Comptia Security+ 04/2025 Exam
Questions and Answers
acceptable use policy (AUP) - ANSWER✔✔-A policy that governs employees' use of company
equipment and Internet services. ISPs may also apply AUPs to their customers.
access badge - ANSWER✔✔-An authentication mechanism that allows a user to present a smart
card to operate an entry system.
access control list (ACL) - ANSWER✔✔-The collection of access control entries (ACEs) that
determines which subjects (user accounts, host IP addresses, and so on) are allowed or denied access
to the object and the privileges given (read-only, read/write, and so on).
access control vestibule - ANSWER✔✔-A secure entry system with two gateways, only one of
which is open at any one time.
Think Airlock
access point (AP) - ANSWER✔✔-A device that provides a connection between wireless devices and
can connect to wired networks, implementing an infrastructure mode WLAN.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 1
,account lockout - ANSWER✔✔-Policy that prevents access to an account under certain conditions,
such as an excessive number of failed authentication attempts.
account policies - ANSWER✔✔-A set of rules governing user security information, such as
password expiration and uniqueness, which can be set globally.
accounting - ANSWER✔✔-Tracking authorized usage of a resource or use of rights by a subject
and alerting when unauthorized use is detected or attempted.
acquisition/procurement - ANSWER✔✔-Policies and processes that ensure asset and service
purchases and contracts are fully managed, secure, use authorized suppliers/vendors, and meet
business goals.
active reconnaissance - ANSWER✔✔-Penetration testing techniques that interact with target
systems directly.
active security control - ANSWER✔✔-Detective and preventive security controls that use an agent
or network configuration to monitor hosts. This allows for more accurate credentialed scanning, but
consumes some host resources and is detectable by threat actors.
ad hoc network - ANSWER✔✔-A type of wireless network where connected devices communicate
directly with each other instead of over an established medium.
address resolution protocol (ARP) - ANSWER✔✔-Broadcast mechanism by which the hardware
MAC address of an interface is matched to an IP address on a local network segment.
advanced persistent threat (APT) - ANSWER✔✔-An attacker's ability to obtain, maintain, and
diversify access to network systems using exploits and malware.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 2
,adware - ANSWER✔✔-Software that records information about a PC and its user. Adware is used
to describe software that the user has acknowledged can record information about their habits.
AES Galois Counter Mode Protocol (GCMP) - ANSWER✔✔-A high performance mode of
operation for symmetric encryption. Provides a special characteristic called authenticated encryption
with associated data, or AEAD.
air-gapped - ANSWER✔✔-A type of network isolation that physically separates a host from other
hosts or a network from all other networks.
alert tuning - ANSWER✔✔-The process of adjusting detection and correlation rules to reduce
incidence of false positives and low-priority alerts.
algorithm - ANSWER✔✔-Operations that transform a plaintext into a ciphertext with
cryptographic properties, also called a cipher. There are symmetric, asymmetric, and hash cipher
types.
allow listing - ANSWER✔✔-A security configuration where access is denied to any entity (software
process, IP/domain, and so on) unless the entity appears on an allow list.
amplification attack - ANSWER✔✔-A network-based attack where the attacker dramatically
increases the bandwidth sent to a victim during a DDoS attack by implementing an amplification
factor.
analysis - ANSWER✔✔-An incident response process in which indicators are assessed to determine
validity, impact, and category.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 3
, annualized loss expectancy (ALE) - ANSWER✔✔-The total cost of a risk to an organization on an
annual basis. This is determined by multiplying the SLE by the annual rate of occurrence (ARO).
annualized rate of occurrence (ARO) - ANSWER✔✔-In risk calculation, an expression of the
probability/likelihood of a risk as the number of times per year a particular loss is expected to occur.
anomalous behavior recognition - ANSWER✔✔-Systems that automatically detect users, hosts, and
services that deviate from what is expected, or systems and training that encourage reporting of this
by employees.
antivirus - ANSWER✔✔-Inspecting traffic to locate and block viruses.
antivirus scan (A-V) - ANSWER✔✔-Software capable of detecting and removing virus infections
and (in most cases) other types of malware, such as worms, Trojans, rootkits, adware, spyware,
password crackers, network mappers, DoS tools, and so on.
anything as a service - ANSWER✔✔-The concept that most types of IT requirements can be
deployed as a cloud service model.
appliance firewall - ANSWER✔✔-A standalone hardware device that performs only the function of
a firewall, which is embedded into the appliance's firmware.
application programming interface - ANSWER✔✔-Methods exposed by a script or program that
allow other scripts or programs to use it. For example, an API enables software developers to access
functions of the TCP/IP network stack under a particular operating system.
application virtualization - ANSWER✔✔-A software delivery model where the code runs on a
server and is streamed to a client.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 4
Questions and Answers
acceptable use policy (AUP) - ANSWER✔✔-A policy that governs employees' use of company
equipment and Internet services. ISPs may also apply AUPs to their customers.
access badge - ANSWER✔✔-An authentication mechanism that allows a user to present a smart
card to operate an entry system.
access control list (ACL) - ANSWER✔✔-The collection of access control entries (ACEs) that
determines which subjects (user accounts, host IP addresses, and so on) are allowed or denied access
to the object and the privileges given (read-only, read/write, and so on).
access control vestibule - ANSWER✔✔-A secure entry system with two gateways, only one of
which is open at any one time.
Think Airlock
access point (AP) - ANSWER✔✔-A device that provides a connection between wireless devices and
can connect to wired networks, implementing an infrastructure mode WLAN.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 1
,account lockout - ANSWER✔✔-Policy that prevents access to an account under certain conditions,
such as an excessive number of failed authentication attempts.
account policies - ANSWER✔✔-A set of rules governing user security information, such as
password expiration and uniqueness, which can be set globally.
accounting - ANSWER✔✔-Tracking authorized usage of a resource or use of rights by a subject
and alerting when unauthorized use is detected or attempted.
acquisition/procurement - ANSWER✔✔-Policies and processes that ensure asset and service
purchases and contracts are fully managed, secure, use authorized suppliers/vendors, and meet
business goals.
active reconnaissance - ANSWER✔✔-Penetration testing techniques that interact with target
systems directly.
active security control - ANSWER✔✔-Detective and preventive security controls that use an agent
or network configuration to monitor hosts. This allows for more accurate credentialed scanning, but
consumes some host resources and is detectable by threat actors.
ad hoc network - ANSWER✔✔-A type of wireless network where connected devices communicate
directly with each other instead of over an established medium.
address resolution protocol (ARP) - ANSWER✔✔-Broadcast mechanism by which the hardware
MAC address of an interface is matched to an IP address on a local network segment.
advanced persistent threat (APT) - ANSWER✔✔-An attacker's ability to obtain, maintain, and
diversify access to network systems using exploits and malware.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 2
,adware - ANSWER✔✔-Software that records information about a PC and its user. Adware is used
to describe software that the user has acknowledged can record information about their habits.
AES Galois Counter Mode Protocol (GCMP) - ANSWER✔✔-A high performance mode of
operation for symmetric encryption. Provides a special characteristic called authenticated encryption
with associated data, or AEAD.
air-gapped - ANSWER✔✔-A type of network isolation that physically separates a host from other
hosts or a network from all other networks.
alert tuning - ANSWER✔✔-The process of adjusting detection and correlation rules to reduce
incidence of false positives and low-priority alerts.
algorithm - ANSWER✔✔-Operations that transform a plaintext into a ciphertext with
cryptographic properties, also called a cipher. There are symmetric, asymmetric, and hash cipher
types.
allow listing - ANSWER✔✔-A security configuration where access is denied to any entity (software
process, IP/domain, and so on) unless the entity appears on an allow list.
amplification attack - ANSWER✔✔-A network-based attack where the attacker dramatically
increases the bandwidth sent to a victim during a DDoS attack by implementing an amplification
factor.
analysis - ANSWER✔✔-An incident response process in which indicators are assessed to determine
validity, impact, and category.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 3
, annualized loss expectancy (ALE) - ANSWER✔✔-The total cost of a risk to an organization on an
annual basis. This is determined by multiplying the SLE by the annual rate of occurrence (ARO).
annualized rate of occurrence (ARO) - ANSWER✔✔-In risk calculation, an expression of the
probability/likelihood of a risk as the number of times per year a particular loss is expected to occur.
anomalous behavior recognition - ANSWER✔✔-Systems that automatically detect users, hosts, and
services that deviate from what is expected, or systems and training that encourage reporting of this
by employees.
antivirus - ANSWER✔✔-Inspecting traffic to locate and block viruses.
antivirus scan (A-V) - ANSWER✔✔-Software capable of detecting and removing virus infections
and (in most cases) other types of malware, such as worms, Trojans, rootkits, adware, spyware,
password crackers, network mappers, DoS tools, and so on.
anything as a service - ANSWER✔✔-The concept that most types of IT requirements can be
deployed as a cloud service model.
appliance firewall - ANSWER✔✔-A standalone hardware device that performs only the function of
a firewall, which is embedded into the appliance's firmware.
application programming interface - ANSWER✔✔-Methods exposed by a script or program that
allow other scripts or programs to use it. For example, an API enables software developers to access
functions of the TCP/IP network stack under a particular operating system.
application virtualization - ANSWER✔✔-A software delivery model where the code runs on a
server and is streamed to a client.
FOR STUDY PURPOSES ONLY COPYRIGHT © 2025 ALL RIGHTS RESERVED 4
