Public Deck

CompTIA Security+ - 60 Key Concepts

Pass Security+ SY0-701 with 60 flashcards covering threats, architecture, implementation, and security operations.

AnyFlashcards61 cards

Preview

Front

An attacker sends an email that appears to be from a legitimate bank, asking the user to click a link to verify their account. What is this called?

Back

Phishing A form of social engineering used to steal credentials or sensitive information.

Front

Malware that encrypts a user's files and demands payment in exchange for the decryption key.

Back

Ransomware Often spreads through phishing or drive-by downloads.

Front

An exploit that targets a software vulnerability before the vendor has released a patch.

Back

Zero-day Highly dangerous because no defense exists at the time of the attack.

Front

An attacker enters ' OR 1=1 -- into a web form to bypass authentication. What is this attack?

Back

SQL Injection (SQLi) Targets backend databases by manipulating input fields.

Front

An attack where malicious scripts are injected into trusted websites and executed in the victim's browser.

Back

Cross-Site Scripting (XSS) Can be used to steal session cookies or redirect users.

Front

An attacker positions themselves between two communicating parties to intercept or alter traffic.

Back

Man-in-the-Middle (MitM) Commonly executed via ARP poisoning or rogue Wi-Fi hotspots.

Front

An unauthorized person follows an employee through a secure door without scanning their own badge.

Back

Tailgating A physical social engineering attack that bypasses access controls.

Front

An attack that attempts every possible combination of characters to crack a password.

Back

Brute Force Attack Mitigated by account lockout policies and complex passwords.

Front

An attack that uses a botnet to overwhelm a server with traffic, making it unavailable to legitimate users.

Back

Distributed Denial of Service (DDoS) Focuses on exhausting bandwidth or system resources.

Front

A disgruntled employee intentionally deletes critical company data before quitting.

Back

Insider Threat Threats originating from within the organization, whether malicious or accidental.

+ 51 more cards

Related Flashcard Decks

Ready to study?

Sign up for free to copy this deck and start learning with spaced repetition.

Get started for free