CompTIA Security+ (SY0-601) Flashcards
— Domain 1
Threats, Attacks, and Vulnerabilities
🧩 Section 1.1 – Social Engineering Techniques
Question Answer
What is phishing? Deceptive emails or messages crafted to trick users
into revealing sensitive information.
How is spear phishing different? It’s a targeted phishing attack customized to a specific
individual or organization.
What is vishing? Voice phishing — using phone calls or VoIP to trick
victims.
What is smishing? SMS or text-based phishing.
What is pretexting? Fabricating a believable scenario to trick someone
into disclosing information.
What is tailgating/piggybacking? Gaining unauthorized physical access by following
someone through a secure door.
What is shoulder surfing? Observing someone’s screen or keyboard to steal
information.
What is dumpster diving? Retrieving confidential data from discarded materials.
What is whaling? Phishing that targets high-profile executives (“big
fish”).
What are common social engineering Authority, Intimidation, Consensus, Scarcity, Urgency,
principles? Familiarity, Trust.
⚙️ Section 1.2 – Attack Indicators
Question Answer
,What is a DoS attack? Makes a resource unavailable by overwhelming it with
traffic or requests.
What is a DDoS attack? Uses multiple compromised systems (botnets) to
perform a DoS attack.
What is privilege escalation? Gaining higher-level permissions than intended (vertical
or horizontal).
Define credential harvesting. Collecting stolen usernames/passwords from systems or
dumps.
What is a replay attack? Capturing and reusing legitimate data packets to gain
unauthorized access.
What is session hijacking? Taking over a valid session to impersonate a user.
Define logic bombs. Code that executes malicious actions when specific
conditions are met.
What is an insider threat? An employee or trusted individual misusing access for
malicious intent.
What is a supply chain attack? Compromising a vendor or supplier to infiltrate the target
organization.
What is a man-in-the-middle Intercepting and altering communication between two
(on-path) attack? parties.
💻 Section 1.3 – Application and Network Attacks
Question Answer
What is an SQL injection? Inserting malicious SQL queries to manipulate a
database.
What is XSS (Cross-Site Injecting malicious code into a website viewed by other
Scripting)? users.
What is CSRF? Tricks a user’s browser into executing unwanted actions.
What is buffer overflow? Overloading memory to overwrite adjacent data.
Define race condition. Two operations execute out of sequence, causing a flaw.
What is privilege escalation? Exploiting flaws to increase access rights.
, What is ARP poisoning? Spoofing ARP messages to redirect traffic on a LAN.
What is DNS poisoning? Altering DNS records to redirect users to malicious sites.
What is MAC flooding? Overloading a switch to force broadcast mode (security
bypass).
What is a rogue access point? Unauthorized Wi-Fi device posing as a legitimate AP.
🕵️ Section 1.4 – Threat Actors & Intelligence
Question Answer
List types of threat actors. Script kiddies, Hacktivists, Organized crime, State actors,
Insiders.
What are APTs? Advanced Persistent Threats — long-term, state-sponsored
campaigns.
What is TTP? Tactics, Techniques, and Procedures — describes how
attackers operate.
What is OSINT? Open Source Intelligence — freely available data used for
analysis.
What are threat feeds? Continuous data sources on known indicators of compromise
(IoCs).
What is AIS? Automated Indicator Sharing — DHS program for exchanging
threat info.
What are STIX/TAXII? Structured formats/protocols for threat intelligence sharing.
What is a vulnerability Repository of known weaknesses (e.g., NVD, CVE).
database?
What is shadow IT? Unapproved use of systems or apps without organizational
consent.
🧱 Section 1.5 – Vulnerabilities & Assessments
Question Answer
What is a zero-day vulnerability? Exploit of an unknown or unpatched vulnerability.
— Domain 1
Threats, Attacks, and Vulnerabilities
🧩 Section 1.1 – Social Engineering Techniques
Question Answer
What is phishing? Deceptive emails or messages crafted to trick users
into revealing sensitive information.
How is spear phishing different? It’s a targeted phishing attack customized to a specific
individual or organization.
What is vishing? Voice phishing — using phone calls or VoIP to trick
victims.
What is smishing? SMS or text-based phishing.
What is pretexting? Fabricating a believable scenario to trick someone
into disclosing information.
What is tailgating/piggybacking? Gaining unauthorized physical access by following
someone through a secure door.
What is shoulder surfing? Observing someone’s screen or keyboard to steal
information.
What is dumpster diving? Retrieving confidential data from discarded materials.
What is whaling? Phishing that targets high-profile executives (“big
fish”).
What are common social engineering Authority, Intimidation, Consensus, Scarcity, Urgency,
principles? Familiarity, Trust.
⚙️ Section 1.2 – Attack Indicators
Question Answer
,What is a DoS attack? Makes a resource unavailable by overwhelming it with
traffic or requests.
What is a DDoS attack? Uses multiple compromised systems (botnets) to
perform a DoS attack.
What is privilege escalation? Gaining higher-level permissions than intended (vertical
or horizontal).
Define credential harvesting. Collecting stolen usernames/passwords from systems or
dumps.
What is a replay attack? Capturing and reusing legitimate data packets to gain
unauthorized access.
What is session hijacking? Taking over a valid session to impersonate a user.
Define logic bombs. Code that executes malicious actions when specific
conditions are met.
What is an insider threat? An employee or trusted individual misusing access for
malicious intent.
What is a supply chain attack? Compromising a vendor or supplier to infiltrate the target
organization.
What is a man-in-the-middle Intercepting and altering communication between two
(on-path) attack? parties.
💻 Section 1.3 – Application and Network Attacks
Question Answer
What is an SQL injection? Inserting malicious SQL queries to manipulate a
database.
What is XSS (Cross-Site Injecting malicious code into a website viewed by other
Scripting)? users.
What is CSRF? Tricks a user’s browser into executing unwanted actions.
What is buffer overflow? Overloading memory to overwrite adjacent data.
Define race condition. Two operations execute out of sequence, causing a flaw.
What is privilege escalation? Exploiting flaws to increase access rights.
, What is ARP poisoning? Spoofing ARP messages to redirect traffic on a LAN.
What is DNS poisoning? Altering DNS records to redirect users to malicious sites.
What is MAC flooding? Overloading a switch to force broadcast mode (security
bypass).
What is a rogue access point? Unauthorized Wi-Fi device posing as a legitimate AP.
🕵️ Section 1.4 – Threat Actors & Intelligence
Question Answer
List types of threat actors. Script kiddies, Hacktivists, Organized crime, State actors,
Insiders.
What are APTs? Advanced Persistent Threats — long-term, state-sponsored
campaigns.
What is TTP? Tactics, Techniques, and Procedures — describes how
attackers operate.
What is OSINT? Open Source Intelligence — freely available data used for
analysis.
What are threat feeds? Continuous data sources on known indicators of compromise
(IoCs).
What is AIS? Automated Indicator Sharing — DHS program for exchanging
threat info.
What are STIX/TAXII? Structured formats/protocols for threat intelligence sharing.
What is a vulnerability Repository of known weaknesses (e.g., NVD, CVE).
database?
What is shadow IT? Unapproved use of systems or apps without organizational
consent.
🧱 Section 1.5 – Vulnerabilities & Assessments
Question Answer
What is a zero-day vulnerability? Exploit of an unknown or unpatched vulnerability.
