Course 1

Question 1

What is Cybersecurity?

Answer 1

The practice of ensuring confidentiality, integrity, and availability (CIA) of information by protecting networks, devices, and data from unauthorized access or exploitation.

Question 2

List the benefits of Cybersecurity.

Answer 2

• Protects against internal/external threats
• Meets regulatory compliance
• Maintains or improves business productivity
• Reduces expenses

Question 3

What are common job roles in Cybersecurity?

Answer 3

• Security Analyst/Specialist
• Cybersecurity Analyst/Specialist
• Security Operations Center (SOC) Analyst
• Information Security Analyst

Question 4

What are the responsibilities of a Security Analyst?

Answer 4

• Protecting systems/networks
• Installing prevention software
• Conducting security audits

Question 5

Define Threat Actor.

Answer 5

A person/group posing a cybersecurity threat by attempting to breach systems, steal data, or cause harm.

Question 6

What is an Internal Threat?

Answer 6

A security risk originating from inside an organization, often by employees or partners—either unintentionally or deliberately.

Question 7

What is Network Security?

Answer 7

The process of protecting a computer network from intrusions, misuse, or unauthorized access.

Question 8

What is Cloud Security?

Answer 8

Securing data, applications, and services hosted in the cloud. Ensures only authorized users access the data.

Question 9

What are Security Frameworks?

Answer 9

Structured guidelines organizations use to create policies and practices that reduce cyber risks.

Question 10

What are Security Controls?

Answer 10

Specific protective actions (like firewalls or multi-factor authentication) used to counter threats.

Question 11

Define Security Posture.

Answer 11

A measure of an organization’s overall cybersecurity strength and preparedness.

Question 12

What does Compliance entail in Cybersecurity?

Answer 12

Meeting external regulations (like GDPR, HIPAA) and internal policies to ensure legal and secure operations.

Question 13

What are the components of the CIA Triad?

Answer 13

• Confidentiality
• Integrity
• Availability

Question 14

List transferable skills necessary for Cybersecurity Analysts.

Answer 14

• Communication
• Collaboration
• Problem-solving
• Time management
• Growth mindset
• Respect for diversity

Question 15

What are some technical skills for Cybersecurity Analysts?

Answer 15

• Programming languages
• SIEM tools
• Computer forensics
• IDS (Intrusion Detection Systems)
• Threat landscape knowledge
• Incident response

Question 16

Define Malware.

Answer 16

Malicious software that harms systems or steals data.

Question 17

What are the types of Malware?

Answer 17

• Viruses
• Worms
• Ransomware
• Spyware

Question 18

What is Phishing?

Answer 18

Deceptive messages tricking users into revealing personal information.

Question 19

What are the types of Phishing?

Answer 19

• BEC
• Spear Phishing
• Whaling
• Vishing
• Smishing

Question 20

What is Social Engineering?

Answer 20

Manipulating people to reveal confidential information.

Question 21

List key principles of Social Engineering.

Answer 21

• Authority
• Intimidation
• Consensus
• Scarcity
• Familiarity/Trust
• Urgency

Question 22

What is the NIST Cybersecurity Framework (CSF)?

Answer 22

A widely used standard for managing and reducing cybersecurity risk.

Question 23

What does NIST RMF stand for?

Answer 23

NIST Risk Management Framework.

Question 24

What are CIS Controls?

Answer 24

A set of prioritized actions that improve security.

Question 25

What is FedRAMP?

Answer 25

Ensures standardized security assessments for cloud services used by federal agencies.

Question 26

List some compliance regulations.

Answer 26

* HIPAA * PCI DSS * GDPR * SOC 1 & SOC 2

Question 27

What are the components of the Security Lifecycle?

Answer 27

* Identify and document security goals * Set guidelines to achieve goals * Implement controls and processes * Monitor, review, and report

Question 28

What are SIEM Tools used for?

Answer 28

Analyze large volumes of logs, issue alerts, and help detect threats.

Question 29

What is a Network Protocol Analyzer?

Answer 29

A tool that monitors and diagnoses network traffic.

Question 30

What are Playbooks in Cybersecurity?

Answer 30

Standardized procedures for handling incidents.

Question 31

What is the purpose of Antivirus software?

Answer 31

Scans for and removes malicious software.

Question 32

What is Encryption?

Answer 32

Converts data into unreadable formats to prevent unauthorized access.

Question 33

What is Penetration Testing?

Answer 33

Simulated attacks to identify security weaknesses.

Question 34

What are the 8 Domains of CISSP?

Answer 34

* Security and Risk Management * Asset Security * Security Architecture and Engineering * Communication and Network Security * Identity and Access Management (IAM) * Security Assessment and Testing * Security Operations * Software Development Security

Question 35

What is Security Ethics?

Answer 35

Principles guiding responsible behavior in handling private data and systems.

Question 36

List Ethical Principles in Cybersecurity.

Answer 36

* Confidentiality * Privacy Protections * Legal Adherence

Question 37

True or False: Counterattacking is legal for private citizens.

Answer 37

False

Question 38

What is the best practice regarding counterattacks?

Answer 38

Focus on defense, not revenge.