CompTIA Security+ Study Notes
Botnet
A collection of compromised computers under the control of a master node
Spam
Abuse of electronic messaging systems
Unauthorized Access
Access to computer resources and data without the consent of the owner
Information Security
Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction
Information Systems Security
Act of protecting the systems that hold and process critical data
Spam
Activity that abuses electronic messaging systems, most commonly through email
Worm
Acts like a virus but can self-replicate
Physical Controls
Alarm systems, locks, surveillance cameras, identification cards, and security guards
Trojan
Appears to do a desired function but also does something malicious
Updates and Patches
Applying software updates and patches to keep systems secure
Bluetooth Attacks
Attacks that exploit vulnerabilities in Bluetooth technology
Physical Tampering
Attempting to gain physical access to a network device
Cryptography and PKI
Category of security domains (12%)
Risk Management
Category of security domains (14%)
Architecture and Design
Category of security domains (15%)
Identity and Access Management
Category of security domains (16%)
Threats, Attacks, and Vulnerabilities
Category of security domains (21%)
Technologies and Tools
Category of security domains (22%)
Backdoors
Code placed in computer programs to bypass normal authentication and other security mechanisms
Virus
Code that infects a computer when a file is opened or executed
Threats to VMs
Common threats to virtual machines
System Failure
Computer crashes or an individual application fails
Hardening
Configuring an operating system securely by updating it, creating rules and policies, and removing unnecessary applications and services
Bring Your Own Device
Considerations and security measures for BYOD policies
Virtualization
Creating virtual resources and securing virtual machines
Network Zones
Designating specific areas of a network for different purposes
Network Design
Designing secure network architectures
Unnecessary Services
Disabling unneeded services in the operating system
Authentication
Establishing a person's identity with proof and confirmation by a system
Privilege Escalation
Exploiting a design flaw or bug in a system to gain access to resources that a normal user isn't able to access
Rootkit
Gains administrative control of your system by targeting boot loader or kernel
Authorization
Granting a user access to a certain piece of data or certain areas of a building
Hacktivists
Hackers who are driven by a cause like social change, political agendas, or terrorism
Organized Crime
Hackers who are part of a crime group that is well-funded and highly sophisticated
Blue Hats
Hackers who attempt to hack into a network with permission of the company but are not employed by the company
Elite
Hackers who find and exploit vulnerabilities before anyone else does
Script Kiddies
Hackers with little to no skill who only use the tools and exploits written by others
Gray Hats
Hackers without any affiliation to a company who attempt to break into a company's network but risk the law by doing so
Advanced Persistent Threats
Highly trained and funded groups of hackers (often by nation states) with covert and open-source intelligence at their disposal
Symptoms of Infection
Indications that a computer might be infected with malware
Confidentiality
Information has not been disclosed to unauthorized people
Integrity
Information has not been modified or altered without proper authorization
Availability
Information is able to be stored, accessed, or protected at all times
Application Layer
Layer from which the message is created, formed, and originated
Data Link Layer
Layer that describes how a connection is established, maintained, and transferred over the physical layer
Transport Layer
Layer that manages and ensures transmission of packets from a host to a destination
Session Layer
Layer that manages the establishment, termination, and synchronization of a session over the network
Physical Layer
Layer that represents the actual network cables and radio waves used to carry data
Presentation Layer
Layer that translates information into a format that the sender and receiver both understand
Network Layer
Layer that uses logical addressing to route or switch information between hosts, the network, and the internetworks
Logic Bombs
Malicious code that has been inserted inside a program and will execute only when certain conditions have been met
Viruses
Malicious code that runs on a machine without the user's knowledge and infects the computer when executed
Black Hats
Malicious hackers who break into computer systems and networks without authorization or permission
Trojan horses
Malicious software that is disguised as a piece of harmless or desirable software
Worms
Malicious software, like a virus, but is able to replicate itself without user interaction
Malware infections
Malware infections usually start within software, messaging, and media
Ransomware
Malware that restricts access to a victim's computer system until a ransom is received
Spyware
Malware that secretly gathers information about the user without their consent
Social Engineering
Manipulating users into revealing confidential information or performing detrimental actions
MAC Spoofing
Masking the attacker's MAC address to pretend to have the MAC address of another device
Mobile Malware
Measures to prevent and protect against mobile malware
Preventing Malware
Measures to prevent malware infections
Mobile Device Theft
Measures to protect against mobile device theft
Network Security
Measures to secure a network
Security of Apps
Measures to secure mobile applications
Securing Wireless Devices
Measures to secure wireless devices and networks
Threat Vector
Method used by an attacker to access a victim's machine
Attack Vector
Method used by an attacker to gain access to a victim's machine in order to infect it with malware
SIM Cloning & ID Theft
Methods used to clone SIM cards and steal identities
Minimum to Pass
Minimum score required to pass the exam
OSI Model
Model used to explain network communications between a host and remote device
User training
Most cost-effective security control
Switches
Network devices that connect devices within a network
Routers
Network devices that connect multiple networks to form an internetwork
White Hats
Non-malicious hackers who attempt to break into a company's systems at their request
Trusted Operating Systems
Operating systems that meet government requirements and have multilevel security
MAC Flooding
Overwhelming the limited switch memory with MAC addresses to cause the switch to fail-open
Active Interception
Placement of a computer between the sender and receiver to capture or modify the traffic between them
Administrative Controls
Policies, procedures, security awareness training, contingency planning, and disaster recovery plans
Secure Software Development
Principles and methods for secure software development
Patch Management
Process of planning, testing, implementing, and auditing software patches
Non-repudiation
Proof that someone has taken an action
Unnecessary Applications
Removing unnecessary programs from computers
File Systems and Hard Drives
Securing file systems and hard drives
Mobile Device Security
Security measures for mobile devices
Securing VMs
Security measures for virtual machines
Web Browser Security
Security measures for web browsers
Group Policies
Set of rules or policies that can be applied to a set of users or computer accounts within the operating system
Malware
Short-hand term for malicious software
Technical Controls
Smart cards, encryption, access control lists (ACLs), intrusion detection systems, and network authentication
Rootkits
Software designed to gain administrative level control over a system without detection
Malware
Software designed to infiltrate a computer system and possibly damage it without the user's knowledge or consent
Hypervisors
Software or hardware that manages the distribution of physical resources to virtual machines
Spyware
Software that collects your information without your consent
Removing Malware
Steps to identify and remove malware from an infected system
Hardening Mobile Devices
Steps to secure mobile devices
Ransomware
Takes control of your computer or data unless you pay
90 minutes
Time given to answer up to 90 questions
Accounting
Tracking of data, computer usage, and network resources
Restricting Applications
Whitelisting and blacklisting applications to control their execution
