Identifiable Information
PIV Personal Identity Verification
PKCS Public Key Cryptography Standards
PKI Public Key Infrastructure
POP Post Office Protocol
POTS Plain Old Telephone Service
PPP Point-to-Point Protocol
PPTP Point-to-Point Tunneling Protocol
PSK Pre-shared Key
PTZ Pan-tilt-zoom
PUP Potentially Unwanted Program
RA Recovery Agent
RA Registration Authority
RACE Research and Development in Advanced
Communications Technologies in Europe
RAD Rapid Application Development
RADIUS Remote Authentication Dial-in User Service
RAID Redundant Array of Inexpensive Disks
RAS Remote Access Server
RAT Remote Access Trojan
RBAC Role-based Access Control
RBAC Rule-based Access Control
RC4 Rivest Cipher version 4
RDP Remote Desktop Protocol
RFID Radio Frequency Identifier
RIPEMD RACE Integrity Primitives Evaluation
Message Digest
ROI Return on Investment
RPO Recovery Point Objective
RSA Rivest, Shamir, & Adleman
RTBH Remotely Triggered Black Hole
RTO Recovery Time Objective
RTOS Real-time Operating System
RTP Real-time Transport Protocol
S/MIME Secure/Multipurpose Internet Mail
Extensions
SaaS Software as a Service
SAE Simultaneous Authentication of Equals
SAML Security Assertions Markup Language
SAN Storage Area Network
SAN Subject Alternative Name
SASE Secure Access Service Edge
SCADA Supervisory Control and Data Acquisition
SCAP Security Content Automation Protocol
SCEP Simple Certificate Enrollment Protocol
SD-WAN Software-defined Wide Area Network
SDK Software Development Kit
SDLC Software Development Lifecycle
SDLM Software Development Lifecycle
Methodology
Acronym Spelled Out
CompTIA Security+ SY0-701 Certification Exam: Exam Objectives Version 5.0
Copyright © 2023 CompTIA, Inc. All rights reserved.
Acronym Spelled Out
SDN Software-defined Networking
SE Linux Security-enhanced Linux
SED Self-encrypting Drives
SEH Structured Exception Handler
SFTP Secured File Transfer Protocol
SHA Secure Hashing Algorithm
SHTTP Secure Hypertext Transfer Protocol
SIEM Security Information and Event Management
SIM Subscriber Identity Module
SLA Service-level Agreement
SLE Single Loss Expectancy
SMS Short Message Service
SMTP Simple Mail Transfer Protocol
SMTPS Simple Mail Transfer Protocol Secure
SNMP Simple Network Management Protocol
SOAP Simple Object Access Protocol
SOAR Security Orchestration, Automation,
Response
SoC System on Chip
SOC Security Operations Center
SOW Statement of Work
SPF Sender Policy Framework
SPIM Spam over Internet Messaging
SQL Structured Query Language
SQLi SQL Injection
SRTP Secure Real-Time Protocol
SSD Solid State Drive
SSH Secure Shell
SSL Secure Sockets Layer
SSO Single Sign-on
STIX Structured Threat Information eXchange
SWG Secure Web Gateway
TACACS+ Terminal Access Controller Access Control
System
TAXII Trusted Automated eXchange of Indicator
Information
TCP/IP Transmission Control Protocol/Internet
Protocol
TGT Ticket Granting Ticket
TKIP Temporal Key Integrity Protocol
TLS Transport Layer Security
TOC Time-of-check
Acronym Spelled Out
TOTP Time-based One-time Password
TOU Time-of-use
TPM Trusted Platform Module
TTP Tactics, Techniques, and Procedures
TSIG Transaction Signature
UAT User Acceptance Testing
UAV Unmanned Aerial Vehicle
UDP User Datagram Protocol
UEFI Unified Extensible Firmware Interface
UEM Unified Endpoint Management
UPS Uninterruptable Power Supply
URI Uniform Resource Identifier
URL Universal Resource Locator
USB Universal Serial Bus
USB OTG USB On the Go
UTM Unified Threat Management
UTP Unshielded Twisted Pair
VBA Visual Basic
VDE Virtual Desktop Environment
VDI Virtual Desktop Infrastructure
VLAN Virtual Local Area Network
VLSM Variable Length Subnet Masking
VM Virtual Machine
VoIP Voice over IP
VPC Virtual Private Cloud
VPN Virtual Private Network
VTC Video Teleconferencing
WAF Web Application Firewall
WAP Wireless Access Point
WEP Wired Equivalent Privacy
WIDS Wireless Intrusion Detection System
WIPS Wireless Intrusion Prevention System
WO Work Order
WPA Wi-Fi Protected Access
WPS Wi-Fi Protected Setup
WTLS Wireless TLS
XDR Extended Detection and Response
XML Extensible Markup Language
XOR Exclusive Or
XSRF Cross-site Request Forgery
XSS Cross-site Scripting
Hardware and Software List
Equipment
- Tablet
- Laptop
- Web server
- Firewall
- Router
- Switch
- IDS
- IPS
- Wireless access point
- Virtual machines
- Email system
- Internet access
- DNS server
- IoT devices
- Hardware tokens
- Smartphone
Spare Hardware
- NICs
- Power supplies
- GBICs
- SFPs
- Managed Switch
- Wireless access point
- UPS
Tools
- Wi-Fi analyzer
- Network mapper
- NetFlow analyzer
Software
- Windows OS
- Linux OS
- Kali Linux
- Packet capture software
- Pen testing software
- Static and dynamic analysis tools
- Vulnerability scanner
- Network emulators
- Sample code
- Code editor
- SIEM
- Keyloggers
- MDM software
- VPN
- DHCP service
- DNS service
OSI (Open Systems Interconnection) model
Physical (Layer 1): Transmission of bits
- Examples: Cables, Hubs, Wireless
Data Link (Layer 2): Frame delivery, MAC addressing
- Examples: Ethernet, Switches
Network (Layer 3): Routing and addressing
- Examples: IP, Routers, BGP
Transport (Layer 4): Reliable data transfer, flow control
- Examples: TCP, UDP
Session (Layer 5): Manages communication sessions
- Examples: NetBIOS, PPTP
Presentation (Layer 6): Data formatting, encryption, compression
- Examples: TLS/SSL, JPEG
Application (Layer 7): User interface and network services
- Examples: HTTP, FTP, DNS
Availability vs Reliability vs Resiliency vs Redundancy
-
Availability
- Focus: Minimizing downtime. Adding redundancy, fault tolerance, failover
- Metrics: Uptime percentage (e.g., 99.9%, 99.999%), MTTR
-
Reliability Ability to perform consistently and correctly over time
- Focus: Minimizing errors (the system can be ‘available’ but not be working properly)
- Metrics: MTBF, Error rate
-
Resiliency methods help systems heal themselves and recover from faults automatically.
- Focus: Self-heal after damage, failure, load, or attack
- Metrics: RTO, RPO, System recovery time, Backup and restore success rate
- Redundancy adds duplication to critical system components and networks and provides fault tolerance.
Redundancy -> increases the systems’ reliability even when they fail (?).
By increasing reliability, you increase a system’s resiliency or availability.
Address Resolution Protocol (ARP)
Links IPv4 addresses to MAC addresses after a packet is delivered to a subnet; vulnerable to ARP poisoning attacks.
Session Initiation Protocol (SIP)
SIP starts, maintains, and ends voice, video, and messaging sessions; logs can detect attacks and aid forensics. Used in UDP
OpenSSH
- OpenSSH. A suite of tools that simplifies secure SSH connections to remote servers.
- ssh-keygen. Creates a public/private key pair for secure access.
- ssh-copy-id. Copies the public key to a remote server for authentication.
CNAME
-
CNAME (Canonical Name). An alias that links multiple names to a single IP address.
- Allows a system to be known by different names.
- Example: Server1 in getcertifiedgetahead.com can have an alias of FileServer1 in the same domain.
Broadcast Storm and Loop Prevention (for switches)
- Broadcast Storm. Network flooding caused by continuous broadcast traffic, overwhelming devices.
-
Loop Prevention. Techniques like STP (Spanning Tree Protocol) or RSTP (Rapid STP) prevent switching loops.
- Prevents issues when two ports on the same switch are connected.
STP uses Bridge Protocol Data Unit (BPDU) messages to detect loops, while BPDU Guard protects edge ports by disabling them if unwanted BPDUs are detected.
Network Address Translation (NAT)
NAT translates public IP addresses to private IP addresses and private IP addresses back to public. A common form of NAT is Port Address Translation. Dynamic NAT uses multiple public IP addresses, while static NAT uses a single public IP address.
Wireless Site Survey and Heat Map
A site survey identifies wireless issues, using a heat map to show coverage and dead spots, while wireless footprinting maps access points, hotspots, and dead zones.
Understanding Wireless Attacks
- Disassociation Attack. Forces wireless clients to re-authenticate by disconnecting them.
- WPS Attack. Uses PIN-guessing to quickly find a device’s passphrase.
- Rogue Access Point & Evil Twin. Unauthorized APs (using same or similar SSID) capture data, bypassing secure AP restrictions.
- Jamming Attack. DoS attack that disrupts network by transmitting noise on the same frequency.
- RFID Attacks - systems, consisting of RFID readers and tags, are used to track and manage assets such as inventory, animals, and pharmaceuticals
- Initialization Vector (IV) attack attempts to discover the passphrase.
Authentication and Authorization Methods
- PAP (Password Authentication Protocol): Uses passwords but sends them in cleartext, making it vulnerable to sniffing attacks.
- CHAP (Challenge Handshake Authentication Protocol): More secure than PAP, as it doesn’t send passwords in cleartext.
AAA solutions:
-
RADIUS (Remote Authentication Dial-In User Service):
- Provides authentication, authorization, and accounting (AAA) in one.
- Only encrypts the password by default but can use EAP to encrypt entire sessions.
-
TACACS+:
- Encrypts the entire session by default.
- Provides centralized authentication.
- Kerberos (used with MS AD) is sometimes referred to as an AAA protocol, but it does not provide any accounting services on its own, although it can interface with accounting systems.
Hardening Cloud Environments
-
CASB (Cloud Access Security Broker):
- Deployed between an organization’s network and the cloud provider.
- enforcing security policies.
-
Next-Generation SWG (Secure Web Gateway):
- Acts as a proxy for client traffic to Internet sites. A combination of a proxy server and a stateless firewall.
- Filters URLs and scans for malware to secure web traffic.
Edge Computing vs. Fog Computing
-
Edge Computing:
- Processes data close to the source for real-time response.
- Avoids cloud delays (e.g., autonomous car sensors for quick reactions).
-
Fog Computing:
- Similar to edge but distributes processing across a nearby network.
- Difference: Edge = single device; Fog = network of devices.
