Comptia security sy - Study guides, Class notes & Summaries

1. Wireless Network: Any type of computer network that is not connected by cables of any kind. 2. Evil Twin: A wireless network with the same name as another wireless access point. Users unknowingly connect; hackers monitor the traffic looking for useful information. 3. Rouge Access Point: Any unauthorized access point on a wireless network. 4. Bluesnarfing: The unauthorized access of information from a wireless device through a Bluetooth connection. 5. Bluejacking: An attack that sends unso...

1. social enginerring: Sometimes referred to as hacking people. The use of decep- tion to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. 2. Phishing: The fraudulent practice of sending emails purporting to be from rep- utable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. 3. Smishing: Phishing attacks committed using text messages (SMS). 4. Vishing: Phishi...

Penetration Testing (PenTest) - CORRECT ANS A live test of the effectiveness of security defenses through mimicking the actions of real-life attackers. White Box Testing - CORRECT ANS Testing based on an analysis of the internal structure of the component or system. Black Box Testing - CORRECT ANS Testing, either functional or non-functional, without reference to the internal structure of the component or system. Gray Box Testing - CORRECT ANS Security testing that...

Malware - CORRECT ANS Malicious software Ransomeware - CORRECT ANS A type of malicious software designed to block access to a computer system until a sum of money is paid. Trojan - CORRECT ANS A program disguised as a harmless application that actually produces harmful results. Worm - CORRECT ANS Software program capable of reproducing itself that can spread from one computer to the next over a network. PUPs (Potentially Unwanted Programs) - CORRECT ANS Sof...

Privilege Escalation - CORRECT ANS An attack that exploits a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. Cross-Site Scripting (XSS) - CORRECT ANS An attack that injects scripts into a Web application server to direct attacks at clients. SQL Injection - CORRECT ANS A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the secur...

COMPTIA SECURITY+ SY0-601 - 1.6 NYBERG (SECURITY CONCERNS) QUESTIONS WITH COMPLETE ANSWERS GRADED A+ Vulnerability - CORRECT ANS A flaw or weakness that allows a threat agent to bypass security. Zero-day attack - CORRECT ANS Attack that exploits previously unknown vulnerabilities, so victims have no time (zero days) to prepare for or defend against the attack. Weak configuration - CORRECT ANS Configuration options that provide limited security capability. Open perm...

CompTIA Security+ SY0-601 - 1.4 Nyberg Questions And Answers CompTIA Security+ SY0-601 - 1.4 Nyberg Questions And Answers CompTIA Security+ SY0-601 - 1.4 Nyberg Questions And Answers

Malware - Malicious software Ransomeware - A type of malicious software designed to block access to a computer system until a sum of money is paid. Trojan - A program disguised as a harmless application that actually produces harmful results. Worm - Software program capable of reproducing itself that can spread from one computer to the next over a network. PUPs (Potentially Unwanted Programs) - Software commonly installed during the process of installing desired software. While not inhere...

Change Management - CompTIA Security+ SY0-701 - 1.3.1 Question and answers latest update

Privilege Escalation - An attack that exploits a vulnerability in software to gain access to resources that the user normally would be restricted from accessing. Cross-Site Scripting (XSS) - An attack that injects scripts into a Web application server to direct attacks at clients. SQL Injection - A type of malformed input that takes advantage of an appropriate true conditional logic statement adding a request for data that is against the security policy. DLL (Dynamic Link Library) - A comp...