Chapter 2 Flashcards
(108 cards)
1
Q
Threat Actor
A
An entity responsible for an event that impacts safety, such as a malicious hacker, insider, or nation-state.
2
Q
Advanced Persistent Threat (APT)
A
A sophisticated, continuous cyberattack typically orchestrated by nation-states, targeting specific data or infrastructure.
3
Q
Hacktivist
A
An individual or group that uses hacking to promote a political or social agenda.
4
Q
Shadow IT
A
Technology used within an organization without the knowledge or approval of the IT department.
5
Q
Threat Vector
A
The method or pathway used by a threat actor to gain access to a target system.
6
Q
Attack Vector
A
The specific technique or method used to exploit a vulnerability.
7
Q
Insider Threat
A
A security risk that originates from people within the organization.
8
Q
Script Kiddie
A
An individual with limited technical skills who uses existing tools to conduct attacks.
9
Q
Zero-Day Exploit
A
An attack that exploits a previously unknown vulnerability before a patch is available.
10
Q
Ransomware
A
Malicious software that encrypts files and demands payment for decryption.
11
Q
Phishing
A
A social engineering attack that uses fraudulent emails to steal sensitive information.
12
Q
Spear Phishing
A
A targeted phishing attack directed at specific individuals or organizations.
13
Q
Whaling
A
A phishing attack specifically targeting high-profile individuals like executives.
14
Q
Vishing
A
Voice phishing conducted over the phone to extract sensitive information.
15
Q
Smishing
A
SMS-based phishing attacks using text messages.
16
Q
Pretexting
A
Creating a fabricated scenario to engage a victim and steal information.
17
Q
Baiting
A
Offering something enticing to spark curiosity and prompt unsafe actions.
18
Q
Quid Pro Quo
A
Offering a service or benefit in exchange for information or access.
19
Q
Tailgating
A
Following an authorized person into a restricted area without permission.
20
Q
Shoulder Surfing
A
Observing someone’s screen or keypad to gather sensitive information.
21
Q
Dumpster Diving
A
Searching through discarded materials to find sensitive information.
22
Q
Watering Hole Attack
A
Compromising websites frequently visited by a target group.
23
Q
Business Email Compromise (BEC)
A
A sophisticated scam targeting businesses working with foreign suppliers or regularly performing wire transfers.
24
Q
Typosquatting
A
Registering domains with common misspellings of legitimate sites to deceive users.
25
Pharming
Redirecting users from legitimate websites to fraudulent ones without their knowledge.
26
Log4j Vulnerability
A critical remote code execution flaw in Apache Log4j library, exploitable via crafted log messages.
27
Spring Cloud Function Vulnerability
An RCE flaw in the Spring framework allowing attackers to execute arbitrary code.
28
Supply Chain Attack
Targeting vulnerabilities in third-party vendors or service providers to compromise a system.
29
Symmetric Encryption
Uses the same key for both encryption and decryption; fast but requires secure key distribution.
30
Asymmetric Encryption
Uses a pair of keys (public and private); slower but enables secure communication without prior key exchange.
31
Hashing
One-way mathematical function that produces a fixed-length output (digest) from variable input data.
32
Digital Signature
Cryptographic mechanism that provides authentication, non-repudiation, and integrity using the sender's private key.
33
Certificate Authority (CA)
Trusted third party that issues and manages digital certificates for public key infrastructure.
34
Public Key Infrastructure (PKI)
Framework of encryption and cybersecurity that protects communications and data transfer.
35
AES (Advanced Encryption Standard)
Symmetric encryption algorithm that uses 128, 192, or 256-bit keys; current US government standard.
36
RSA
Asymmetric encryption algorithm based on the difficulty of factoring large prime numbers.
37
SHA (Secure Hash Algorithm)
Family of cryptographic hash functions including SHA-1, SHA-256, and SHA-3.
38
MD5
Cryptographic hash function producing 128-bit hash values; now considered cryptographically broken.
39
Perfect Forward Secrecy
Ensures session keys won't be compromised even if long-term secret keys are compromised.
40
Key Escrow
Practice of storing cryptographic keys with a trusted third party for potential recovery.
41
Certificate Revocation List (CRL)
List of digital certificates revoked before their expiration date.
42
OCSP (Online Certificate Status Protocol)
Internet protocol for obtaining the revocation status of digital certificates.
43
Elliptic Curve Cryptography (ECC)
Public key cryptography based on elliptic curves; provides same security as RSA with smaller key sizes.
44
Firewall
Network security device that monitors and filters network traffic based on predetermined security rules.
45
Intrusion Detection System (IDS)
Monitors network traffic and system activities for malicious activities and policy violations.
46
Intrusion Prevention System (IPS)
Active security device that monitors, detects, and can automatically block suspicious activities.
47
Network Access Control (NAC)
Security solution that controls access to network resources based on device compliance and user identity.
48
DMZ (Demilitarized Zone)
Network segment that separates internal networks from external networks using firewalls.
49
VPN (Virtual Private Network)
Secure connection over public networks using encryption and tunneling protocols.
50
SSL/TLS
Cryptographic protocols that provide secure communication over computer networks.
51
IPSec
Suite of protocols for securing Internet Protocol communications through authentication and encryption.
52
SIEM (Security Information and Event Management)
Technology that combines security information management and security event management.
53
Honeypot
Decoy system designed to attract and detect unauthorized access attempts.
54
Web Application Firewall (WAF)
Filters, monitors, and blocks HTTP traffic to and from web applications.
55
Load Balancer
Distributes network traffic across multiple servers to ensure optimal resource utilization.
56
Proxy Server
Intermediary server that separates clients from servers they're requesting resources from.
57
Jump Server
Hardened computer that provides secure access to devices in different security zones.
58
VLAN (Virtual Local Area Network)
Logical grouping of devices on different physical networks into one broadcast domain.
59
Network Segmentation
Practice of dividing computer networks into smaller parts to improve performance and security.
60
Port Security
Feature that restricts input to switch ports by limiting and identifying MAC addresses.
61
802.1X
IEEE standard for port-based network access control providing authentication for devices.
62
RADIUS
Networking protocol providing centralized authentication, authorization, and accounting management.
63
TACACS+
Protocol that provides authentication, authorization, and accounting services for network access.
64
Authentication
Process of verifying the identity of a user, device, or system.
65
Authorization
Process of granting or denying access to resources based on authenticated identity.
66
Accounting/Auditing
Process of tracking user activities and resource usage for security and compliance.
67
Multi-Factor Authentication (MFA)
Security process requiring two or more verification factors to gain access.
68
Single Sign-On (SSO)
Authentication process allowing users to access multiple applications with one set of credentials.
69
LDAP (Lightweight Directory Access Protocol)
Protocol for accessing and maintaining distributed directory information services.
70
Active Directory
Microsoft's directory service that provides authentication and authorization services.
71
Kerberos
Network authentication protocol using secret-key cryptography and trusted third-party authentication.
72
SAML (Security Assertion Markup Language)
XML standard for exchanging authentication and authorization data.
73
OAuth
Authorization framework enabling applications to obtain limited access to user accounts.
74
OpenID Connect
Identity layer on top of OAuth 2.0 providing user authentication capabilities.
75
Role-Based Access Control (RBAC)
Access control method based on user roles within an organization.
76
Attribute-Based Access Control (ABAC)
Access control method using attributes of users, resources, and environment.
77
Privileged Access Management (PAM)
Security strategy for controlling and monitoring access to critical systems and data.
78
Just-in-Time (JIT) Access
Security practice providing temporary access to resources only when needed.
79
Vulnerability Assessment
Systematic process of identifying, quantifying, and prioritizing security vulnerabilities.
80
Penetration Testing
Authorized simulated cyberattack to evaluate system security and identify exploitable vulnerabilities.
81
Red Team
Group that simulates attacks to test an organization's detection and response capabilities.
82
Blue Team
Group responsible for defending against attacks and improving security posture.
83
Purple Team
Collaborative approach combining red and blue team activities for continuous improvement.
84
CVSS (Common Vulnerability Scoring System)
Standard for rating the severity of security vulnerabilities.
85
CVE (Common Vulnerabilities and Exposures)
Dictionary of publicly disclosed cybersecurity vulnerabilities.
86
NIST Cybersecurity Framework
Framework providing guidelines for organizations to manage cybersecurity risks.
87
OWASP Top 10
List of the most critical web application security risks updated regularly.
88
Nessus
Vulnerability scanner that identifies security holes, malware, and compliance issues.
89
Metasploit
Penetration testing framework providing information about security vulnerabilities.
90
Nmap
Network discovery and security auditing tool for finding hosts and services on networks.
91
Incident Response Plan
Documented procedures for detecting, responding to, and recovering from security incidents.
92
CSIRT (Computer Security Incident Response Team)
Group responsible for coordinating incident response activities.
93
Chain of Custody
Documentation tracking the handling of evidence from collection to court presentation.
94
Digital Forensics
Process of identifying, collecting, analyzing, and preserving digital evidence.
95
Indicators of Compromise (IoC)
Evidence that suggests a system has been breached or compromised.
96
SIEM Correlation
Process of analyzing security events from multiple sources to identify potential threats.
97
Playbook
Collection of repeatable procedures for incident response and threat hunting activities.
98
Root Cause Analysis
Method of problem-solving that identifies the fundamental cause of incidents.
99
Business Continuity Plan (BCP)
Strategy outlining how business will continue operating during and after disruption.
100
Disaster Recovery Plan (DRP)
Procedures for restoring IT systems and data after a disaster or major incident.
101
Risk Assessment
Process of identifying, analyzing, and evaluating potential risks to organizational assets.
102
Risk Register
Document listing identified risks, their probability, impact, and mitigation strategies.
103
GDPR (General Data Protection Regulation)
EU regulation governing data protection and privacy rights.
104
HIPAA
US law establishing privacy and security standards for protected health information.
105
SOX (Sarbanes-Oxley Act)
US law establishing auditing and reporting requirements for public companies.
106
PCI DSS
Security standard for organizations handling credit card information.
107
Data Loss Prevention (DLP)
Strategy and tools for preventing unauthorized access to and transmission of sensitive data.
108
Privacy Impact Assessment (PIA)
Process for evaluating privacy risks in systems, programs, or activities.
