Mastering cybersecurity is vital in today’s digital landscape, where threats evolve daily. The Security+ Flashcards provide a comprehensive resource for learners seeking to enhance their understanding of key concepts in cybersecurity, preparing you for your Security+ certification. This interactive tool not only aids in learning but also builds confidence in recognizing threats and implementing security measures effectively.
The flashcards cover a wide range of crucial topics, including threat actors, attack vectors, and social engineering techniques. You'll also explore the intricacies of cryptography, identity management, network security, and incident response. Each section is designed to provide focused learning on specific areas of Security+, ensuring a structured approach to mastering the material.
Designed for effective retention, our audio format employs spaced repetition (SM-2) to help reinforce your learning. Engage with the content, test your knowledge, and keep track of your progress. Start your journey towards becoming Security+ certified today by diving into our expertly crafted flashcards!
Security+ Flashcards: Threat Actors, Attack Vectors, Social Engineering, Phishing
Dive into the essential topics of Security+ with our interactive flashcards. This resource will empower you with knowledge on threats, cryptography, and security management.
What are the different types of threat actors in cybersecurity?
0:30
Threat actors are categorized by motivation and capability. Nation-state actors are government-sponsored with advanced resources targeting espionage, sabotage, and influence operations. Advanced persistent threats, or APTs, maintain long-term access to networks. Organized crime groups seek financial gain through ransomware, fraud, and data theft. Hacktivists are ideologically motivated and use attacks for political statements. Insider threats are employees or contractors who misuse authorized access. Script kiddies use pre-built tools without deep technical knowledge.
What is social engineering and what makes it effective?
0:25
Social engineering manipulates people into revealing confidential information or performing actions that compromise security by exploiting psychological principles rather than technical vulnerabilities. It is effective because it targets human nature: authority causes people to comply with requests from perceived superiors, urgency creates pressure to act before thinking, social proof makes people follow perceived group behavior, scarcity creates fear of missing out, and trust exploits established relationships.
What is the difference between phishing, spear phishing, and whaling?
0:23
Phishing is a broad attack sending fraudulent emails to many recipients impersonating legitimate organizations to steal credentials or deliver malware. Spear phishing targets specific individuals or groups using personalized information gathered from social media or prior reconnaissance to increase credibility. Whaling targets senior executives, board members, or other high-value individuals with highly customized attacks often referencing real business matters.
What is vishing and how does it differ from smishing?
0:30
Vishing, or voice phishing, uses phone calls to trick victims into revealing sensitive information. Attackers often spoof caller ID to appear as a bank, government agency, or tech support and create urgency to pressure immediate action. Smishing, or SMS phishing, uses text messages containing malicious links or requests for sensitive information, often claiming to be delivery notifications, account alerts, or prize winnings. Both exploit the trust people place in phone communications and the tendency to act quickly on mobile devices.
A watering hole attack compromises a legitimate website frequently visited by the target group, then uses it to deliver malware to visitors. The attacker identifies websites that employees of the target organization regularly use, such as industry forums, news sites, or vendor portals, and injects malicious code into those sites. When employees visit the compromised site, malware is downloaded automatically through drive-by download or they are redirected to a malicious site. This is effective against organizations with strong email security because it bypasses email filters entirely.
Pretexting is a social engineering technique where the attacker creates a fabricated scenario, or pretext, to gain the victim's trust and extract information or access. The attacker assumes a false identity such as IT support, a bank representative, a vendor, or a coworker and builds a believable story requiring the victim's cooperation. For example, an attacker might call claiming to be from the help desk performing a mandatory password reset. Pretexting differs from phishing because it relies on interactive conversation and relationship building rather than a single deceptive message.
What is a supply chain attack and why is it difficult to defend against?
0:21
A supply chain attack compromises a trusted vendor, supplier, or software provider to gain access to their customers' networks and data. The SolarWinds attack is a prominent example where attackers inserted malicious code into a legitimate software update distributed to thousands of organizations. Supply chain attacks are difficult to defend against because organizations implicitly trust their vendors' software and updates.
Shoulder surfing is the practice of looking over someone's shoulder or using visual observation to capture sensitive information such as passwords, PINs, credit card numbers, or confidential documents displayed on screens. It can occur in offices, public spaces, airports, coffee shops, and ATMs. Prevention measures include privacy screen filters that narrow the viewing angle of displays, positioning monitors away from public view, using biometric authentication instead of typed passwords, being aware of surroundings when entering sensitive information, and implementing clean desk policies
What is the difference between a virus, a worm, and a Trojan?
0:30
A virus is malicious code that attaches to a legitimate program or file and requires user action to activate, such as opening an infected attachment. It replicates by inserting copies into other programs. A worm is self-replicating malware that spreads automatically across networks without user interaction by exploiting vulnerabilities, consuming bandwidth and resources. A Trojan appears to be legitimate software but contains hidden malicious functionality. Trojans do not self-replicate but rely on social engineering to trick users into installing them.
What is ransomware and how should organizations prepare for it?
0:30
Ransomware is malware that encrypts files or locks systems and demands payment, typically in cryptocurrency, for the decryption key. Modern ransomware often includes double extortion, where attackers also steal data and threaten to publish it if payment is not made. Preparation includes maintaining offline backups tested regularly for restoration, implementing network segmentation to limit lateral movement, deploying endpoint detection and response tools, keeping systems patched, training users to recognize phishing, and developing an incident response plan specifically for ransomware.
---
