Master ComptiaSecurity+ Security Operations with our interactive study cards designed for effective learning. These flashcards use proven spaced repetition techniques to help you memorize key concepts, definitions, and facts. Perfect for students, professionals, and lifelong learners seeking to improve knowledge retention and ace exams through active recall practice.
Click any card to reveal the answer
Centralized facility that monitors analyzes and responds to security incidents
Security Information and Event Management - system that collects and analyzes security logs
Collecting logs from multiple sources into central location for analysis
Analyzing relationships between events from different sources to identify threats
Preparation Identification Containment Eradication Recovery Lessons Learned
Establishing policies tools training and procedures before incidents occur
Detecting and confirming that a security incident has occurred
Limiting the scope and impact of the security incident
Removing the threat and restoring systems to secure state
Restoring normal operations and monitoring for recurrence
Post-incident review to improve future response and prevention
Documented procedures for responding to specific types of security incidents
Intrusion Detection System - monitors network traffic for suspicious activity
Intrusion Prevention System - actively blocks detected threats
IDS detects and alerts IPS detects and blocks threats
Identifying threats using known patterns and signatures
Identifying threats by detecting deviations from normal behavior
Identifying threats based on actions and patterns of behavior
Alert triggered when no actual threat exists
Failure to detect an actual threat
Proactive search for threats that have evaded existing security controls
Information about current and emerging threats used to inform security decisions
Indicators of Compromise - artifacts that indicate potential security incidents
Computer Security Incident Response Team responsible for handling incidents
Documented record of evidence handling from collection to presentation
Process of collecting preserving analyzing and presenting digital evidence
Identification Collection Acquisition Preservation Analysis Reporting
Creating bit-by-bit copy of storage media for analysis
Device that prevents modification of evidence during forensic acquisition
Examining systems while they are running to capture volatile data
Sequence for collecting evidence based on how quickly it disappears
Continuous process of identifying assessing and remediating vulnerabilities
Automated assessment to identify security weaknesses
Systematic examination to identify and evaluate security vulnerabilities
Process of acquiring testing deploying and verifying software updates
Formal process for managing modifications to IT systems and infrastructure
Maintaining and controlling system configurations and baselines
Reducing attack surface by removing unnecessary services and securing configurations
Configuring systems with only essential features and services enabled
Standard secure configuration applied to systems
Process of removing access rights when users leave or change roles
Isolating applications or code in restricted environments for testing
Dividing network into separate zones to limit threat spread
Demilitarized Zone - network segment that separates external and internal networks
Copies of data to restore after data loss incidents or ransomware attacks
Full backup Incremental backup Differential backup
Complete copy of all selected data
Backup of only data changed since last backup
Backup of data changed since last full backup
Scheduled strategy for creating and retaining backups over time
3 copies on 2 different media with 1 offsite
Remember: Use all available resources to study. Flearn alone cannot guarantee success in any exams—make sure to supplement your learning!