CramX Logo
RegisterLog in
Back to FlashcardsInformation Technology / CompTIA Security+ (SY0-601): Security Applications & Devices

CompTIA Security+ (SY0-601): Security Applications & Devices

Information Technology11 CardsCreated 8 months ago

This section outlines methods for detecting and preventing unauthorized activity, including Intrusion Detection Systems (IDS) and Data Loss Prevention (DLP) solutions. It also covers best practices for securing BIOS configurations and protecting network and storage systems like NAS/SAN from unauthorized access and data breaches.

Report

IDS & IDS Alerts

Intrusion Detection System:
Passively monitors network and alerts/identifies attacks
HIDS = Host-based | NIDS = Network-based
Signature, Policy, Anomaly-based

True Positive: Malicious activity is identified as an attack
False Positive: Legitimate activity is identified as an attack
True Negative: Legitimate activity is identified as legitimate traffic
False Negative: Malicious activity is identified as legitimate traffic

Rate to track your progress ✦

Tap or swipe ↕ to flip
Swipe ←→Navigate
1/11

Key Terms

Term
Definition

IDS & IDS Alerts

Intrusion Detection System:
Passively monitors network and alerts/identifies attacks
HIDS = Host-based | NIDS = Ne...

DLP & 3 Types of DLPs

Data Loss Prevention (Software or Hardware):
Monitors the data of a system while in use, in transit, or at rest to de...

Securing BIOS

  1. Flash the BIOS

  2. Use a BIOS password

  3. Securing NAS/SAN

    1. Use data encryption

    2. Use proper authentication

    3. SED

      Self-Encrypting Drive:

      Storage device that performs whole disk encryption by using embe...

    Disk Encryption Software

    Apple: FileVault
    Windows: BitLocker

    Related Flashcard Decks

    Information Technology

    Introduction to Database Management and Computer Systems

    This deck covers fundamental concepts in database management systems and computer systems, including data models, SQL, and system architecture.

    10 cards
    View Deck
    Information Technology

    Java Programming Concepts

    This deck covers key concepts in Java programming, including classes, methods, constructors, and object-oriented principles. It includes examples of using classes like Rectangle, Point, Student, and more, with a focus on understanding object creation, method calls, and class interactions.

    30 cards
    View Deck
    Information Technology

    DOD Cyber Awareness Challenge 2025 Knowledge check-1 Part 2

    This deck covers the key concepts and safety practices from the DOD Cyber Awareness Challenge 2025, focusing on social networking, mobile security, insider threats, and more.

    20 cards
    View Deck
    Information Technology

    Controlled Unclassified Information (CUI) Training

    This deck covers key concepts and guidelines related to Controlled Unclassified Information (CUI) as outlined in the DoD CUI program.

    15 cards
    View Deck
    Information Technology

    Cyber Awareness Challenge 2024 (Knowledge Pre-Check)

    This deck covers key concepts and best practices for cyber awareness, including handling classified information, social networking, teleworking, and more.

    21 cards
    View Deck
    Information Technology

    Personally Identifiable Information Part 1

    This deck covers key concepts related to the management and protection of Personally Identifiable Information (PII), including legal responsibilities, privacy impact assessments, and safeguards.

    15 cards
    View Deck
    Information Technology

    DOD Cyber Awareness Challenge 2025 Knowledge Check-1 Part 1

    This flashcard deck covers key concepts from the DOD Cyber Awareness Challenge 2025, including best practices for online security, identity protection, and appropriate use of government resources.

    20 cards
    View Deck
    Information Technology

    Personally Identifiable Information Part 2

    This deck covers key concepts related to the protection and management of Personally Identifiable Information (PII), including common threats, compliance requirements, and safeguarding measures.

    15 cards
    View Deck
    Information Technology

    Animation and Games CodeHS Part 5

    A set of flashcards covering key concepts from CodeHS Part 5: Animation and Games, including circles, shapes, and event handling.

    11 cards
    View Deck
    CompTIA Security+ (SY0-601): Security Applications & Devices
    TermDefinition

    IDS & IDS Alerts

    Intrusion Detection System:
    Passively monitors network and alerts/identifies attacks
    HIDS = Host-based | NIDS = Network-based
    Signature, Policy, Anomaly-based

    True Positive: Malicious activity is identified as an attack
    False Positive: Legitimate activity is identified as an attack
    True Negative: Legitimate activity is identified as legitimate traffic
    False Negative: Malicious activity is identified as legitimate traffic

    DLP & 3 Types of DLPs

    Data Loss Prevention (Software or Hardware):
    Monitors the data of a system while in use, in transit, or at rest to detect attempts to steal the data

    Also called Information Leak Protection (ILP) or Extrusion Prevention Systems (EPS)

    Network DLP System
    Software or hardware-based solution that is installed on the perimeter of the network to detect data in transit

    Storage DLP System
    Software installed on servers in the datacenter to inspect the data at rest

    Cloud DLP System
    Cloud software as a service that protects data being stored in cloud services

    Securing BIOS

    1. Flash the BIOS

    2. Use a BIOS password

    3. Configure the BIOS boot order

    4. Disable the external ports and devices

    5. Enable the secure boot option

    Securing NAS/SAN

    1. Use data encryption

    2. Use proper authentication

    3. Log NAS access

    SED

    Self-Encrypting Drive:

    Storage device that performs whole disk encryption by using embedded hardware

    Disk Encryption Software

    Apple: FileVault
    Windows: BitLocker

    TPM

    Trusted Platform Module:
    Chip residing on the motherboard that contains an encryption key

    If your motherboard doesn’t have TPM, you can use an external USB drive as a key

    HSM

    Hardware Security Module:

    Physical devices that act as a secure cryptoprocessor during the encryption process

    EPP

    Endpoint Protection Platform:
    A software agent and monitoring system that performs multiple security tasks such as anti-virus, HIDS/HIPS, firewall, DLP, and file encryption

    EDR

    Endpoint Detection & Response:
    A software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats

    Doesn’t use signature-based protection
    Behavioral analysis, ML, process monitoring
    Lightweight agent on the endpoint
    Root cause analysis

    UEBA

    User & Entity Behavior Analytics:
    A system that can provide automated identification of suspicious activity by user accounts and computer hosts

    UEBA solutions are heavily dependent on advanced computing techniques like artificial intelligence (AI) and machine learning

    Many companies are now marketing advanced threat protection (ATP), advanced endpoint protection (AEP), and NextGen AV (NGAV) which is a hybrid of EPP, EDR, and UEBA