Comptia Sec+ 601 Exam Objectives

fraudulent attempt to obtain sensitive information or data, by disguising oneself as a trustworthy entity in an electronic communication.

When someone tries to trick you into giving them your private information via a text or SMS message.

Using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward

irrelevant or unsolicited messages sent to a large number of Internet users, for illegitimate advertising, and other activities such as phishing, and spreading malware

Spam delivered through instant messaging (IM) instead of through e-mail messaging

the act of sending emails to specific and well-researched targets while pretending to be a trusted sender

exploration of a system's trash bin for the purpose of finding details in order for a hacker to have a successful online assault.

When someone watches over your shoulder to nab valuable information as you key it into an electronic device.

cyberattack intended to redirect a website's traffic to another, fake site.

Social engineering attempt by cyber threat actors in which they trick employees into helping them gain unauthorized access into the company premises.

Procedures or techniques involving interacting with and communicating with others that is designed to gather knowledge or inform

Spear phishing that focuses on one specific high level executive or influencer

Prepend is a word that means to attach content as a prefix. For example, a prepend command could be used in a scripting language that a programmer would enter into a certain function or code module. It would add certain characters of text to the beginning of some variable or object.

identity fraud is the use of stolen information such as making fake ID's and fake bank accounts

using fraudulent invoices to steal from a company

the use of MITM attacks, DNS poisoning, phishing, etc. to amass large numbers of credentials (username / password combinations) for reuse.

- Information gathering about a target network

Cyber hoax scams are attacks that exploit unsuspecting users to provide valuable information, such as login credentials or money.

typically involves an email that seems to come from a trusted source.

security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit. The goal is to infect a targeted user's computer and gain access to the network at the target's place of employment.

type of cybersquatting used by imposters that involve registering domains with intentionally misspelled names of popular web addresses to install malware on the user's system

the practice of presenting oneself as someone else in order to obtain private information.

- Combining conventional warfare with cyberwarfare

Planned, coordinated marketing efforts using one or more social media platforms.

Authority: an attacker may try to appear to have a certain level authority. Intimidation: may try to make the victim think that something terrible is going to happen if they don't comply with the attacker's wishes. Consensus: An attacker may try to sway the mind of a victim using names they are familiar with, saying that such ones provided them information (they are fishing for) in the past and you should be able to do the same. Scarcity: An attacker may try to set a time limit on a victim so that they can comply with their wishes by a certain deadline. Familiarity: they make you familiar with them on the phone and make you want to do things for them. Trust: The attacker in this case can claim to be a friend or close associate of someone you may know very well and that's trusted. Urgency: When attackers want you to act and not think, they want you to do what they want as quickly as possible so that there's no time to spot all the red flags.

a program or file designed to be disruptive, invasive and harmful to your computer.

Software that encrypts programs and data until a ransom is paid to remove it.

Independent computer programs that copy themselves from one computer to other computers over a network

program that installs itself on a computer, typically without the user's informed consent

Software that uses legitimate programs to infect a computer. It does not rely on files and leaves no footprint, making it challenging to detect and remove.

A computer controlled by an attacker or cybercriminal which is used to send commands to systems compromised by malware and receive stolen data from a target network

self-propagating malware that infects its host and connects back to a central server(s).

Malware to remain in place for as long as possible, quietly mining in the background.

A computer program or part of a program that lies dormant until it is triggered by a specific logical event.

Type of malware that infects your PC or mobile device and gathers information about you, including the sites you visit, the things you download, your usernames and passwords, payment information, and the emails you send and receive.

software that tracks or logs the keys struck on your keyboard, typically in a covert manner so that you don't know that your actions are being monitored.

type of malware that allows covert surveillance, a backdoor for administrative control and unfettered and unauthorized remote access to a victim's machine.

software program, typically malicious, that provides privileged, root-level (i.e., administrative) access to a computer while concealing its presence on that machine

refers to any method by which authorized and unauthorized users are able to get around normal security measures and gain high level user access (aka root access) on a computer system, network, or software application.

Any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately.

An attack method that takes all the words from a dictionary file and attempts to log on by entering each dictionary entry as a password.

an attempt to guess a password by attempting every possible combination of characters and numbers in it

an attack on a password that uses a large pregenerated data set of hashes from nearly every possible password

1. Tainted training for machine learning (ML) 2. Security of machine learning algorithms

1. Birthday: 2. Collision: 3. Downgrade:

1. Server-side 2. Cross-site

Some users with Bluetooth-enabled mobiles use this technology to send anonymous text messages to strangers.

A set of standards primarily for smartphones and smart cards that can be used to establish communication between devices in close proximity.

A 24-bit value used in WEP that changes each time a packet is encrypted.

A hierarchical system for naming resources on the Internet.

Technique used by criminals to alter DNS records and drive users to fake sites, to committing phishing.

An attack that uses many computers to perform a DoS attack.

programming language you can use to create macros

a sophisticated, possibly long-running computer hack that is perpetrated by large, well-funded organizations such as governments

Current or former employee, contractor or other partner that has or had authorized access and intentionally misused that access

A protester seeking to make a political point by leveraging technology tools, often through system infiltration, defacement, or damage.

Individuals who want to break into computers to create damage, yet lack the advanced knowledge of computers and networks needed to do so.

APTs, and nation states have a penchant for long-term attacks, which requires this which only major organizations or government can manage over time.

This can be simple or multifold in nature. A script kiddie is just trying to make a technique work. A more skilled threat actor is usually pursuing a specific objective, such as trying to make a point as a hacktivist. At the top of the intent pyramid is the APT threat actor, whose intent or motivation is at least threefold.

Information from media (newspapers, television), public government reports, professional and academic publications, and other openly available.

- unusual outbound traffic - anomalies in privileged account - geographic irregularities - login failures - swells in database read volume - large html responses - many requests for one file - mismatched port-applications - suspicious registry changes - spikes in dns requests from one host

system that enables the sharing of attack indicators between the US government and the private sector as soon as the treat is verified

the use of data warehouses and complex algorithms to forecast future events, based on historical trends and calculated probabilities

A document published by the IETF that details information about standardized Internet protocols and those in various development stages.

1. System integration 2. Lack of vendor support

Firmware: Operating system: Applications:

Technology used to scan applications for potential vulnerabilities and weaknesses.

The application of vulnerability scanning to network devices to search for vulnerabilities at the network level.

Red-Team: Blue-Team: White-Team: Purple-Team:

using a central control program separate from network devices to manage the flow of data on a network

Commission/Decommission of assets from the time it is installed, until the time it is decommissioned and disposed.

Techniques used while coding to provide as much security as possible.

An open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted.

Using technology to automate IT processes.

Video cameras and receivers used for surveillance in areas that require security monitoring.

Guards: Robot sentries: Reception: Two-person integrity/control

Biometrics: Electronic: Physical: Cable Locks:

Burning: Shredding: Pulping: Pulverizing: Degaussing: Third-party solutions :

An algorithm that uses elliptic curves instead of prime numbers to compute keys.

Authenticated: Unauthenticated: Counter:

Stream: Block:

Audio: Video: Image:

Enables processing of encrypted data without the need to decrypt the data. It allows the cloud customer to upload data to a cloud service provider for processing without the requirement to decipher the data first.

Modern malware tries to hide itself. Encrypted data hides the active malware code. Decryption occurs during execution.

Password hashing. Protect the original password. Add salts to randomize the stored password hash.

Confirm the authenticity of data. Digital signature provides both integrity and non-repudiation.

Manuel code review:

Third-party updates: Auto-update:

Opal:

Forward: Reverse:

Port taps:

Cost: Need for segmentation: Open systems Interconnection (OSI) Layers

Privacy enhanced mail (PEM)

Online vs. offline CA: