SY0-701 Flashcards

All 49 terms

CIA triad

Confidentiality, Integrity and Availability - the three core goals of security.

Non-repudiation

Assurance that someone cannot deny an action, usually via digital signatures.

AAA

Authentication (who you are), Authorization (what you can do), Accounting (what you did).

Zero trust

A model that never trusts by default and verifies every request, assuming breach.

Least privilege

Giving users and systems only the access they strictly need.

Defense in depth

Layering multiple controls so no single failure is catastrophic.

Symmetric encryption

Encryption using one shared key; fast and used for bulk data.

Asymmetric encryption

Encryption using a public/private key pair; used for key exchange and signatures.

Hashing

A one-way function producing a fixed-length value; used for integrity and password storage.

Salt

Random data added before hashing so identical inputs hash differently.

Digital signature

A hash encrypted with a private key, proving integrity and origin.

PKI

Public Key Infrastructure: certificates and authorities that bind identities to keys.

Certificate Authority (CA)

A trusted entity that issues and signs digital certificates.

MFA

Multi-Factor Authentication: proving identity with two or more different factors.

SSO

Single Sign-On: one authentication grants access to multiple systems.

SIEM

A system that collects and analyses security logs and alerts.

EDR

Endpoint Detection and Response: monitors endpoints for threats.

DLP

Data Loss Prevention: controls that stop sensitive data leaving the organisation.

IDS / IPS

Systems that detect (IDS) or detect and block (IPS) malicious traffic.

Phishing

A social-engineering attack using fake messages to steal data or credentials.

Ransomware

Malware that encrypts data and demands payment for its release.

On-path attack

Intercepting communication between two parties (formerly "man-in-the-middle").

Vulnerability

A weakness that could be exploited by a threat.

Threat

A potential cause of an unwanted incident.

Risk

The likelihood and impact of a threat exploiting a vulnerability.

Hardening

Reducing a system's attack surface by removing or securing unnecessary features.

Honeypot

A decoy system designed to attract and study attackers.

RTO / RPO

How quickly you must recover (RTO) and how much data loss is acceptable (RPO).

Spear phishing / whaling

Targeted phishing; whaling specifically targets senior executives.

Zero-day

A vulnerability exploited before a patch is available.

SOAR

Security Orchestration, Automation and Response - automates incident handling.

WAF

Web Application Firewall - filters and blocks malicious web traffic.

TLS

Transport Layer Security - encrypts data in transit (the S in HTTPS).

VPN

Virtual Private Network - an encrypted tunnel over an untrusted network.

CVE / CVSS

A catalogued vulnerability identifier and its severity score (0-10).

Social engineering

Manipulating people to bypass security controls.

Privilege escalation

Gaining higher access than was granted.

Lateral movement

Moving between systems after an initial compromise.

Patch management

Tracking, testing and applying software updates.

Threat actor types

Nation-state, organised crime, hacktivist, insider and script kiddie.

SQL injection / XSS

Injecting database commands, or malicious scripts, through input fields.

Brute force

Trying many credentials until one succeeds.

Tabletop exercise

A discussion-based rehearsal of an incident-response plan.

Chain of custody

Documented handling of evidence to keep it admissible.

Sandboxing

Isolating code in a contained environment to observe it safely.

Air gap

Physically isolating a system from any network.

Backups (3-2-1)

Three copies, on two media, with one kept offsite.

Segmentation

Dividing a network so a breach cannot spread freely.

RADIUS / TACACS+

Protocols for centralised authentication and access control.