Flashcards · Cybersecurity
CS0-003 Flashcards
Free flashcards for CompTIA CySA+ (CS0-003): flip each card to reveal the definition. Built from the CompTIA CySA+ (CS0-003) glossary as a study aid, these are concept checks, not real exam questions.
1 / 21
Click the card (or press Space) to flip · use Prev/Next to move
All 21 terms
- SIEM
- A system that collects and correlates logs to detect and alert on threats.
- SOC
- Security Operations Centre - the team that monitors and responds.
- IoC
- Indicator of Compromise - evidence that a system was attacked.
- TTP
- Tactics, Techniques and Procedures used by an attacker.
- Threat intelligence
- Information about threats used to inform detection and defence.
- Baseline
- A profile of normal activity, used to detect anomalies.
- False positive
- An alert that turns out not to be a real threat.
- CVSS
- Common Vulnerability Scoring System, rating severity 0–10.
- CVE
- Common Vulnerabilities and Exposures - a catalogue of known flaws.
- Vulnerability scan
- An automated check for known weaknesses.
- Prioritisation
- Ranking vulnerabilities by real-world risk, not just score.
- Incident response
- The organised approach to handling a security incident.
- Containment
- Steps to stop an incident from spreading.
- Eradication
- Removing the cause of an incident.
- Chain of custody
- Documented, unbroken handling of evidence.
- MTTD
- Mean Time To Detect an incident.
- MTTR
- Mean Time To Respond to or repair an incident.
- SOAR
- Security Orchestration, Automation and Response.
- Playbook
- A predefined set of response steps for a scenario.
- EDR
- Endpoint Detection and Response tooling.
- Threat hunting
- Proactively searching for threats that evaded detection.