CyberSecurity

Question 1

Threat

Answer 1

A potential danger to systems or data

Question 2

Vulnerability

Answer 2

A weakness that can be exploited by a threat

Question 3

Exploit

Answer 3

A method or tool used to take advantage of a vulnerability

Question 4

Firewall

Answer 4

A network security device that monitors and filters incoming and outgoing traffic

Question 5

Patch

Answer 5

A software update that fixes a bug or vulnerability

Question 6

Phishing

Answer 6

A social engineering attack used to trick people into revealing sensitive info

Question 7

Malware

Answer 7

Malicious software (e.g., viruses, worms, trojans)

Question 8

Incident

Answer 8

A security event that compromises integrity, confidentiality, or availability

Question 9

Mitigation

Answer 9

Steps taken to reduce or eliminate a security risk

Question 10

Authentication

Answer 10

Verifying the identity of a user or system

Question 11

Data breach

Answer 11

Unauthorized access to or disclosure of sensitive data

Question 12

Zero-day exploit

Answer 12

An unknown vulnerability exploited before a fix is available

Question 13

Ransomware

Answer 13

Malware that encrypts files and demands payment for release

Question 14

Denial-of-Service (DoS)

Answer 14

Attack that makes a service unavailable by overwhelming it

Question 15

Brute-force attack

Answer 15

Automated guessing of passwords or encryption keys

Question 16

Command and control (C2)

Answer 16

A server that attackers use to communicate with compromised systems

Question 17

Indicators of compromise (IOCs)

Answer 17

Signs that a system has been breached

Question 18

Privilege escalation

Answer 18

Gaining higher access rights without authorization

Question 19

Backdoor

Answer 19

A hidden method to access a system or software

Question 20

Forensics

Answer 20

Investigation of systems to determine how a breach occurred

Question 21

Follow-up

Answer 21

A review or continuation of a previous action or communication

Question 22

Stakeholder

Answer 22

A person involved or affected by the outcome of a decision/project

Question 23

Chain of command

Answer 23

The hierarchy of authority in an organization

Question 24

Technical report

Answer 24

A formal document outlining an issue, analysis, or resolution in tech terms

Question 25

Meeting agenda

Answer 25

A structured list of discussion topics for a meeting

Question 26

Escalation

Answer 26

The process of raising an issue to a higher authority or level of support

Question 27

Workload

Answer 27

The amount of work assigned to a person or team

Question 28

Collaboration

Answer 28

Working together to achieve a common goal

Question 29

Communication gap

Answer 29

A breakdown or misunderstanding in the exchange of information

Question 30

Conflict resolution

Answer 30

The process of resolving disagreements effectively in the workplace

Question 31

Risk assessment

Answer 31

Process of identifying, analyzing, and evaluating risks

Question 32

Control

Answer 32

A safeguard or countermeasure to reduce risk

Question 33

Policy

Answer 33

A formal rule or guideline that must be followed

Question 34

Standard

Answer 34

Agreed level of quality or compliance (e.g., ISO 27001)

Question 35

Audit

Answer 35

An official review to ensure compliance with standards or laws

Question 36

Compliance

Answer 36

Adhering to laws, regulations, and internal policies

Question 37

Non-compliance

Answer 37

Failure to follow required standards

Question 38

Regulation

Answer 38

Official law or rule issued by an authority

Question 39

Risk appetite

Answer 39

The level of risk an organization is willing to accept

Question 40

Residual risk

Answer 40

Risk that remains after controls are implemented

Question 41

Due diligence

Answer 41

Care taken to investigate before making a decision

Question 42

Mitigation plan

Answer 42

Steps designed to reduce or control risks