Threat Management Terms and Concepts Flashcards
CompTIA CySA+ CS0-003 (V3) Flashcards
| Front | Back |
| Define 'rootkit'. | A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. |
| Define phishing. | Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. |
| Define the term 'attack vector'. | An attack vector is a path or means by which a hacker can gain access to a computer or network server to deliver a payload or malicious outcome. |
| Explain the term 'exploit'. | An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur. |
| Explain threat hunting. | Threat hunting is a proactive cybersecurity search through networks and endpoints to find malicious actors that have evaded existing security solutions. |
| List the steps in the vulnerability management process. | The steps are identification, evaluation, treatment, and reporting. |
| Name a common source of threat intelligence. | Common sources include open-source intelligence (OSINT), commercial threat intelligence providers, and internal threat data. |
| What are indicators of compromise (IoCs)? | IoCs are pieces of data that indicate a potential breach or malicious activity within a network or system. |
| What is a botnet? | A botnet is a number of internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attacks (DDoS). |
| What is a false negative in threat detection? | A false negative occurs when malicious activity is not detected by the security systems. |
| What is a false positive in threat detection? | A false positive occurs when benign activity is incorrectly identified as malicious. |
| What is a zero-day vulnerability? | A zero-day vulnerability is a software security flaw that is known to the software vendor but does not have a patch in place to fix the flaw. |
| What is malware? | Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. |
| What is ransomware? | Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. |
| What is vulnerability management? | Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities. |
About the Flashcards
Flashcards for the CompTIA CySA+ exam provide a concise review of core cybersecurity concepts tested on the exam, including malware categories (ransomware, rootkits, botnets), social engineering and phishing, attack vectors, exploits and zero-day vulnerabilities, and indicators of compromise. The deck summarizes common threat intelligence sources and the fundamentals of threat hunting.
Designed for quick study, these cards reinforce key terminology and processes such as vulnerability management (identification, evaluation, treatment, reporting), detection challenges (false positives and false negatives), and proactive search techniques. Use the set to strengthen recall of definitions, relationships between attacks and mitigation steps, and the diagnostic cues examiners expect.
Topics covered in this flashcard deck:
- Malware types
- Phishing and social engineering
- Threat intelligence sources
- Threat hunting and IoCs
- Vulnerability management
- Attack vectors and exploits