CompTIA Security+ Cert Prep 1 part 2
(Answered) 100% Correct. Updated Fall
2024/2025.
hash function
a mathematical function that converts a variable length input into a fixed length output
brute force attack
try all possibilities
offline or online
only effective on short non-complex passwords
dictionary attacks
try all words in the english language
hybrid attacks
add variations to cracking passwords
use 0 instead of o
use @ instead of a
rainbow table attacks
pre compute hashes
password spraying
exploits common passwords
attacker takes a list of commonly used passwords and uses them to try to attack many different accounts
at the same time
credential stuffing
exploits reused passwords from weak sites to use on other accounts
multi factor authentication
prevents password spraying and credential stuffing attacks
machine learning
discover knowledge in data
analyze data to uncover trends, categorize records, and help run businesses more efficient
artificial intelligence
simulate human thought
, descriptive analytics
describe our data
ex. how many customers are female? Repeat customers?
predictive analytics
predict future event and behavior
prescriptive analytics
use simulation to optimize our behavior
adversarial AI
exploit AI techniques
breach confidentiality of machine learning algorithms
inject tainted data into training process
confidentiality (CIA Triad)
protects information and systems from unauthorized access
disclosure attacks
seek to undermine confidentiality
data breaches
violations of confidentiality
data exfiltration
removes sensitive data/information from an organizations control
integrity (CIA triad)
protects information and systems from unauthorized modification
alteration attacks
seek to undermine integrity
availability (CIA triad)
ensures that information and systems are available for authorized users when needed
denial attacks
seek to undermine availability
financial risk
monetary loss to an organization
reputational risk
(Answered) 100% Correct. Updated Fall
2024/2025.
hash function
a mathematical function that converts a variable length input into a fixed length output
brute force attack
try all possibilities
offline or online
only effective on short non-complex passwords
dictionary attacks
try all words in the english language
hybrid attacks
add variations to cracking passwords
use 0 instead of o
use @ instead of a
rainbow table attacks
pre compute hashes
password spraying
exploits common passwords
attacker takes a list of commonly used passwords and uses them to try to attack many different accounts
at the same time
credential stuffing
exploits reused passwords from weak sites to use on other accounts
multi factor authentication
prevents password spraying and credential stuffing attacks
machine learning
discover knowledge in data
analyze data to uncover trends, categorize records, and help run businesses more efficient
artificial intelligence
simulate human thought
, descriptive analytics
describe our data
ex. how many customers are female? Repeat customers?
predictive analytics
predict future event and behavior
prescriptive analytics
use simulation to optimize our behavior
adversarial AI
exploit AI techniques
breach confidentiality of machine learning algorithms
inject tainted data into training process
confidentiality (CIA Triad)
protects information and systems from unauthorized access
disclosure attacks
seek to undermine confidentiality
data breaches
violations of confidentiality
data exfiltration
removes sensitive data/information from an organizations control
integrity (CIA triad)
protects information and systems from unauthorized modification
alteration attacks
seek to undermine integrity
availability (CIA triad)
ensures that information and systems are available for authorized users when needed
denial attacks
seek to undermine availability
financial risk
monetary loss to an organization
reputational risk
