Core Definitions Flashcards
(439 cards)
1
Q
What is an Absolute file path?
A
The full file path, which starts from the root.
2
Q
What are Access controls?
A
Security controls that manage access, authorization, and accountability of information.
3
Q
What is Active packet sniffing?
A
A type of attack where data packets are manipulated in transit.
4
Q
What is Address Resolution Protocol (ARP)?
A
A network protocol used to determine the MAC address of the next router or device on the path.
5
Q
What is an Advanced persistent threat (APT)?
A
An instance when a threat actor maintains unauthorized access to a system for an extended period of time.
6
Q
What is Adversarial artificial intelligence (AAI)?
A
A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently.
7
Q
What is Adware?
A
A type of legitimate software that is sometimes used to display digital advertisements in applications.
8
Q
What is an Algorithm?
A
A set of rules used to solve a problem.
9
Q
What is Analysis in cybersecurity?
A
The investigation and validation of alerts.
10
Q
What is Angler phishing?
A
A technique where attackers impersonate customer service representatives on social media.
11
Q
What is Anomaly-based analysis?
A
A detection method that identifies abnormal behavior.
12
Q
What is Antivirus software?
A
A software program used to prevent, detect, and eliminate malware and viruses.
13
Q
What is an Application?
A
A program that performs a specific task.
14
Q
What is an Application programming interface (API) token?
A
A small block of encrypted code that contains information about a user.
15
Q
What is an Argument in Linux?
A
Specific information needed by a command in the CLI.
16
Q
What is an Argument in Python?
A
The data brought into a function when it is called.
17
Q
What is an Array?
A
A data type that stores data in a comma-separated ordered list.
18
Q
What does Assess mean in the NIST RMF?
A
The fifth step of the NIST RMF that means to determine if established controls are implemented correctly.
19
Q
What is an Asset?
A
An item perceived as having value to an organization.
20
Q
What is Asset classification?
A
The practice of labeling assets based on sensitivity and importance to an organization.
21
Q
What is Asset inventory?
A
A catalog of assets that need to be protected.
22
Q
What is Asset management?
A
The process of tracking assets and the risks that affect them.
23
Q
What is Asymmetric encryption?
A
The use of a public and private key pair for encryption and decryption of data.
24
Q
What is an Attack surface?
A
All the potential vulnerabilities that a threat actor could exploit.
25
What is an Attack tree?
A diagram that maps threats to assets.
26
What are Attack vectors?
The pathways attackers use to penetrate security defenses.
27
What is Authentication?
The process of verifying who someone is.
28
What is Authorization?
The concept of granting access to specific resources in a system.
29
What does Authorize mean in the NIST RMF?
The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that might exist in an organization.
30
What is Automation?
The use of technology to reduce human and manual effort to perform common and repetitive tasks.
31
What is Availability in cybersecurity?
The idea that data is accessible to those who are authorized to access it.
32
What is Baiting?
A social engineering tactic that tempts people into compromising their security.
33
What is Bandwidth?
The maximum data transmission capacity over a network, measured by bits per second.
34
What is Baseline configuration?
A documented set of specifications within a system that is used as a basis for future builds, releases, and updates.
35
What is Bash?
The default shell in most Linux distributions.
36
What is Basic auth?
The technology used to establish a user’s request to access a server.
37
What is Basic Input/Output System (BIOS)?
A microchip that contains loading instructions for the computer and is prevalent in older systems.
38
What are Biometrics?
The unique physical characteristics that can be used to verify a person’s identity.
39
What is a Bit?
The smallest unit of data measurement on a computer.
40
What is Boolean data?
Data that can only be one of two values: either True or False.
41
What is a Bootloader?
A software program that boots the operating system.
42
What is a Botnet?
A collection of computers infected by malware that are under the control of a single threat actor, known as the 'bot-herder'.
43
What is Bracket notation?
The indices placed in square brackets.
44
What is a Broken chain of custody?
Inconsistencies in the collection and logging of evidence in the chain of custody.
45
What is a Brute force attack?
The trial and error process of discovering private information.
46
What is a Bug bounty?
Programs that encourage freelance hackers to find and report vulnerabilities.
47
What is a Built-in function?
A function that exists within Python and can be called directly.
48
What is Business continuity?
An organization's ability to maintain their everyday productivity by establishing risk disaster recovery plans.
49
What is a Business continuity plan (BCP)?
A document that outlines the procedures to sustain business operations during and after a significant disruption.
50
What is Business Email Compromise (BEC)?
A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage.
51
What does Categorize mean in the NIST RMF?
The second step of the NIST RMF that is used to develop risk management processes and tasks.
52
What is CentOS?
An open-source distribution that is closely related to Red Hat.
53
What is Central Processing Unit (CPU)?
A computer’s main processor, which is used to perform general computing tasks on a computer.
54
What is Chain of custody?
The process of documenting evidence possession and control during an incident lifecycle.
55
What is Chronicle?
A cloud-native tool designed to retain, analyze, and search data.
56
What is a Cipher?
An algorithm that encrypts information.
57
What are Cloud-based firewalls?
Software firewalls that are hosted by the cloud service provider.
58
What is Cloud computing?
The practice of using remote servers, applications, and network services that are hosted on the internet instead of on local physical devices.
59
What is a Cloud network?
A collection of servers or computers that stores resources and data in remote data centers that can be accessed via the internet.
60
What is Cloud security?
The process of ensuring that assets stored in the cloud are properly configured and access to those assets is limited to authorized users.
61
What is a Command?
An instruction telling the computer to do something.
62
What is Command and control (C2)?
The techniques used by malicious actors to maintain communications with compromised systems.
63
What is a Command-line interface (CLI)?
A text-based user interface that uses commands to interact with the computer.
64
What is a Comment in programming?
A note programmers make about the intention behind their code.
65
What is Common Event Format (CEF)?
A log format that uses key-value pairs to structure data and identify fields and their corresponding values.
66
What is the Common Vulnerabilities and Exposures (CVE®) list?
An openly accessible dictionary of known vulnerabilities and exposures.
67
What is the Common Vulnerability Scoring System (CVSS)?
A measurement system that scores the severity of a vulnerability.
68
What is Compliance?
The process of adhering to internal standards and external regulations.
69
What are Computer security incident response teams (CSIRT)?
A specialized group of security professionals that are trained in incident management and response.
70
What is a Computer virus?
Malicious code written to interfere with computer operations and cause damage to data and software.
71
What is a Conditional statement?
A statement that evaluates code to determine if it meets a specified set of conditions.
72
What is Confidentiality?
The idea that only authorized users can access specific assets or data.
73
What is Confidential data?
Data that often has limits on the number of people who have access to it.
74
What is the Confidentiality, integrity, availability (CIA) triad?
A model that helps inform how organizations consider risk when setting up systems and security policies.
75
What is a Configuration file?
A file used to configure the settings of an application.
76
What is Containment?
The act of limiting and preventing additional damage caused by an incident.
77
What is a Controlled zone?
A subnet that protects the internal network from the uncontrolled zone.
78
What is Cross-site scripting (XSS)?
An injection attack that inserts code into a vulnerable website or web application.
79
What is Crowdsourcing?
The practice of gathering information using public input and collaboration.
80
What is a Cryptographic attack?
An attack that affects secure forms of communication between a sender and intended recipient.
81
What is a Cryptographic key?
A mechanism that decrypts ciphertext.
82
What is Cryptography?
The process of transforming information into a form that unintended readers can’t understand.
83
What is Cryptojacking?
A form of malware that installs software to illegally mine cryptocurrencies.
84
What is a CVE Numbering Authority (CNA)?
An organization that volunteers to analyze and distribute information on eligible CVEs.
85
What is Cybersecurity?
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
86
What is Data?
Information that is translated, processed, or stored by a computer.
87
What is Data at rest?
Data not currently being accessed.
88
What is a Database?
An organized collection of information or data.
89
What is a Data controller?
A person that determines the procedure and purpose for processing data.
90
What is a Data custodian?
Anyone or anything that’s responsible for the safe handling, transport, and storage of information.
91
What is Data exfiltration?
Unauthorized transmission of data from a system.
92
What is Data in transit?
Data traveling from one point to another.
93
What is Data in use?
Data being accessed by one or more users.
94
What is a Data owner?
The person who decides who can access, edit, use, or destroy their information.
95
What is a Data packet?
A basic unit of information that travels from one device to another within a network.
96
What is a Data point?
A specific piece of information.
97
What is a Data processor?
A person that is responsible for processing data on behalf of the data controller.
98
What is a Data protection officer (DPO)?
An individual that is responsible for monitoring the compliance of an organization's data protection procedures.
99
What is a Data type?
A category for a particular type of data item.
100
What is Date and time data?
Data representing a date and/or time.
101
What is a Debugger?
A software tool that helps to locate the source of an error and assess its causes.
102
What is Debugging?
The practice of identifying and fixing errors in code.
103
What is Defense in depth?
A layered approach to vulnerability management that reduces risk.
104
What is a Denial of service (DoS) attack?
An attack that targets a network or server and floods it with network traffic.
105
What does Detect mean in NIST?
A NIST core function related to identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections.
106
What is Detection?
The prompt discovery of security events.
107
What is Dictionary data?
Data that consists of one or more key-value pairs.
108
What is a Digital certificate?
A file that verifies the identity of a public key holder.
109
What is Digital forensics?
The practice of collecting and analyzing data to determine what has happened after an attack.
110
What is a Directory?
A file that organizes where other files are stored.
111
What is a Disaster recovery plan?
A plan that allows an organization’s security team to outline the steps needed to minimize the impact of a security incident.
112
What is a Distributed denial of service (DDoS) attack?
A type of denial of service attack that uses multiple devices or servers located in different locations to flood the target network with unwanted traffic.
113
What are Distributions in Linux?
The different versions of Linux.
114
What is Documentation?
Any form of recorded content that is used for a specific purpose.
115
What is a DOM-based XSS attack?
An instance when malicious script exists in the webpage a browser loads.
116
What is Domain Name System (DNS)?
A networking protocol that translates internet domain names into IP addresses.
117
What is a Dropper?
A type of malware that comes packed with malicious code which is delivered and installed onto a target system.
118
What is an Elevator pitch?
A brief summary of your experience, skills, and background.
119
What is Encapsulation?
A process performed by a VPN service that protects your data by wrapping sensitive data in other data packets.
120
What is Encryption?
The process of converting data from a readable format to an encoded format.
121
What is an Endpoint?
Any device connected on a network.
122
What is Endpoint detection and response (EDR)?
An application that monitors an endpoint for malicious activity.
123
What is Eradication?
The complete removal of the incident elements from all affected systems.
124
What is an Escalation policy?
A set of actions that outline who should be notified when an incident alert occurs and how that incident should be handled.
125
What is an Event?
An observable occurrence on a network, system, or device.
126
What is an Exception?
An error that involves code that cannot be executed even though it is syntactically correct.
127
What is an Exclusive operator?
An operator that does not include the value of comparison.
128
What is an Exploit?
A way of taking advantage of a vulnerability.
129
What is Exposure?
A mistake that can be exploited by a threat.
130
What is an External threat?
Anything outside the organization that has the potential to harm organizational assets.
131
What is a false negative?
A state where the presence of a threat is not detected.
132
What is a false positive?
An alert that incorrectly detects the presence of a threat.
133
What is fileless malware?
Malware that does not need to be installed by the user because it uses legitimate programs that are already installed to infect a computer.
134
What is a file path?
The location of a file or directory.
135
What is the Filesystem Hierarchy Standard (FHS)?
The component of the Linux OS that organizes data.
136
What is filtering?
Selecting data that match a certain condition.
137
What is a final report?
Documentation that provides a comprehensive review of an incident.
138
What is a firewall?
A network security device that monitors traffic to or from a network.
139
What is float data?
Data consisting of a number with a decimal point.
140
What is a foreign key?
A column in a table that is a primary key in another table.
141
What is a forward proxy server?
A server that regulates and restricts a person’s access to the internet.
142
What is a function in programming?
A section of code that can be reused in a program.
143
What is a global variable?
A variable that is available through the entire program.
144
What is a graphical user interface (GUI)?
A user interface that uses icons on the screen to manage different tasks on the computer.
145
Who is a hacker?
Any person who uses computers to gain access to computer systems, networks, or data.
146
What is a hacktivist?
A person who uses hacking to achieve a political goal.
147
What is a hard drive?
A hardware component used for long-term memory.
148
What is hardware?
The physical components of a computer.
149
What is a hash collision?
An instance when different inputs produce the same hash value.
150
What is a hash function?
An algorithm that produces a code that can’t be decrypted.
151
What is a hash table?
A data structure that's used to store and reference hash values.
152
What is the Health Insurance Portability and Accountability Act (HIPAA)?
A U.S. federal law established to protect patients’ health information.
153
What is a honeypot?
A system or resource created as a decoy vulnerable to attacks with the purpose of attracting potential intruders.
154
What is a host-based intrusion detection system (HIDS)?
An application that monitors the activity of the host on which it’s installed.
155
What is a hub?
A network device that broadcasts information to every device on the network.
156
What is Hypertext Transfer Protocol (HTTP)?
An application layer protocol that provides a method of communication between clients and website servers.
157
What is Hypertext Transfer Protocol Secure (HTTPS)?
A network protocol that provides a secure method of communication between clients and website servers.
158
What does it mean to identify in cybersecurity?
A NIST core function related to management of cybersecurity risk and its effect on an organization’s people and assets.
159
What is identity and access management (IAM)?
A collection of processes and technologies that helps organizations manage digital identities in their environment.
160
What is IEEE 802.11 (Wi-Fi)?
A set of standards that define communication for wireless LANs.
161
What does immutable mean in programming?
An object that cannot be changed after it is created and assigned a value.
162
What does it mean to implement in the NIST RMF?
The fourth step of the NIST RMF that means to implement security and privacy plans for an organization.
163
What is improper usage?
An incident type that occurs when an employee of an organization violates the organization’s acceptable use policies.
164
What is an incident?
An occurrence that actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies.
165
What is incident escalation?
The process of identifying a potential security incident, triaging it, and handing it off to a more experienced team member.
166
What is an incident handler’s journal?
A form of documentation used in incident response.
167
What is incident response?
An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach.
168
What is an incident response plan?
A document that outlines the procedures to take in each step of incident response.
169
What is an inclusive operator?
An operator that includes the value of comparison.
170
What is indentation in programming?
Space added at the beginning of a line of code.
171
What is an index?
A number assigned to every element in a sequence that indicates its position.
172
What are indicators of attack (IoA)?
The series of observed events that indicate a real-time incident.
173
What are indicators of compromise (IoC)?
Observable evidence that suggests signs of a potential security incident.
174
What is information privacy?
The protection of unauthorized access and distribution of data.
175
What is information security (InfoSec)?
The practice of keeping data in all states away from unauthorized users.
176
What is an injection attack?
Malicious code inserted into a vulnerable application.
177
What is input validation?
Programming that validates inputs from users and other programs.
178
What is integer data?
Data consisting of a number that does not include a decimal point.
179
What is an integrated development environment (IDE)?
A software application for writing code that provides editing assistance and error correction tools.
180
What is integrity in data?
The idea that the data is correct, authentic, and reliable.
181
What is internal hardware?
The components required to run the computer.
182
What is an internal threat?
A current or former employee, external vendor, or trusted partner who poses a security risk.
183
What is Internet Control Message Protocol (ICMP)?
An internet protocol used by devices to tell each other about data transmission errors across the network.
184
What is an Internet Control Message Protocol flood (ICMP flood)?
A type of DoS attack performed by an attacker repeatedly sending ICMP request packets to a network server.
185
What is Internet Protocol (IP)?
A set of standards used for routing and addressing data packets as they travel between devices on a network.
186
What is an Internet Protocol (IP) address?
A unique string of characters that identifies the location of a device on the internet.
187
What is an interpreter?
A computer program that translates Python code into runnable instructions line by line.
188
What is an intrusion detection system (IDS)?
An application that monitors system activity and alerts on possible intrusions.
189
What is an intrusion prevention system (IPS)?
An application that monitors system activity for intrusive activity and takes action to stop the activity.
190
What is IP spoofing?
A network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network.
191
What is an iterative statement?
Code that repeatedly executes a set of instructions.
192
What is KALI LINUX ™?
An open-source distribution of Linux that is widely used in the security industry.
193
What is a kernel?
The component of the Linux OS that manages processes and memory.
194
What is a key-value pair?
A set of data that represents two linked items: a key, and its corresponding value.
195
What is a legacy operating system?
An operating system that is outdated but still being used.
196
What is a lessons learned meeting?
A meeting that includes all involved parties after a major incident.
197
What is a library in programming?
A collection of modules that provide code users can access in their programs.
198
What is Linux?
An open-source operating system.
199
What is list concatenation?
The concept of combining two lists into one by placing the elements of the second list directly after the elements of the first list.
200
What is list data?
Data structure that consists of a collection of data in sequential form.
201
What is a loader?
A type of malware that downloads strains of malicious code from an external source and installs them onto a target system.
202
What is a Local Area Network (LAN)?
A network that spans small areas like an office building, a school, or a home.
203
What is a local variable?
A variable assigned within a function.
204
What is a log?
A record of events that occur within an organization’s systems.
205
What is log analysis?
The process of examining logs to identify events of interest.
206
What is logging?
The recording of events occurring on computer systems and networks.
207
What is a logic error?
An error that results when the logic used in code produces unintended results.
208
What is log management?
The process of collecting, storing, analyzing, and disposing of log data.
209
What is a loop condition?
The part of a loop that determines when the loop terminates.
210
What is a loop variable?
A variable that is used to control the iterations of a loop.
211
What is malware?
Software designed to harm devices or networks.
212
What is a malware infection?
An incident type that occurs when malicious software designed to disrupt a system infiltrates an organization’s computers or network.
213
What is a Media Access Control (MAC) address?
A unique alphanumeric identifier that is assigned to each physical device on a network.
214
What is a method in programming?
A function that belongs to a specific data type.
215
What are metrics in software applications?
Key technical attributes such as response time, availability, and failure rate, which are used to assess the performance of a software application.
216
What is MITRE?
A collection of non-profit research and development centers.
217
What is a modem?
A device that connects your router to the internet and brings internet access to the LAN.
218
What is a module in Python?
A Python file that contains additional functions, variables, classes, and any kind of runnable code.
219
What is monitor in the NIST RMF?
The seventh step of the NIST RMF that means be aware of how systems are operating.
220
What is multi-factor authentication (MFA)?
A security measure that requires a user to verify their identity in two or more ways to access a system or network.
221
What is nano?
A command-line file editor that is available by default in many Linux distributions.
222
What is the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)?
A voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.
223
What is the National Institute of Standards and Technology (NIST) Incident Response Lifecycle?
A framework for incident response consisting of four phases: Preparation; Detection and Analysis; Containment, Eradication and Recovery, and Post-incident activity.
224
What is the National Institute of Standards and Technology (NIST) Special Publication (S.P.) 800-53?
A unified framework for protecting the security of information systems within the U.S. federal government.
225
What is a network?
A group of connected devices.
226
What is a network-based intrusion detection system (NIDS)?
An application that collects and monitors network traffic and network data.
227
What is network data?
The data that’s transmitted between devices on a network.
228
What is a Network Interface Card (NIC)?
Hardware that connects computers to a network.
229
What is network log analysis?
The process of examining network logs to identify events of interest.
230
What is a network protocol analyzer (packet sniffer)?
A tool designed to capture and analyze data traffic within a network.
231
What are network protocols?
A set of rules used by two or more devices on a network to describe the order of delivery and the structure of data.
232
What is network security?
The practice of keeping an organization's network infrastructure secure from unauthorized access.
233
What is network segmentation?
A security technique that divides the network into segments.
234
What is network traffic?
The amount of data that moves across a network.
235
What is non-repudiation?
The concept that the authenticity of information can’t be denied.
236
What is a notebook in programming?
An online interface for writing, storing, and running code.
237
What is numeric data?
Data consisting of numbers.
238
What is OAuth?
An open-standard authorization protocol that shares designated access between applications.
239
What is an Object?
A data type that stores data in a comma-separated list of key-value pairs.
240
What is an On-path attack?
An attack where a malicious actor places themselves in the middle of an authorized connection and intercepts or alters the data in transit.
241
What is Open-source intelligence (OSINT)?
The collection and analysis of information from publicly available sources to generate usable intelligence.
242
What is the Open systems interconnection (OSI) model?
A standardized concept that describes the seven layers computers use to communicate and send data over the network.
243
What is OWASP?
A non-profit organization focused on improving software security.
244
What is an Operating system (OS)?
The interface between computer hardware and the user.
245
What is an Operator?
A symbol or keyword that represents an operation.
246
What are Options in a command?
Input that modifies the behavior of a command.
247
What is the Order of volatility?
A sequence outlining the order of data that must be preserved from first to last.
248
What is the OWASP Top 10?
A globally recognized standard awareness document that lists the top 10 most critical security risks to web applications.
249
What is a Package?
A piece of software that can be combined with other packages to form an application.
250
What is a Package manager?
A tool that helps users install, manage, and remove packages or applications.
251
What is Packet capture (P-cap)?
A file containing data packets intercepted from an interface or network.
252
What is Packet sniffing?
The practice of capturing and inspecting data packets across a network.
253
What is a Parameter in Python?
An object that is included in a function definition for use in that function.
254
What is Parrot?
An open-source distribution that is commonly used for security.
255
What is Parsing?
The process of converting data into a more readable format.
256
What is Passive packet sniffing?
A type of attack where a malicious actor connects to a network hub and looks at all traffic on the network.
257
What is a Password attack?
An attempt to access password secured devices, systems, networks, or data.
258
What is a Patch update?
A software and operating system update that addresses security vulnerabilities within a program or product.
259
What are Payment Card Industry Data Security Standards (PCI DSS)?
A set of security standards formed by major organizations in the financial industry.
260
What is a Penetration test (pen test)?
A simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes.
261
What is the PEP 8 style guide?
A resource that provides stylistic guidelines for programmers working in Python.
262
What are Peripheral devices?
Hardware components that are attached and controlled by the computer system.
263
What are Permissions?
The type of access granted for a file or directory.
264
What is Personally identifiable information (PII)?
Any information used to infer an individual's identity.
265
What is Phishing?
The use of digital communications to trick people into revealing sensitive data or deploying malicious software.
266
What is a Phishing kit?
A collection of software tools needed to launch a phishing campaign.
267
What is a Physical attack?
A security incident that affects not only digital but also physical environments where the incident is deployed.
268
What is Physical social engineering?
An attack in which a threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.
269
What is a Ping of death?
A type of DoS attack caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64KB.
270
What is a Playbook?
A manual that provides details about any operational action.
271
What is a Policy?
A set of rules that reduce risk and protect information.
272
What is a Port?
A software-based location that organizes the sending and receiving of data between devices on a network.
273
What is Port filtering?
A firewall function that blocks or allows certain port numbers to limit unwanted communication.
274
What is Post-incident activity?
The process of reviewing an incident to identify areas for improvement during incident handling.
275
What is a Potentially unwanted application (PUA)?
A type of unwanted software that is bundled in with legitimate programs which might display ads, cause device slowdown, or install other software.
276
What is Private data?
Information that should be kept from the public.
277
What does Prepare mean in the NIST RMF?
The first step of the NIST RMF related to activities that are necessary to manage security and privacy risks before a breach occurs.
278
What is a Prepared statement?
A coding technique that executes SQL statements before passing them on to a database.
279
What is a Primary key?
A column where every row has a unique entry.
280
What is the Principle of least privilege?
The concept of granting only the minimal access and authorization required to complete a task or function.
281
What is Privacy protection?
The act of safeguarding personal information from unauthorized use.
282
What are Procedures?
Step-by-step instructions to perform a specific security task.
283
What is the Process of Attack Simulation and Threat Analysis (PASTA)?
A popular threat modeling framework that’s used across many industries.
284
What is Programming?
A process that can be used to create a specific set of instructions for a computer to execute tasks.
285
What does Protect mean in the NIST RMF?
A NIST core function used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats.
286
What is Protected health information (PHI)?
Information that relates to the past, present, or future physical or mental health or condition of an individual.
287
What does Protecting and preserving evidence entail?
The process of properly working with fragile and volatile digital evidence.
288
What is a Proxy server?
A server that fulfills the requests of its clients by forwarding them to other servers.
289
What is Public data?
Data that is already accessible to the public and poses a minimal risk to the organization if viewed or shared by others.
290
What is Public key infrastructure (PKI)?
An encryption framework that secures the exchange of online information.
291
What is the Python Standard Library?
An extensive collection of Python code that often comes packaged with Python.
292
What is a Query?
A request for data from a database table or a combination of tables.
293
What does Quid pro quo mean?
A type of baiting used to trick someone into believing that they’ll be rewarded in return for sharing access, information, or money.
294
What is a Rainbow table?
A file of pre-generated hash values and their associated plaintext.
295
What is Random Access Memory (RAM)?
A hardware component used for short-term memory.
296
What is Ransomware?
A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.
297
What is Rapport?
A friendly relationship in which the people involved understand each other’s ideas and communicate well with each other.
298
What does Recover mean in the NIST RMF?
A NIST core function related to returning affected systems back to normal operation.
299
What is Recovery?
The process of returning affected systems back to normal operations.
300
What is Red Hat® Enterprise Linux®?
A subscription-based distribution of Linux built for enterprise use.
301
What is a Reflected XSS attack?
An instance when malicious script is sent to a server and activated during the server’s response.
302
What is a Regular expression (regex)?
A sequence of characters that forms a pattern.
303
What are Regulations?
Rules set by a government or other authority to control the way something is done.
304
What is a Relational database?
A structured database containing tables that are related to each other.
305
What is a Relative file path?
A file path that starts from the user's current directory.
306
What is a Replay attack?
A network attack performed when a malicious actor intercepts a data packet in transit and delays it or repeats it at another time.
307
What is Resiliency?
The ability to prepare for, respond to, and recover from disruptions.
308
What does Respond mean in the NIST RMF?
A NIST core function related to making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process.
309
What is a Return statement in Python?
A Python statement that executes inside a function and sends information back to the function call.
310
What is a Reverse proxy server?
A server that regulates and restricts the internet's access to an internal server.
311
What is Risk?
Anything that can impact the confidentiality, integrity, or availability of an asset.
312
What is Risk mitigation?
The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach.
313
What is a Root directory?
The highest-level directory in Linux.
314
What is a Rootkit?
Malware that provides remote, administrative access to a computer.
315
What is a Root user (or superuser)?
A user with elevated privileges to modify the system.
316
What is a Router?
A network device that connects multiple networks together.
317
What is Salting?
An additional safeguard that’s used to strengthen hash functions.
318
What is Scareware?
Malware that employs tactics to frighten users into infecting their device.
319
What is Search Processing Language (SPL)?
Splunk’s query language.
320
What is Secure File Transfer Protocol (SFTP)?
A secure protocol used to transfer files from one device to another over a network.
321
What is Secure shell (SSH)?
A security protocol used to create a shell with a remote system.
322
What is Security architecture?
A type of security design composed of multiple components, such as tools and processes, that are used to protect an organization from risks and external threats.
323
What is a Security audit?
A review of an organization's security controls, policies, and procedures against a set of expectations.
324
What are Security controls?
Safeguards designed to reduce specific security risks.
325
What are Security ethics?
Guidelines for making appropriate decisions as a security professional.
326
What are Security frameworks?
Guidelines used for building plans to help mitigate risk and threats to data and privacy.
327
What is Security governance?
Practices that help support, define, and direct security efforts of an organization.
328
What is Security hardening?
The process of strengthening a system to reduce its vulnerabilities and attack surface.
329
What is Security information and event management (SIEM)?
An application that collects and analyzes log data to monitor critical activities in an organization.
330
What is a Security mindset?
The ability to evaluate risk and constantly seek out and identify the potential or actual breach of a system, application, or data.
331
What is a Security operations center (SOC)?
An organizational unit dedicated to monitoring networks, systems, and devices for security threats or attacks.
332
What is Security orchestration, automation, and response (SOAR)?
A collection of applications, tools, and workflows that use automation to respond to security events.
333
What is a Security posture?
An organization’s ability to manage its defense of critical assets and data and react to change.
334
What is a Security zone?
A segment of a company’s network that protects the internal network from the internet.
335
What does Select mean in the NIST RMF?
The third step of the NIST RMF that means to choose, customize, and capture documentation of the controls that protect an organization.
336
What is Sensitive data?
A type of data that includes personally identifiable information (PII), sensitive personally identifiable information (SPII), or protected health information (PHI).
337
What is Sensitive personally identifiable information (SPII)?
A specific type of PII that falls under stricter handling guidelines.
338
What is Separation of duties?
The principle that users should not be given levels of authorization that would allow them to misuse a system.
339
What is a Session?
A sequence of network HTTP requests and responses associated with the same user.
340
What is a Session cookie?
A token that websites use to validate a session and determine how long that session should last.
341
What is Session hijacking?
An event when attackers obtain a legitimate user’s session ID.
342
What is a Session ID?
A unique token that identifies a user and their device while accessing a system.
343
What is Set data?
Data that consists of an unordered collection of unique values.
344
What is Shared responsibility?
The idea that all individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security.
345
What is a Shell?
The command-line interpreter.
346
What is a Signature?
A pattern that is associated with malicious activity.
347
What is Signature analysis?
A detection method used to find events of interest.
348
What is Simple Network Management Protocol (SNMP)?
A network protocol used for monitoring and managing devices on a network.
349
What is Single sign-on (SSO)?
A technology that combines several different logins into one.
350
What is Smishing?
The use of text messages to trick users to obtain sensitive information or to impersonate a known source
351
What is a Smurf attack?
A network attack performed when an attacker sniffs an authorized user’s IP address and floods it with ICMP packets.
352
What is Social engineering?
A manipulation technique that exploits human error to gain private information, access, or valuables.
353
What is Social media phishing?
A type of attack where a threat actor collects detailed information about their target on social media sites before initiating the attack.
354
What is Spear phishing?
A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source.
355
What is Speed in networking?
The rate at which a device sends and receives data, measured by bits per second.
356
What is Splunk Cloud?
A cloud-hosted tool used to collect, search, and monitor log data.
357
What is Splunk Enterprise?
A self-hosted tool used to retain, analyze, and search an organization's log data to provide security information and alerts in real-time.
358
What is Spyware?
Malware that’s used to gather and sell information without consent.
359
What is SQL (Structured Query Language)?
A programming language used to create, interact with, and request information from a database.
360
What is SQL injection?
An attack that executes unexpected queries on a database.
361
What is a Stakeholder?
An individual or group that has an interest in any decision or activity of an organization.
362
What is Standard error?
An error message returned by the OS through the shell.
363
What is Standard input?
Information received by the OS via the command line.
364
What is Standard output?
Information returned by the OS through the shell.
365
What are Standards?
References that inform how to set policies.
366
What is the STAR method?
An interview technique used to answer behavioral and situational questions.
367
What is Stateful firewall?
A class of firewall that keeps track of information passing through it and proactively filters out threats.
368
What is a Stateless firewall?
A class of firewall that operates based on predefined rules and that does not keep track of information from data packets.
369
What is a Stored XSS attack?
An instance when malicious script is injected directly on the server.
370
What is String concatenation?
The process of joining two strings together.
371
What is String data?
Data consisting of an ordered sequence of characters.
372
What is a Style guide?
A manual that informs the writing, formatting, and design of documents.
373
What is Subnetting?
The subdivision of a network into logical groups called subnets.
374
What is a Substring?
A continuous sequence of characters within a string.
375
What is Sudo?
A command that temporarily grants elevated permissions to specific users.
376
What is a Supply-chain attack?
An attack that targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed.
377
What is Suricata?
An open-source intrusion detection system, intrusion prevention system, and network analysis tool.
378
What is a Switch?
A device that makes connections between specific devices on a network by sending and receiving data between them.
379
What is Symmetric encryption?
The use of a single secret key to exchange information.
380
What is a Synchronize (SYN) flood attack?
A type of DoS attack that simulates a TCP/IP connection and floods a server with SYN packets.
381
What is Syntax?
The rules that determine what is correctly structured in a computing language.
382
What is a Syntax error?
An error that involves invalid usage of a programming language.
383
What is Tailgating?
A social engineering tactic in which unauthorized people follow an authorized person into a restricted area.
384
What is the TCP/IP model?
A framework used to visualize how data is organized and transmitted across a network.
385
What is tcpdump?
A command-line network protocol analyzer.
386
What are Technical skills?
Skills that require knowledge of specific tools, procedures, and policies.
387
What is Telemetry?
The collection and transmission of data for analysis.
388
What is a Threat?
Any circumstance or event that can negatively impact assets.
389
What is a Threat actor?
Any person or group who presents a security risk.
390
What is Threat hunting?
The proactive search for threats on a network.
391
What is Threat intelligence?
Evidence-based threat information that provides context about existing or emerging threats.
392
What is Threat modeling?
The process of identifying assets, their vulnerabilities, and how each is exposed to threats.
393
What are Transferable skills?
Skills from other areas that can apply to different careers.
394
What is Transmission Control Protocol (TCP)?
An internet communication protocol that allows two devices to form a connection and stream data.
395
What is Triage?
The prioritizing of incidents according to their level of importance or urgency.
396
What is a Trojan horse?
Malware that looks like a legitimate file or program.
397
What is a True negative?
A state where there is no detection of malicious activity.
398
What is a True positive?
An alert that correctly detects the presence of an attack.
399
What is Tuple data?
Data structure that consists of a collection of data that cannot be changed.
400
What is a Type error?
An error that results from using the wrong data type.
401
What is Ubuntu?
An open-source, user-friendly distribution that is widely used in security and other industries.
402
What is Unauthorized access?
An incident type that occurs when an individual gains digital or physical access to a system or application without permission.
403
What is an Uncontrolled zone?
Any network outside your organization's control.
404
What is Unified Extensible Firmware Interface (UEFI)?
A microchip that contains loading instructions for the computer and replaces BIOS on more modern systems.
405
What is USB baiting?
An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network.
406
What is a User?
The person interacting with a computer.
407
What is User Datagram Protocol (UDP)?
A connectionless protocol that does not establish a connection between devices before transmissions.
408
What is a User-defined function?
A function that programmers design for their specific needs.
409
What is unauthorized access?
Access to a system or application without permission
410
What is an uncontrolled zone?
Any network outside your organization's control
411
What does UEFI stand for?
Unified Extensible Firmware Interface: A microchip that contains loading instructions for the computer and replaces BIOS on more modern systems
412
What is USB baiting?
An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network
413
Who is a user?
The person interacting with a computer
414
What is User Datagram Protocol (UDP)?
A connectionless protocol that does not establish a connection between devices before transmissions
415
What is a user-defined function?
A function that programmers design for their specific needs
416
What is a user interface?
A program that allows the user to control the functions of the operating system
417
What is user provisioning?
The process of creating and maintaining a user's digital identity
418
What is a variable?
A container that stores data
419
What is a virtual machine (VM)?
A virtual version of a physical computer
420
What is a Virtual Private Network (VPN)?
A network security service that changes your public IP address and hides your virtual location so that you can keep your data private when you are using a public network like the internet
421
What is a virus?
Malicious code written to interfere with computer operations and cause damage to data and software
422
What is VirusTotal?
A service that allows anyone to analyze suspicious files, domains, URLs, and IP addresses for malicious content
423
What is vishing?
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source
424
What is a visual dashboard?
A way of displaying various types of data quickly in one place
425
What is a vulnerability?
A weakness that can be exploited by a threat
426
What is a vulnerability assessment?
The internal review process of an organization's security systems
427
What is vulnerability management?
The process of finding and patching vulnerabilities
428
What is a vulnerability scanner?
Software that automatically compares existing common vulnerabilities and exposures against the technologies on the network.
429
What is a watering hole attack?
A type of attack when a threat actor compromises a website frequently visited by a specific group of users
430
What are web-based exploits?
Malicious code or behavior that’s used to take advantage of coding flaws in a web application
431
What is whaling?
A category of spear phishing attempts that are aimed at high-ranking executives in an organization
432
What is a Wide Area Network (WAN)?
A network that spans a large geographic area like a city, state, or country
433
What is Wi-Fi Protected Access (WPA)?
A wireless security protocol for devices to connect to the internet
434
What is a wildcard?
A special character that can be substituted with any other character
435
What is Wireshark?
An open-source network protocol analyzer
436
What is a world-writable file?
A file that can be altered by anyone in the world
437
What is a worm?
Malware that can duplicate and spread itself across systems on its own
438
What is YARA-L?
A computer language used to create rules for searching through ingested log data
439
What is a zero-day?
An exploit that was previously unknown
