Basics Flashcards
(121 cards)
1
Q
antivirus software
A
The software program used to prevent, detect and eliminate malware and viruses
2
Q
asset management
A
The process of tracking assets, and the risks that affect them
3
Q
asset inventory
A
A catalog of assets that need to be protected
4
Q
Biometrics
A
The unique physical characteristics that can be used to verify a persons identity
5
Q
Business continuity
A
An organizations ability to maintain their everyday productivity by establishing risk disaster recovery plans.
6
Q
Business continuity plan (BCP)
A
A documented outlines the procedures to sustain business operations during and after a significant disruption
7
Q
Business email compromise (BEC)
A
a type of fishing attack, where a threat actor impersonates a known source to obtain financial advantage
8
Q
Computer virus
A
Malicious code written to interfere with computer operations, and cause damage to data and software
9
Q
Cyber security
A
The practice of ensuring confidentiality, integrity and availability information by protecting networks devices, people and data from unauthorized access or criminal exploitation
10
Q
Data
A
Information that is translated, processed or stored by a computer
11
Q
hacker
A
Any person who uses computers to gain access to computers, systems, networks or data
12
Q
Hacktivist
A
any person who uses hacking to achieve a political goal
13
Q
Linux
A
Open source operating system
14
Q
Log
A
A record of events that occur within an organization system
15
Q
malware
A
software designed to harm devices or networks
16
Q
National Institute of standards and technology (NIST) cybersecurity framework (CSF)
A
A voluntary framework that consists of standards guidelines, and best practices to manage cybersecurity risk
17
Q
operating system (OS)
A
The interface between computer hardware and the user
18
Q
order of volatility
A
A sequence outlining the order of data that must be preserved from first to last
19
Q
Packet sniffing
A
The practice of capturing and inspecting data packets across the network
20
Q
phishing
A
The use of digital communications to trick people into revealing sensitive data or deploying malicious software
21
Q
playbook
A
a manual that provides details about any operational action
22
Q
ransomware
A
A malicious attack or threat actors and krypton organizations, data, and demand payment to restore access
23
Q
risk
A
Anything that can impact the confidentiality, integrity, or availability of an asset
24
Q
risk mitigation
A
The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach
25
security information and event management (SIEM)
An application that collects and analyzes log data to monitor critical activities in an organization
26
sensitive data
A type of data that includes personally, identifiable, information(PII) , sensitive, personal identifiable (SPII) information, or protected health information (PHI)
27
social engineering
A manipulation technique that exploits human error to gain, private information, access, or valuables
28
spear phishing
A malicious email attack, targeting a specific user or group of users, appearing to originate from a trusted source
29
spyware
malware that’s used to gather and sell information without consent
30
SQL (structured query language)
A programming language used to create, interact with, and request information from a database
31
Threat
Any circumstance, or event that can negatively impact assets
32
threat actor
Any person or group who presents a security risk
33
USB baiting
an attack in which a threat actor strategically leaves a malware USB stick for an employee to find an install to unknowingly infected network
34
virus
Malicious code written to interfere with computer operations, and cause damage to data and software
35
Visual dashboard
A way of displaying various types of data quickly in one place
36
vulnerability
A weakness that can be exploited by a threat
37
vulnerability assessment
The internal review process of an organizations security systems
38
watering hole attack
A type of attack when a threat actor compromises a website frequently visited by a specific group of users
39
Layers of the web
Surface web
Deep web
Dark web
40
risk management framework (7)
Prepare
Categorize
Select
Implement
Assess
Authorize
Monitor
41
RMF Step 1: Prepare
Activities that are necessary to manage security security, and privacy risks before a breach occurs
42
RMF Step 2: Categorize
Used to develop risk management processes and tasks
43
RMF Step 3: Select
Choose, customize, and capture documentation of the controls that protect an organization
44
RMF Step 4: Implement
implement security and privacy plans for the organization
45
RMF Step 5: Assess
Determine if established controls are implemented correctly
46
RMF Step 6: Authorize
Being accountable for the security and privacy risks that may exist in an organization
47
RMF Step 7: Monitor
be aware of how systems are operating
48
Asset
An item perceived is having value to an organization. Assets can be digital or physical.
49
insider threats
Staff members or vendors abuse their authorized access to obtain data that may harm an organization
50
Aavanced persistent threats (APTs)
A threat actor maintains an authorized access to a system for an extended period of time
51
External risk
Anything outside the organization that has the potential to harm organizational assets, such as threat actors, attempting to gain access to private information
52
Internal risk
A current, or former employee, vendor, or trusted partner, who poses a security risk
53
Legacy systems
Old systems that might not be accounted for or updated, but still impact assets, such as workstations or old mainframe systems
54
Multiparty risk
Outsourcing work to third-party vendors, can give them access to intellectual property, such as trade, secrets, software, designs, and inventions
55
software compliance/licensing
Software that is not updated or in compliance, or patches that are not installed in timely manner
56
ProxyLogon
A pre-authenticated vulnerability that affects the Microsoft exchange server. This means a threat actor can complete a user authentication process to deploy malicious code for a remote location.
57
ZeroLogon
A vulnerability in Microsoft net logon authentication protocol. An authentication protocol is a way to verify a persons identity. Net logon is a service insurance, a users identity before allowing access to a websites location
58
Log4Shell
Allows attackers to run Java code on someone else’s computer or leak sensitive information. It does this by enabling a remote attacker to take control of devices, connected to the Internet and run malicious code.
59
PetitPotam
affects windows, new technology, local area network (LAN) manager (NTLM). it is a theft technique that allows a LAN-based attacker to initiate an authentication request.
60
security, logging, and monitoring failures
Insufficient, logging and monitoring capabilities that result in hackers exploiting vulnerabilities without the organization, knowing it
61
server side request, forgery
Allows attackers to manipulate a server, side application into accessing and updating backend resources. It can also allow threat actors to steal data.
62
security posture
In organizations ability to manage its defense, critical assets and data, and react to change
63
Shared responsibility
The idea that all individuals within an organization, take an active role in lowering risk and maintaining both physical and virtual security. Core concept of the security and risk management domain.
64
security framework
Guidelines used for building, plans to help mitigate risk and threats to data and privacy
65
security controls
Safeguards designed to reduce specific security risks
66
encryption
The process of converting data from readable format to an encoded format. Typically involves converting data from plain text to ciphertext.
67
Cyphertext
raw encoded message that is unreadable by people and machines until it has been de-encrypted.
68
authentication
The process of verifying who someone or something is. MFA is an example
69
Vishing
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source
70
authorization
The concept of granting access to specific resources within a system
71
CIA Triad
Confidentiality
Integrity
Availability
72
cyber threat framework (CTF)
According to the office of the Director of national intelligence, the CTF was developed by the US government to provide a common language for describing and communicating information about cyber threat activity
73
International organization for standardization/international electrotechnical commission
(ISO/IEC) 27001
An internationally recognized and used framework is ISO/IEC 27001. ISO 27000 family of standards enables organizations of all sectors and sizes to manage the security of assets, such as financial information, textual property, data, and information. Trust the third parties. This outlines requirements for an information security management system, best practices, and controls to support an organizations ability to manage risks.
74
CIA Triad
A model that helps inform how organizations consider risk when setting up systems in security policies
75
confidentiality
Only authorized users can access specific assets or data
76
integrity
The data is correct, authentic, and reliable
77
availability
Data is accessible to those who are authorized to access it
78
NIST S.P. 800-53
A unified framework for protecting the security of information systems within the federal government
79
NIST CSF Core Functions
Identify
Protect
Detect
Respond
Recover
80
NIST CSF Core Function #1 Identify
The management of cyber security risk, and it’s effect on an organizations, people and assets
81
NIST CSF Core Function #2 Protect
The strategy used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cyber security threats
82
NIST CSF Core Function #3 Detect
Identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections
83
NIST CSF Core Function #4 Respond
Making sure that the proper procedures are used to contain, neutralize, and analyze security, incidents, and implementing improvements to the security process
84
NIST CSF Core Function #5 Recover
process of returning affected systems, back to normal operations
85
attack surface area
refers to all potential vulnerabilities, a thread actor could exploit
86
principle of least privilege
Users have the least amount of access required to perform their everyday tasks
87
defense in depth
Organization should have varying security controls that mitigate risks and threats
88
separation of duties
Critical actions should rely on multiple people, each of whom follow the principle of lease privilege
89
keep security, simple
Avoid unnecessarily complicated solutions. Complexity makes security difficult.
90
fix security issues correctly
When security incident occur, identify the root cause, contain the impact, identify, vulnerabilities, and conduct tests to ensure that remediation is successful
91
establish secure defaults
this principal means that the optimal security state of an application is also its default state for users. It should take extra work to make the application insecure.
92
fail securely
Fail securely means that when a control fails or stops, it should do so by defaulting to its most secure option
93
avoid security by obscurity
The security of key systems should not rely on keeping details hidden.
94
security audit
Review of an organizations, security controls, policies, and procedures against a set of expectations
95
security controls
Safeguards designed to reduce specific security risks
96
attack vectors
The pathways attackers used to penetrate security defenses
97
Open Web application, security project/open worldwide application, security project (OWASP)
a nonprofit organization, focused on improving software security
98
firewall
Network security device that monitors traffic to or from your network. They can also restrict specific incoming and outgoing network traffic.
99
Hub
A network device that broadcast information to every device on the network
100
switch
A device that makes connections between specific devices on a network by sending, and receiving data between them
101
Router
A network device that connects multiple networks together
102
Modem
A device to connect your router to the Internet and brings Internet access to the LAN
103
virtualization tools
Pieces of software that perform network operations
104
cloud, computing
Practice of using remote servers, applications, and network services that are hosted on the Internet Internet instead of on local physical devices
105
cloud network
A collection of servers or computers, that stores, resources, and data and remote data centers that can be accessed via the Internet
106
Data packet
Basic unit of information that travels from one device to another within a network
107
bandwidth
The amount of data a device receives every second
108
speed
The rates at which data packets are received or downloaded
109
packet sniffing
The practice of capturing and inspecting data packets across the network
110
transmission control protocol
In Internet communication protocol that allows two devices to form a connection and stream data
111
Internet protocol
A set of standards used for routing and dressing data packets as they travel between devices on a network
112
Port
A software based location that organizes the sending, and receiving of data between devices on a network
113
network protocols
A set of rules used by two or more devices on a network to describe the order of delivery in the structure of the data
114
transmission control protocol (TCP)
In Internet communications protocol that allows two devices to form a connection and stream data
115
Address resolution protocol (ARP)
A network used to determine the MAC address of the next router or device on the path
116
HyperText Transfer Protocol Secure (HTTPS)
A network protocol that provides a secure method of communication between clients and website servers
117
Domain name system (DNS)
A network protocol that translate Internet domain names into IP addresses
118
user datagram protocol (UDP)
connection list protocol that does not establish a connection between devices before atransmission
119
simple network management protocol (snmp)
Network protocol used for monitoring and managing devices on a network
120
Internet control message protocol (ICMP)
Network protocol used by devices to tell each other about data transmission errors across the network
121
Secure file transfer protocol (sftp)
Secure protocol used to transfer files from one device to another over network
