This class was created by Brainscape user Luis Lopez. Visit their profile to learn more about the creator.
By:
Luis Lopez
- decks
- flashcards
- learners
Decks in this class (202)
Threat Actor Motivations
What are the threat actors intent 1,
What are the threat actors motiva...,
What is the motivation for data e...
12
cards
Hacktivists
What is a hacktivist 1,
What is hacktivism 2,
What techniques do hacktivists use 3
6
cards
Organized Crime
What are organized cybercrime gro...,
What types of advanced hacking te...,
What types of crimes would they do 3
4
cards
Unskilled Attackers
What is an unskilled attacker 1,
Are they a threat 2,
How do these unskilled attackers ...
3
cards
Nation-State Actor
What is a nation state actor 1,
What is a false flag attack 2,
What are the types of techniques ...
5
cards
Insider Threats
What is an insider threat 1,
What are the various forms of ins...,
What would be their motivations 3
3
cards
Shadow IT
What is shadow it 1,
Why does shadow it exist 2,
What is bring your own devices by...
3
cards
Threat Vectors and Attack Surfaces
What is a threat vector 1,
What is an attack surface 2,
What are the different types of t...
11
cards
Outsmarting Threat Actors
What are tactics techniques and p...,
What are deceptive and disruption...,
What are honeypots 3
11
cards
Physical Security
What is physical security 1
1
cards
Fencing and Bollards
What is a fence 1,
What are bollards 2,
What is fencing more suited for 3
4
cards
Attacking with Brute Force
What is brute force 1,
What is forcible entry 2,
What occurs when tampering with s...
5
cards
Surveillance Systems
What is a surveillance system 1,
What does surveillance comprise of 2,
What can security cameras include 3
4
cards
Bypassing Surveillance Systems
What are different methods used b...,
What occurs in visual obstruction 2,
What occurs in blinding sensors a...
7
cards
Access Control Vestibules
What are access control vestibules 1,
What do access control vestibules...,
What is piggybacking 3
5
cards
Door Locks
What are door locks 1,
What is false acceptance rate far 2,
What is false rejection rate frr 3
4
cards
Access Badge Cloning
What is access badge cloning 1,
What is step 1 of cloning an acce...,
What is step 2 of cloning an acce...
7
cards
Social Engineering
What is social engineering 1
1
cards
Motivational Triggers
What are the 6 main types of moti...,
What does the motivational trigge...,
What does the motivational trigge...
7
cards
Impersonation
What is impersonation 1,
What is brand impersonation 2,
What is typosqatting 3
5
cards
Pretexting
What is pretexting 1,
How to prevent pretexting 2
2
cards
Phishing Attacks
What is phishing 1,
What is spear phishing 2,
What is whaling 3
6
cards
Preventing Phishing Attacks
What is an anti phishing campaign 1,
What are commonly used indicators...,
What is urgency 3
7
cards
Frauds and Scams
What is fraud 1,
What is identity fraud and identi...,
What is the difference between id...
5
cards
Influence Campaigns
What are influence campaigns 1,
What is misinformation 2,
What is disinformation 3
3
cards
Other Social Engineering Attacks
What is diversion theft 1,
What are hoaxes 2,
How to prevent hoaxes 3
13
cards
MALWARE
What is malware 1,
What is a threat vector 2,
What is an attack vector 3
3
cards
Viruses
What is a computer virus 1,
What is a boot sector virus 2,
What is a macro virus 3
11
cards
Worms
What is a worm 1,
Why are worms dangerous 2,
What are worms known for 3
3
cards
Trojans
What is a trojan 1,
What is a remote access trojan rat 2,
How are trojans used 3
3
cards
Ransomware
What is ransomware 1,
How can we protect ourselves and ...,
What should you do if you find yo...
3
cards
Zombies and Botnets
What is a botnet 1,
What is a zombie 2,
What is a command and control node 3
7
cards
Rootkits
What is a rootkit 1,
What does the administrative acco...,
What is a technique used by rootk...
12
cards
Backdoors and Logic Bombs
What is a backdoor 1,
What is a backdoor used for 2,
What is an easter egg 3
4
cards
Keylogger
What is a keylogger 1,
What are software keyloggers 2,
What are hardware keyloggers 3
3
cards
Spyware and Bloatware
What is spyware 1,
How can spyware get installed on ...,
How to protect against sypware 3
6
cards
Malware Attack Techniques
What is a malware exploitation te...,
What does fileless malware do 2,
How does this modern malware work 3
12
cards
Indications of Malware Attacks
What are account lockouts 1,
What is concurrent session utiliz...,
What is blocked content 3
9
cards
DATA PROTECTION
What is data protection 1
1
cards
Data Classifications
What is data classification 1,
What is sensitive data 2,
What is the importance of data cl...
15
cards
Data Ownership
What is data ownership 1,
What is a data owner 2,
What is a data controller 3
9
cards
Data States
What is data at rest 1,
What are transport of encryption ...,
What is ssl secure sockets layer ...
9
cards
Data Types
What is regulated data 1,
What is pii personal identificati...,
What is phi protected health info...
5
cards
Securing Data
What are geographic restrictions ...,
What is encryption 2,
What is hashing 3
8
cards
CRYPTOGRAPHIC SOLUTIONS
What is cryptography 1,
What is encryption 2,
What are the three states of data 3
8
cards
Symmetric vs Asymmetric
What is a symmetric algorithm pri...,
What is an asymmetric algorithm p...,
What is hybird implementation 3
5
cards
Symmetric Algorithms
What is data encryption standard ...,
What is triple des 3des 2,
What is the international data en...
10
cards
Asymmetric Algorithms
What is a digital signature 1,
What is diffie hellman dh 2,
What is rsa 3
4
cards
RISK MANAGEMENT
What is risk management 1
1
cards
Risk Assessment Frequency
What is risk assessment frequency 1,
What are the four main types of r...,
What are ad hoc risk assessments 3
6
cards
Risk Identification
What is risk identification 1,
What are the techniques for risk ...,
What is business impact analysis 3
7
cards
Risk Register
What is risk management 1,
What is risk register 2,
What is the risk description 3
13
cards
Qualitative Risk Analysis
What is qualitative risk analysis 1,
Blank 2
2
cards
Quantitative Risk Analysis
What is quantitative risk analysis 1,
What are the key components for q...,
What is the exposure factor ef 3
6
cards
Risk Management Strategies
What is risk transference 1,
What is a contract indemnity clau...,
What does risk transference speci...
6
cards
Risk Monitoring and Reporting
What is risk monitoring 1,
What is residual risk 2,
What is a control risk 3
9
cards
THIRD-PARTY VENDOR RISKS
What are third party vendor risks 1
1
cards
Supply Chain Risks
How can hardware manufacturers be...,
How can secondary aftermarket sou...,
How can software developers provi...
5
cards
Supply Chain Attacks
What is a supply chain attack 1,
What is the chips act of 2022 2,
What is a semiconductor 3
8
cards
Vendor Assessment
What are vendor assessments 1,
What are the entities in vendor a...,
What are vendors 3
9
cards
Vendor Selection and Monitoring
What is due diligence 1,
What are vendor questionaires 2,
What are rules of engagement 3
5
cards
Contracts and Agreements
What is a basic contract 1,
What is a service level agreement...,
What is a memorandum of agreement...
8
cards
GOVERNANCE AND COMPLIANCE
What is governance 1,
What is compliance 2
2
cards
Governance
What is the grc triad 1,
What is governance 2,
What is the purpose of governance 3
10
cards
Governance Structures
What is organizational governance 1,
What are boards or directors 2,
What are committees 3
6
cards
Policies
What is an acceptable use policy ...,
What are information security pol...,
What is a business continuity pol...
7
cards
Standards
What are standards 1,
What are password standards 2,
What are access control standards 3
5
cards
Procedures
What are procedures 1,
What is change management 2,
What is an onboarding procedure 3
5
cards
Governance Considerations
What are regulatory considerations 1,
What are legal considerations 2,
What are industry considerations 3
7
cards
Compliance
What is compliance 1,
What is compliance reporting 2,
What is internal compliance repor...
12
cards
Non-compliance Consequences
What are fines 1,
What are sanctions 2,
What is reputational damage 3
5
cards
ASSET AND CHANGE MANAGEMENT
What is asset management 1,
What is change management 2
2
cards
Acquisition and Procurement
What is acquisition 1,
What is procurement 2,
What is a company credit card use...
5
cards
Mobile Asset Deployments
What is byod bring your own device 1,
What is cope corporate owned pers...,
What is a cyod choose your own de...
3
cards
Asset Management
What is asset monitoring 1,
What is asset tracking 2,
What is enumeration 3
6
cards
Asset Disposal and Decommissioning
What is asset disposal and decomm...,
What is nist special publication ...,
What is sanitization 3
12
cards
Change Management
What is change management 1,
What is the change advisory board...,
What is a change owner 3
5
cards
Change Management Processes
What is preparation 1,
What is a vision for change 2,
What is verification 3
6
cards
Technical Implications of Changes
What is an allow list 1,
What is a deny list 2,
What is a legacy application 3
3
cards
Documenting Changes
What do documenting changes do 1,
What is version control 2
2
cards
AUDITS AND ASSESSMENTS
What are audits 1,
What is an internal audit 2,
What is an external audit 3
5
cards
Internal Audits and Assessments
What are internal audits 1,
What does compliance do 2,
What is an audit committee 3
10
cards
Performing an Internal Assessment
What is an internal assessment 1,
What is the mcit cybersecurity se...,
What is the overview of the check...
3
cards
External Audits and Assessments
What is an external audit 1,
What is an external assessment 2,
What is regulatory compliance 3
5
cards
Penetration Testing
What is penetration testing 1,
What is physical penetration test...,
What is an offensive penetration ...
5
cards
Reconnaissance in Pentesting
What is reconnaissance 1,
What is active reconnaissance 2,
What is passive reconnaissance 3
6
cards
Attestation of Findings
What is attestation 1,
What is software attestation 2,
What is hardware attestation 3
6
cards
CYBER RESILIENCE AND REDUNDANCY
What is cyber resilience 1,
What is redundancy 2
2
cards
High Availability
What is high availability 1,
How is high availability achieved 2,
What is uptime 3
10
cards
Data Redundancy
What does raid redundant array of...,
What does raid 0 do 2,
What does raid 1 do 3
9
cards
Capacity Planning
What is capacity planning 1,
How are people used in capacity p...,
How is technology used in capacit...
5
cards
Powering Data Centers
What are surges 1,
What are spikes 2,
What are sags 3
9
cards
Data Backups
What is a data backup 1,
What is an onsite backup 2,
What is an offsite backup 3
10
cards
Continuity of Operations Plan
What is a continuity of operation...,
What is a business continuity pla...,
What does a disaster recovery pla...
3
cards
Redundant SIte Considerations
What is a redundant site 1,
What is a hot site 2,
What is a warm site 3
10
cards
Resilience and Recovery Testing
What is resilience testing 1,
What is recovery testing 2,
What is a tabletop exercise 3
8
cards
SECURITY ARCHITECTURE
What is security architecture 1,
What is the on premise method 2,
What is the cloud computing method 3
3
cards
On-Premise Vs the Cloud
What is cloud computing 1,
What is the responsibility matrix 2,
What are third party vendors 3
5
cards
Cloud Security
What do shared physical server vu...,
How to mitigate the risk from sha...,
What does inadequate virtual envi...
11
cards
Virtualization and Containerization
What does virtualization do 1,
What does containerization do 2,
What is the hypervisor type 1 bar...
8
cards
Serverless
What is serverless 1,
What are functions as a service f...,
How are reduced operational costs...
7
cards
Microservices
What are microservices 1,
How is scalability an advantage o...,
How is flexibility an advantage o...
9
cards
Network Infrastructure
What is network infrastructure 1,
What is physical separation air g...,
What is logical separation 3
3
cards
Software-defined Network (SDN)
What is sofware defined network s...,
What is data plane 2,
What is control plane 3
4
cards
Infrastructure as Code (IaC)
What is infrastructure as code iac 1
1
cards
Centralized vs. Decentralized Architectures
What does a centralized architect...,
What does a decentralized archite...
2
cards
Internet of Things (IoT)
What is the internet of things iot 1,
What is the hub control system 2
2
cards
ICS and SCADA
What are industrial control syste...,
What are distributed control syst...,
What are programmable logic contr...
4
cards
Embedded Systems
What are embedded systems 1,
What is a real time operating sys...,
What are risks and vulnerabilitie...
8
cards
SECURITY INFRASTRUCTURE
What is a security infrastructure 1
1
cards
Ports and Protocols
What is a port 1,
What is an inbound port 2,
What is an outbound port 3
7
cards
Firewalls
What is a firewall 1,
What is a screened subnet dual ho...,
What are packet filtering firewal...
14
cards
Configuring Firewalls
What is a access control list acl 1,
What is a hardware based firewall 2,
How is a hardware based firewall ...
5
cards
IDS and IPS
What are intrusion detection syst...,
What does the network based ids n...,
What does the host based ids hids...
9
cards
Network Appliances
What is a network appliance 1,
What is a load balancer 2,
What is a porxy server 3
5
cards
Port Security
What is port security 1,
What is the content addressable m...,
What is the 8021x protocol 3
9
cards
Securing Network Communications
What is a virtual private network...,
What is a site to site vpn 2,
What is a client to site vpn 3
16
cards
Infrastructure Considerations
What is a security zone 1,
What is a screened subnet 2,
What is an attack surface of a ne...
9
cards
Selecting Infrastructure Controls
What is control 1,
What is least privilege 2,
What is defense in depth 3
6
cards
IDENTIFY AND ACCESS MANAGEMENT (IAM) SOLUTIONS
What is an identity and access ma...
1
cards
Identity and Access Management (IAM)
What does identification do 1,
What does authentication do 2,
What does authorization do 3
9
cards
Multi-factor Authentication
What is multi factor authenticati...,
What are passkeys passwordless au...
2
cards
Password Security
What is password security 1,
What are password managers 2,
What is a hardware token 3
4
cards
Password Attacks
What are password attacks 1,
What is a brute force attack 2,
What is a dictionary attack 3
5
cards
Single Sign-On (SSO)
What is a single sign on sso 1,
What is lightweight directory acc...,
What is oauth open authorization 3
4
cards
Federation
What is a federation 1
1
cards
Privileged Access Management (PAM)
What is privileged access managem...,
What are just in time permissions...,
What is password vaulting 3
4
cards
Access Control Models
What is a mandatory access contro...,
What is a discretionary access co...,
What is a role based access contr...
7
cards
Assigning Permissions
What is a user account control uac 1
1
cards
VULNERABILITIES AND ATTACKS
What are vulnerabilities 1,
What are attacks 2
2
cards
Hardware Vulnerabilities
What are hardware vulnerabilities 1,
What are firmware vulnerabilities 2,
What are end of life systems 3
13
cards
Bluetooth Vulnerabilities and Attacks
What is bluetooth 1,
What is insecure pairing 2,
What is device spoofing 3
9
cards
Mobile Vulnerabilities and Attacks
What is sideloading 1,
What is jailbreaking rooting 2,
What is a mobile device managemen...
5
cards
Zero-day Vulnerabilities
What is a zero day vulnerability 1,
What are zero day exploits 2,
What is a zero day 3
3
cards
Operating System Vulnerabilities
What are unpatched systems 1,
What are zero day vulnerabilities 2,
What are misconfigurations 3
5
cards
SQL and XML Injections
What is an injection attack 1,
What is a code injection 2,
What is an xml bomb billion laugh...
4
cards
XSS and XSRF
What is a cross site scripting xss 1,
What is a non persistent xss 2,
What is a persistent xss 3
10
cards
Buffer Overflow
What is a buffer overflow attack 1,
What are buffers 2,
What is a stack 3
5
cards
Race Conditions
What are race conditions 1,
How do race conditions work 2,
What is dereferencing 3
8
cards
MALICIOUS ACTIVITY
Blank 1
1
cards
Distributed Denial of Service
What is a denial of service dos 1,
What is a flood attack 2,
What is a ping flood 3
8
cards
Domain Name System (DNS) Attacks
What is a domain name system dns 1,
What is a dns cashe poisoning dns...,
What are dns amplification attacks 3
6
cards
Directory Traversal Attack
What is an injection attack 1,
What is a directory traversal att...,
What is a file inclusion 3
5
cards
Execution and Escalation Attacks
What is an arbitrary code executi...,
What is a remote code execution 2,
What is a privilege escalation 3
10
cards
Replay Attacks
What are replay attacks 1,
What is a session hijack 2,
What is a replay hijack 3
4
cards
Session Hijacking
What is a session management 1,
What are cookies 2,
What are session cookies 3
7
cards
On-path Attacks
What is an on path attack 1,
What is arp poisoning 2,
What is dns poisoning 3
9
cards
Injection Attacks
What is a lightweight directory a...,
What is an ldap injection 2,
What is a command injection 3
4
cards
Indicators of Compromise (IoC)
What are indicators of compromise...,
What is an account lockout 2,
What is a concurrent session usage 3
10
cards
HARDENING
What is hardening 1
1
cards
Restricting Applications
What is least functionality 1,
What is a secure baseline image 2,
What is allowlisting 3
4
cards
Trusted Operating Systems
What is a trusted operating syste...,
What is an evaluation assurance l...,
What is a mandatory access control 3
5
cards
Updates and Patches
What is a manual patch management 1,
What is an automated patch mangem...,
What is hotfix 3
5
cards
Patch Management
What is patch management 1,
What occurs in planning 2,
What occurs in testing 3
5
cards
Group Policies
What are group policies 1,
What is a security template 2,
What is a baselining 3
3
cards
SELinux
What is selinux security enhanced...,
What is a mandatory access contro...,
What is a context based permission 3
15
cards
Data Encryption Levels
What is data encryption 1,
What is a full disk 2,
What is a partition 3
7
cards
Secure Baselines
What is a secure baseline 1
1
cards
SECURITY TECHNIQUES
Blank 1
1
cards
Wireless Infrastructure
What does wireless infrastructure...,
What is an extended service set e...,
What are site surveys 3
4
cards
Wireless Security Settings
What is the wired equivalent priv...,
What is the wi fi protected acces...,
What is the wi fi protected acces...
10
cards
Application Security
What is application security 1,
What is input validation 2,
What are cookies 3
10
cards
Network Access Control (NAC)
What is network access control nac 1,
What are persistent agents 2,
What are non persistent agents 3
3
cards
Web and DNS Filtering
What is web filtering 1,
What is agent based web filtering 2,
What is a centralized proxy 3
8
cards
Email Security
What is dkim domain keys identifi...,
What is an spf sender policy fram...,
What is a domain based message au...
8
cards
Endpoint Detection and Response
What is endpoint detection and re...,
What is file integrity monitoring...,
What is an extended detection and...
3
cards
User Behavior Analytics
What is user behavior analytics u...,
What is user and entity behavior ...
2
cards
Selecting Secure Protocols
What is a protocol 1,
What is a telnet 2,
What is a port 3
5
cards
VULNERABILITY MANAGEMENT
What is vulnerability management 1
1
cards
Identifying Vulnerabilities
What occurs when identifying vuln...,
What occurs during vulnerability ...,
What occurs in application securi...
8
cards
Threat Intellegence Feeds
What is threat intelligence 1,
What do threat intelligence feeds...,
What is open source intelligence ...
4
cards
Responsible Disclosure Programs
What is responsible disclosure 1,
What are bug bounty programs 2
2
cards
Analyzing Vulnerabilities
What is vulnerability confirmation 1,
What is true positive 2,
What is false positive 3
9
cards
Vulnerability Response and Remediation
What is a vulnerability response ...,
What is patching 2,
What is an insurance policy 3
7
cards
Validating Vulnerability Remediation
What happens in remediation 1
1
cards
Vulnerability Reporting
What is vulnerability reporting 1,
What is internal reporting 2,
What is external reporting 3
4
cards
ALERTING AND MONITORING
Why is alerting and monitoring im...,
What does alerting do 2,
What does monitoring do 3
3
cards
Monitoring Resources
What is application monitoring 1,
What is infrastructure monitoring 2
2
cards
Alerting and Monitoring Activities
What is log aggregation 1,
What does scanning do 2,
What does reporting do 3
8
cards
Simple Network Management Protocol (SNMP)
What is simple network management...,
What is an snmp manager 2,
What are snmp agents 3
5
cards
Security Information and Event Management (SIEM)
What does siem do 1,
What is an agent based siem 2,
What is an agentless siem 3
3
cards
Data from Security Tools
What are data loss prevention dlp...,
What are network intrusion detect...,
What are network intrusion preven...
4
cards
Security Content Automation Protocol (SCAP)
What is a security content automa...,
What is open vulnerability and as...,
What is extensible configuration ...
8
cards
Network and Flow Analysis
What is a fullpacket capture fpc 1,
What is flow analysis 2,
What is a flow collector 3
6
cards
Single Pane of Glass
What is a single pane of glass sp...,
What happens when defining the re...,
What occurs when identifying and ...
5
cards
INCIDENT RESPONSE
What is incident response 1
1
cards
Incident Response Process
What is an incident 1,
What is the 1st step of incident ...,
What is the 2nd step of incident ...
10
cards
Threat Hunting
What is threat hunting 1,
What occurs in the 1st step of th...,
What occurs in the 2nd step of th...
3
cards
Root Cause Analysis
What is a root cause analysis rca 1,
What is the 1st step in rca 2,
What is the 2nd step in rca 3
6
cards
Incident Response Training and Testing
What does training involve 1,
What does testing involve 2,
What is a tabletop exercise ttx 3
5
cards
Digital Forensic Procedure
What are digital forensics 1,
What does the 1st phase of digita...,
What does the 2nd phase of digita...
11
cards
Data Collection Procedures
What is data acquisition 1
1
cards
INVESTIGATING AN INCIDENT
0
cards
Investigative Data
What does siem security informati...,
What do log files do 2,
What is syslog rsyslog syslog ng 3
9
cards
Dashboards
What are dashboards 1,
What is a single pane of glass 2,
What is splunk 3
3
cards
Automated Reports
What are automated reports 1,
What does incident analysis do 2,
What does security recommendation...
4
cards
Vulnerability Scans
What is a vulnerability scan repo...,
What are false positives 2
2
cards
Packet Captures
What does a packet capture do 1
1
cards
Metadata
What is metadata 1,
What is md5 sha256 checksum 2
2
cards
AUTOMATION AND ORCHESTRATION
What is automation 1,
What is orchestration 2,
What is the security orchestratio...
5
cards
When to Automate and Orchestrate
What are single points of failure 1,
What is technical debt 2
2
cards
Automating Support Tickets
What is ticket creation 1,
Blank 2
2
cards
More about
CompTIA Security+
- Class purpose General learning
Learn faster with Brainscape on your web, iPhone, or Android device. Study Luis Lopez's CompTIA Security+ flashcards now!
How studying works.
Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.
Add your own flashcards.
Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!
What's Brainscape anyway?
Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.
We use an adaptive study algorithm that is proven to help you learn faster and remember longer....
Looking for something else?
CompTIA Security +
- 43 decks
- 2139 flashcards
- 130 learners
Decks:
Fundamentals Of Security, Threat Actors, Physical Security, And more!
CompTIA A+
- 28 decks
- 3865 flashcards
- 794 learners
Decks:
Chapter 1 Mobile Devices Mc, Chapter 1 Mobile Devices, Chapter 1 Mobile Devices Key Terms, And more!
Security+ UDemy
- 34 decks
- 1562 flashcards
- 17 learners
Decks:
Section 1, Section 2, Section 3, And more!
