Incident Response and IAM
HardFind each incident response or IAM concept hidden in the grid.
13 terms · Choose how you want to study
New to the CompTIA Security+ exam? Read our how-to-pass guide →
Study modes
- Word Search Hunt hidden terms in a grid, then unlock each definition.
- Flashcards Spaced-repetition recall — graded cards that resurface right before you forget.
- Quiz Multiple-choice practice in real exam format, with instant feedback.
Terms in this set
- Forensics Collecting and analyzing evidence from systems in a defensible, repeatable way.
- Recovery Restoring systems and data to normal operations after an incident or outage.
- Detection Identifying that an incident or anomaly has occurred.
- Response Taking action on a confirmed incident — investigate, contain, eradicate, recover, learn.
- Containment Limiting the spread or impact of an active incident.
- Eradication Removing the threat and all traces of the attacker from the environment.
- Quarantine Isolating a suspect file, system, or user pending investigation.
- Incident A confirmed security event that violates policy or threatens confidentiality, integrity, or availability.
- Password A secret string used to authenticate identity — the most common 'something you know' factor.
- Smart Card A tamper-resistant card holding cryptographic credentials, used with a reader for authentication.
- SSO Single Sign-On — one authentication grants access to multiple integrated applications.
- CVE Common Vulnerabilities and Exposures — a unique identifier for a publicly disclosed vulnerability.
- CVSS Common Vulnerability Scoring System — a 0-10 severity score for vulnerabilities.