Course 1 and 2 Flashcards
What are the primary responsibilities of an entry-level security analyst?
Monitor Systems
Protect Information
Search for Weaknesses
Performing ___ enables security professionals to review an organization’s security records, activities, and related documents.
security audits.
________ identify, analyze, and preserve criminal evidence within networks, computers, and electronic devices.
Digital Forensic Investigators.
The purpose of ______ is to protect networks, devices, people, and data from unauthorized access or criminal exploitation.
cybersecurity
What occurs during a security audit?
Review of an organization’s security records, activities, and other related documents.
An employee receives an email that they believe to be legitimate. They click on ac compromised link within the email. What type of internal threat does this scenario describe?
Accidental
What is identity theft?
Stealing personal information to commit fraud while impersonating a victim.
Security _____ and event management (SIEM) tools enable security professionals to identify and analyze threats, risks, and vulnerabilities.
Information
What is SIEM? Describe.
Security Information and Event Management.
SIEM enables security professionals to identify and analyze threats, risks, and vulnerabilities.
A security professional investigates an alert about an unknown user accessing a system within their organization. What is the purpose of computer forensics in this situation?
Identify, analyze, and preserve criminal evidence.
What was the Brain Virus?
A virus invented by the Alvi brothers. The intention was to track illegal copies of medical software and prevent pirated licenses.
Unintentionally, the virus would copy itself onto any disk inserted into the infected PC and this spread globally in a few months significantly affecting the global business industry.
What was the Morris worm?
1988, developed by Robert Morris. Intent was a program to assess the size of the internet. The program crawled the web and installed itself onto other computers to tally the number of computers that were connected to the internet.
The program failed to keep track of the computers and had already compromised and continued to re-install itself until the computers ran out of memory and crashed. About 6,000 computers were affected, representing 10% of the internet at the time.
What are CERTs?
Computer Emergency Response Teams established to respond to computer security incidents.
What is LoveLetter?
Created by One De Guzman in 2000.
Malware to steal internet login credentials. Users received an email with the subject line, “I Love You.” Each email contained an attachment labeled, “Love Letter For You.” When the attachment was opened, the malware scanned a user’s address book. Then, it automatically sent itself to each person on the list and installed a program to collect user information and passwords.
This was the first example of social engineering.
What are CSIRTs?
Computer Security Incident Response Team.
Business Email Compromise (BEC)?
A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.
Spear Phishing?
A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.
Whaling?
A form of spear phishing. Threat actors target company executives to gain access to sensitive data.
Fishing?
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.
Smishing?
The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.
Viruses?
Malicious code written to interfere with computer operations and cause damage to data, software, and hardware. A virus attaches itself to programs or documents, on a computer. It then spreads and infects one or more computers in a network.
worms?
Malware that can duplicate and spread itself across systems on its own.
Ransomware?
A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.
Spyware
Malware that’s used to gather and sell information without consent. Spyware can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.
