This class was created by Brainscape user Blistery Grub. Visit their profile to learn more about the creator.
By:
Blistery Grub
- decks
- flashcards
- learners
Decks in this class (67)
Security Controls 1.1
What are the 4 types of security ...,
Technical controls,
Managerial controls
11
cards
The CIA Triad 1.2
What does cia stand for,
Confidentiality,
Integrity
4
cards
Non-Repudiation 1.2
Non repudiation is akin to what,
Proof of integrity,
What is a hash and what is it use...
8
cards
Authentication, Authorization, and Accounting 1.2
Is the act of proving who you are...,
Is based on your identification a...,
Is keeping track of resources lik...
6
cards
Gap Analysis 1.2
Is the process of seeing how your...
1
cards
Zero Trust 1.2
Is the approach to security where...,
Zero trust is implemented by usin...,
Separates the network into differ...
19
cards
Deception and Disruption 1.2
A attracts attackers and allows y...,
A combines multiple honey pots to...,
A is a file with fake information...
4
cards
Change Management 1.3
Is the formal process of making a...,
Is used to determine the risk of ...,
A environment can be used to test...
4
cards
Technical Change Management 1.3
The change management team is in ...,
A technician might be asked to ma...,
In an allow list everything is un...
10
cards
Public Key Infrastructure (PKI) 1.4
Refers to the processes and proce...,
In encryption the same key used t...,
In encryption two different keys ...
6
cards
Encrypting Data 1.4
Means data that is currently bein...,
Encryption encrypts the whole sto...,
And encryption encrypts a large p...
7
cards
Key Exchange 1.4
Allows you to share an encryption...,
Sends the key over the internet u...
2
cards
Encryption Technologies 1.4
Tpm,
Hsm,
A stores all of your organization...
4
cards
Obfuscation
Is the process of making somethin...,
Is a steganographic process where...,
Is the process of hiding some of ...
3
cards
Hashing and Digital Signatures 1.4
A represents data as a short stri...,
A occurs when two hashes are the ...,
Adding to a hash is when you add ...
3
cards
Blockchain Technology 1.4
A is commonly referred to as a di...
1
cards
Certificates 1.4
A binds a public key with a digit...,
Is the standard format for a digi...,
The is an inherently trusted comp...
8
cards
Threat Actors 2.1
A is the entity responsible for a...,
An threat actor comes from inside...,
An threat actor comes from outsid...
11
cards
Threat Vectors 2.2
A is the method used by an attack...,
A vector involves the use of emai...,
An uses an image to initiate an a...
13
cards
Phishing 2.2
Tricks users into giving informat...,
When an attacker modifies the url...,
When an attacker is straight up l...
5
cards
Impersonation 2.2
The trap before the attack is cal...,
In simple terms is someone preten...,
To protect yourself from imperson...
3
cards
Watering Hole Attack 2.2
A involves the attacker infecting...
1
cards
Other Social Engineering Attacks 2.2
Is used to create confusion or ch...,
Is when an attacker impersonates ...
2
cards
Memory Injections 2.3
Is a type of attack where malicio...,
Can occur when the injected malwa...,
One of the most common forms of m...
3
cards
Buffer Overflows 2.3
A occurs when an attacker writes ...
1
cards
Race Conditions
A attack is when
1
cards
Malicious Updates
0
cards
Operating System Vulnerabilities 2.3
For windows os updates are releas...,
Before applying any updates or pa...
2
cards
SQL Injection 2.3
A attack is when an attacker puts...,
Is when the code that queries a d...
2
cards
Cross-Site Scripting 2.3
Otherwise known as xss occurs whe...,
A xss attack allows scripts to be...,
A attack involves the attacker po...
4
cards
Hardware Vulnerabilities 2.3
Devices typically do not have an ...,
The software inside of hardware t...,
The only entity that can update f...
7
cards
Virtualization Vulnerabilities 2.3
A attack occurs when an attacker ...,
A hypervisor will share resources...
2
cards
Cloud Specific Vulnerabilities 2.3
An attacker might try to disable ...,
Remote code execution,
Authentication bypass
4
cards
Supply Chain Vulnerabilities 2.3
In a supply chain attack are targ...,
Example of a supply chain attack ...
2
cards
Misconfiguration Vulnerabilities 2.3
A very common misconfiguration so...,
Allows an attacker to have full c...,
Best practice involves direct acc...
7
cards
Mobile Device Vulnerabilities 2.3
Installing custom firmware on an ...,
Installing apps outside the scope...
2
cards
Zero Day Vulnerabilities 2.3
A has no immediate fix as it s an...
1
cards
An Overview of Malware 2.4
Is software that does bad things ...,
In a attack your data is encrypte...,
To protect yourself against ranso...
3
cards
Viruses & Worms 2.4
A is a type of malware that can r...,
A virus that is part of an applic...,
A virus that is automatically run...
7
cards
Spyware & Bloatware 2.4
Malware that spies on you are called,
Are apps that come preinstalled o...
2
cards
Other Malware Types 2.4
Track all of your key strokes tha...,
A malware waits for a predefined ...,
Logic bombs are difficult to reco...
4
cards
Physical Attacks 2.4
Not to be confused with cracking ...,
Uses a duplicator to make a copy ...,
Include knocking out the power or...
3
cards
Denial of Service 2.4
A attacks goal is to force a serv...,
Dosing is when a non malicious pe...,
A dos can be created by a layer 2...
7
cards
DNS Attacks 2.4
Modifying the records of a dns se...,
The which contains fqdns and ip a...,
An attacker that gains access to ...
4
cards
Wireless Attacks 2.4
In a attack management frames are...,
Starting with the wireless standa...,
A type of dos attack called a aff...
5
cards
On Path Attacks 2.4
In an attack an attacker sits in ...,
A type of on path attack has the ...,
In an attack malware on a victims...
7
cards
Application Attacks 2.4
One way to prevent privilege esca...
1
cards
Cryptographic Attacks 2.4
When a occurs a single hash is us...,
In a attack an attacker takes adv...,
In a attack the attacker forces d...
4
cards
Password Attacks 2.4
In a attack an attacker will try ...,
During a brute force attack
2
cards
Indicators of Compromise 2.4
An event that indicates an intrus...,
Ioc,
Ioc having two of the same user a...
10
cards
Segmentation and Access Control
The network either physically log...,
An allows or disallows traffic ba...,
In an list nothing is allowed to ...
4
cards
Mitigation Techniques 2.5
One way to mitigate attacks is to...,
One way to mitigate attacks is to...,
One form of encryption where ever...
7
cards
Hardening Techniques 2.5
To keep and os hardened all shoul...,
To harden user accounts you shoul...,
To protect your data as it travel...
9
cards
Cloud Infrastructures 3.1
A is used to determine the divisi...,
A type of cloud called a cloud ad...,
Applications servers and networks...
6
cards
Network Infrastructure Concepts 3.1
Refers two keeping two or more de...,
One way to logically create an ai...,
The three planes of software defi...
6
cards
Other Infrastructure Concepts 3.1
Allows you to customize your secu...,
Allows you to run many different ...,
Similar to virtualization allows ...
8
cards
Infrastructure Considerations 3.1
You want your data accessible at ...,
Refers to how fast you are able t...,
Describes the length of time that...
9
cards
Secure Infrastructures 3.2
Putting systems in specific place...,
To provide more granular security...,
The of your network is everything...
4
cards
Intrusion Prevention 3.2
An watches the network in real ti...,
If a ids ips is configured as the...,
If a ids ips is configured as the...
4
cards
Network Appliances
A is used to access secure networ...,
A sits between the users and the ...,
Explicit proxy vs transparent proxy
10
cards
Port Security 3.2
Is a framework for authentication...,
Prevents access to the network un...
2
cards
Firewall Types 3.2
Layer 4 vs layer 7 firewalls,
A type of firewall called a combi...,
Utms mainly operate at the layer ...
6
cards
Secure Communication 3.2
Often integrated into a ngfw a is...,
Clients often need specialized to...,
The tunnel between a remote user ...
5
cards
Data Types and Classifications 3.3
This data type is managed by a th...,
This data type involves an organi...,
This data type may be publicly vi...
15
cards
States of Data 3.3
Involves any data that is on a st...,
Data at rest should always be,
To further secure data at rest sh...
11
cards
Protecting Data (Methods) 3.3
One way to secure data is to have...,
Allows you to automatically allow...,
An integral part of protecting da...
10
cards
Resiliency 3.4
In a configuration everything is ...,
To improve resiliency you can use...,
Similar to server clustering dist...
7
cards
More about
Security+
- Class purpose General learning
Learn faster with Brainscape on your web, iPhone, or Android device. Study Blistery Grub's Security+ flashcards now!
How studying works.
Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.
Add your own flashcards.
Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!
What's Brainscape anyway?
Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.
We use an adaptive study algorithm that is proven to help you learn faster and remember longer....
Looking for something else?
Security+ Exam
- 34 decks
- 787 flashcards
- 4 learners
Decks:
Section 1 Overview To Security, Section 2 Malware, Section 3 Malware Infections, And more!
Security +
- 10 decks
- 250 flashcards
- 816 learners
Decks:
Practice Test 1, Practice Test 2, Practice Test 3, And more!
