Online attacks guess the password of an online system. Offline attacks guess the password stored within a downloaded file, such as a database. Logs will show a large volume of failed logon attempts as Event ID 4625 and/or several accounts being locked out as Event ID 4740. Spraying attacks attempt to avoid account lockout policies, but logs will still show a large volume of failed logon attempts, but with a time lapse between each entry.
Click to view the back
Click to view the front
Intentionally left blank
Remember this – Spraying Attacks
DNS poisoning attacks
What is used to prevent DNS poisoning attacks by adding data integrity to DNS records?
Click to view the back
Click to view the front
DNSSEC DNSSEC Domain Name System Security Extensions DNS Domain Name System
DNS poisoning attacks
social engineer
Why would a social engineer use the principle of scarcity?
Click to view the back
Click to view the front
To entice a user to click a link
social engineer
Remember this – Confidentiality
Confidentiality ensures that data is only viewable by authorized users. The best way to protect the confidentiality of data is by encrypting it. This includes any type of data, such as PII, data in databases, and data on mobile devices. Access controls help protect confidentiality by restricting access.
These Security+ flashcards provide you with a quick reminder of many of the different Security+ related concepts in a flashcard format. These concepts are explained in greater depth in the CompTIA Security+: Get Certified Get Ahead: SY0-501 Study Guide.
