Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

CompTIA Security+: Network Security Fundamentals 7th Edition - Key Terms and Definitions, Exams of Computer Security

Manhattan School of Computer TechnologyComputer Security

Definitions and explanations for various terms and concepts related to computer security and network security, as presented in the comptia security+ sy0-601 certification exam. Topics covered include adversarial ai, api attacks, backdoors, bots, buffer overflow attacks, client-side request forgery, command and control, cross-site scripting, cryptomalware, device driver manipulation, dll injection, error handling, fileless viruses, improper input handling, injections, integer overflow attacks, keyloggers, logic bombs, malware, memory leaks, pointer/object dereference, potentially unwanted programs (pups), race conditions, ransomware, refactoring, remote access trojans (rats), replay attacks, resource exhaustion attacks, rootkits, security of ml algorithms, server-side request forgery (ssrf), shimming, spyware, sql injection, structured query language (sql), tainted training data for machine learning, time of check/time of use, trojans, and worms.

Typology: Exams

2022/2023

Available from 03/24/2024

star_score_grades
star_score_grades 🇺🇸

3.6

(19)

1.7K documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CompTIA Security + Guide to Network
Security Fundamentals 7th Edition 2024
Chapter 3 Key Terms Quick practice
Adversarial artificial intelligence (AI) - Answer>>exploiting the risks associated with using AI and
ML in cybersecurity
application program interface (API) attack - Answer>>An attack that targets vulnerabilities in an
API.
backdoor - Answer>>malware that gives access to a computer, program, or service that
circumvents any normal security protections
bot - Answer>>an infected computer placed under the remote control of an attacker for the
purpose of launching attacks
buffer overflow attack - Answer>>An attack that occurs when a process attempts to store data in
RAM beyond the boundaries of a fixed-length storage buffer.
client-side request forgery - Answer>>An attack that takes advantage of an authentication
"token" that a website sends to a user's web browser to imitate the identity and privileges of
the victim.
command and control (C&C) - Answer>>A structure that sends instructions to infected bot
computers.
cross-site request forgery (XSRF) - Answer>>An attack that takes advantage of an authentication
"token" that a website sends to a user's web browser to imitate the identity and privileges of
the victim.
pf3
pf4
pf5

Partial preview of the text

Download CompTIA Security+: Network Security Fundamentals 7th Edition - Key Terms and Definitions and more Exams Computer Security in PDF only on Docsity!

CompTIA Security + Guide to Network

Security Fundamentals 7th Edition 2024

Chapter 3 Key Terms Quick practice

Adversarial artificial intelligence (AI) - Answer>>exploiting the risks associated with using AI and ML in cybersecurity application program interface (API) attack - Answer>>An attack that targets vulnerabilities in an API. backdoor - Answer>>malware that gives access to a computer, program, or service that circumvents any normal security protections bot - Answer>>an infected computer placed under the remote control of an attacker for the purpose of launching attacks buffer overflow attack - Answer>>An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer. client-side request forgery - Answer>>An attack that takes advantage of an authentication "token" that a website sends to a user's web browser to imitate the identity and privileges of the victim. command and control (C&C) - Answer>>A structure that sends instructions to infected bot computers. cross-site request forgery (XSRF) - Answer>>An attack that takes advantage of an authentication "token" that a website sends to a user's web browser to imitate the identity and privileges of the victim.

Cross-Site Scripting (XSS) - Answer>>An attack that takes advantage of a website that accepts user input without validating it. cryptomalware - Answer>>Malware that encrypts all the files on the device so that none of them can be opened until a ransom is paid. Device driver manipulation - Answer>>An attack that alters a device driver from its normal function. DLL injection - Answer>>An attack that inserts code into a running process through a DLL to cause a program to function in a different way than intended error handling - Answer>>A programming error that does not properly trap an error condition. eXtensible Markup Language (XML) - Answer>>A markup language designed to store information fileless virus - Answer>>A type of malware that takes advantage of native services and processes that are part of the OS to avoid detection and carry out its attacks. improper input handling - Answer>>A programming error that does not filter or validate user input to prevent a malicious action. injections - Answer>>attacks that introduce new input to exploit a vulnerability integer overflow attack - Answer>>An attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow keylogger - Answer>>Hardware or software that captures and stores each keystroke that a user types on the computer's keyboard.

resource exhaustion attacks - Answer>>An attack that depletes parts of memory and interferes with the normal operation of the program in RAM to give an attacker access to the underlying OS. rootkit - Answer>>malware that can hide its presence and the presence of other malware on the computer security of the ML algorithms - Answer>>A risk associated with the vulnerabilities in AI-powered cybersecurity applications and their devices. Server-Side Request Forgery (SSRF) - Answer>>An attack that takes advantage of a trusting relationship between web servers. shimming - Answer>>Transparently adding a small coding library that intercepts calls made by the device and changes the parameters passed between the device and the device driver. spyware - Answer>>Tracking software that is deployed without the consent or control of the user. SQL injection - Answer>>an attack that inserts statements to manipulate a database server using structured query language commands Structured Query Language (SQL) - Answer>>a language used to view and manipulate data that is stored in a relational database Tainted training data for machine learning (ML) - Answer>>a risk associated with attackers who attempt to alter the training data that is used by ML time of check/time of use - Answer>>a software check of the state of a resource before using that resource

Trojan - Answer>>An executable program that masquerades as performing a benign activity but also does something malicious. worm - Answer>>A malicious program that uses a computer network to replicate. XML injection - Answer>>An attack that inserts statements to manipulate a database server using eXtensible Markup Language (XML).