Security+ Guide

50+ page Security+ Study Guide

Organized by section from the official list of terms/knowledge needed to pass the test. Simple definitions and explanations. Don't pay crazy prices for a course when all the knowledge you need is right here! Preview of guide and definitions listed below.



Given a scenario, analyze indicators of compromise and determine the type of malware.

  1. Virus –  A computer virus modifies other legitimate host files (or pointers to them) in such a way that when a victim’s file is executed, the virus is also executed.
  2. Crypto-malware – Essentially the same thing as Ransomware, holds all of your data hostage in return for crypto payments.
  3. Ransomware – Encrypts files on your computer and requests a crypto payment to decrypt
  4. Worm – Self-replicates (spreads without any end-user action)
  5. Trojan – Pretends to be legit programs, but has malicious actions. Ex. fake AV programs (has to be executed by end-user and may be pushed by infected sites)
  6. Rootkit – Essentially, malware programs attempt to modify the underlying operating system to take ultimate control and hide from antimalware programs.
  7. Keylogger – malware that records the keystrokes and can gain access to passwords, etc.
  8. AdWare – malicious ads attempting to expose end-users ex. May redirect searches to dangerous sites
  9. SpyWare – can install keyloggers to find account info, etc. most likely means theres a root exploit issue
  10. Bots – Bots are essentially Trojan/worm combinations that attempt to make individual exploited clients a part of a larger malicious network. Botmasters have one or more “command and control” servers that bot clients check into to receive their updated instructions. Cyber criminals can rent out botnets
  11. RAT – Remote Access Trojan – usually installed without end-user’s knowledge
  12. Logic Bomb – uploaded on the back-end of a computer but has a timer before it either starts deleting/stealing/encrypting data/etc.
  13. Backdoor – bypasses normal authentication and usually enables some type of remote access’

%d bloggers like this: