Security+ SY0-601 Save
Leave the first rating
Students also studied
Flashcard sets Study guides
Security+ Cert Exam Objectives SYO... Tough Sec+ Terms 3330 Final A+ Core
786 terms 211 terms 13 terms 18 terms
jeffrey_baker Preview g2mus Preview bwf8hd Preview ano
Terms in this set (944)
The fifth-generation wireless broadband technology based on the 802.11ac standard
5G
engineered to greatly increase the speed and responsiveness of wireless networks
A policy that defines the actions users may perform while accessing systems and
Acceptable Use Policy (AUP)
networking equipment.
The response of determining that a risk is within the organization's appetite and no
Acceptance Risk Mgmt Strategy
countermeasures other than ongoing monitoring is needed
A clearly defined list of permissions that specifies what actions an authenticated user
Access Control List (ACL)
may perform on a shared resource
A list of roles and the resources with which roles are to be provisioned or
Access Policies
deprovisioned
The regular or periodic activity of reviewing and assessing the user accounts of an IT
Account Audits
environment
Account Permissions The privileges that a user is given
A set of rules governing user security information, such as password expiration and
Account Policies
uniqueness, which can be set globally
Two or more servers working together to distribute load of traffic, if one server fails
Active/Active Load Balancing loss of data may occur; the workload on the remaining nodes will increase and cause
performance degradation
When one server in a load balancing system is active and the others are stand-by; if
Active/Passive Load Balancing the active nodes suffers a fault, the connection can failover to the passive node
without performance degradation
The credentials of the account owner allow full access to all resources in the
Root Account Credential Policy
account; can't use IAM to deny root user access to resources explicitly
Admissibility In order for digital evidence to be allowed in court it must be authentic and reliable
https://quizlet.com/755250488/security-sy0-601-flash-cards/ 1/6
, 5/15/25, 12:54 PM Security+ SY0-601 Flashcards | Quizlet
Describes a series of continued, advanced attacks occurring over a significant
Advanced Persistent Threat (APT) period of time, conducted by organizations linked to governments of virtually every
technologically advanced country
A developing field where attacks currently tend to deal with data poisoning,
Adversarial Artificial Intelligence (AI)
providing security and analytic AI and MI algorithms with adversarial input
Advisories and Bulletins Alerts associated with current and active threats; used by threat hunters
A website or software application that gathers together information from a variety of
Aggregators
internet sources
A containment approach of physically separating networks or devices; disabling a
Air Gap switch port; least stealthy option and may reduce opportunities to analyze the attack
or malware due to the isolation
A default-deny policy that means only running authorized processes and scripts;
Allow List
may impede accessibility and increase support time and costs
Refers to the expected frequency with which a risk or a threat is expected to occur;
Annualized Rate of Occurrence (ARO)
also called Probability Determination
The process of identifying rare or unexpected items or events in a data set that do
Anomaly Detection
not conform to other items in the data set
The act of permanently and completely removing personal identifiers from data,
Anonymization
such as converting personally identifiable information (PII) into aggregated data
Anti-malware A utility that searches for and removes any malware on a computer
Software that is specifically designed to detect viruses and protect a computer and
Antivirus
files from harm
The wide variety of services available in the cloud where the X indicates the nature of
Anything as a Service (XaaS)
the specific service
Malicious usage or attempted usage of an API from automated threats such as
API Attacks
access violations, bot attacks or abuse
A service for authentication, authorization, encryption, availability, and policy
API Inspection and Integration
compliance of APIs
Type of firewall that often enacts east-west security and zero-trust micro
segmentation design paradigms; can inspect traffic as it passes from host-to-host or
Virtual Firewall
between virtual networks rather than routing the traffic to a firewall appliance and
back
The use of application whitelisting where the approved applications are listed; if an
Application Approved List
application is not listed, it cannot be launched
The use of application blacklisting where full access is approved with the provision
Application Blocklist/Deny List
that specified items are denied
Records events generated by applications and services, such as when a service run
Application Event Log
by a third-party application cannot start
The lifecycle process for software applications, covering how an application
Application Mgmt
operates, it maintenance, version control, and upgrades from cradle to grave
A library of programming utilities used, for example, to enable software developers
Application Programming Interface (API)
to access functions of the TCP/IP network stack under a particular operating system
Describes security measures at the application level that aim to prevent data or code
Application Security
within the app from being stolen or hijacked
https://quizlet.com/755250488/security-sy0-601-flash-cards/ 2/6