Security+ Vocab

avatar
Created by
Tristan Currie

Cards (786)

  • There are three types of security controls: management controls, operational controls, and technical controls.
  • A certificate format that can be used by itself in IIS as the basis for S/MIME and single sign-on
  • 5G is a fifth-generation advanced wireless network technology developed based on the 802.11ac IEEE wireless standard
  • 802.1X is an IEEE standard that defines port-based network access control (PNAC). It is used for data link layer authentication to connect hosts to a LAN or WLAN
  • Acceptable use policies define the rules restricting how a computer, network, or other system may be used
  • An access control list (ACL) is a list of permissions attached to an object specifying the level of access a user, users, or groups have to that object
  • Access control models determine the level of access that a subject (user or system) has on a resource. There are four major types: Mandatory Access Control (MAC), Role-Based Access Control (RBAC), Discretionary Access Control (DAC), and Rule-Based Access Control (RBAC)
  • Access control vestibules are entries with panels used to control ingress/egress of a building, allowing security visibility into persons accessing the facility
  • Access policies are implemented to allow or deny access to an entity, such as a network, file, or resource
  • Account audit is the process of auditing permissions assigned to accounts on a system
  • Account permissions, such as file and printer access, can be assigned to individual users or groups
  • Accounting logs login session statistics and usage information when a user accesses an application, system, or device
  • In digital forensics, acquisition is the process of collecting specific data related to an attack, intrusion, or investigation
  • Active Directory is a Microsoft directory service that authenticates and authorizes users and computers
  • Active reconnaissance is an attacker's method carried out mostly using network and vulnerability scanners
  • Active/active is a load-balancing scenario where each device performs work simultaneously, sharing the load
  • Active/passive is a load-balancing scenario where one device actively performs work while the other works in standby mode
  • Address space layout randomization (ASLR) involves random arrangement of address spaces used by a program to prevent memory vulnerabilities
  • Administrator accounts have higher-level privileges on a system, similar to root accounts on a Linux system
  • Advanced persistent threat (APT) is a sophisticated attack that can remain undetected for a long time
  • Adversary tactics, techniques, and procedures (TTPs) are used by attackers to compromise a system or network
  • Air gap refers to the lack of connection between a computer and other networks to prevent network attacks
  • An allow list is a list of allowed applications or functions accessible to a specific resource
  • Always-on VPN client automatically establishes a VPN connection when an Internet connection is made
  • Annualized loss expectancy (ALE) is the total expected loss in dollars per year due to a specific incident
  • Annualized rate of occurrence (ARO) is the number of times per year a specific incident occurs
  • Anonymization is a method of obfuscating data to protect the identity of the data owner
  • Antimalware software protects against infections caused by various types of malware, including viruses, rootkits, ransomware, and spyware
  • Antivirus software prevents, detects, and removes malware from a system
  • Anything as a service (XaaS) refers to cloud-based services that do not fall into SaaS, PaaS, or IaaS categories
  • API inspection and integration allows for better automation of workflow deployment in cloud computing environments
  • Application approved list is an index of approved software applications or executable files permitted on a computer system
  • Application block list/deny list prevents the execution of undesirable or unauthorized programs
  • Application DDoS attacks target Layer 7 applications and leverage known vulnerabilities against specific software
  • Application programming interface (API) enables other systems to interact with an application
  • Application provisioning is the process of securely deploying an application on-premises or in the cloud
  • Application scanners assess application-specific vulnerabilities and operate at the upper layers of the OSI model
  • Arduino is an open-source electronics platform based on easy-to-use hardware and software
  • ARP cache contains tables used to store IP addresses and their resolved Ethernet physical addresses
  • ARP cache poisoning manipulates the ARP cache on a host to redirect traffic and perform an on-path attack