Foundations Flashcards
is the process of **adhering to internal standards and external regulations **and enables organizations to avoid fines and security breaches.
Compliance
are guidelines used for building plans to help mitigate risks and threats to data and privacy.
Security frameworks
are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.
Security controls
an organization’s ability to manage its defense of critical assets and data and react to change.
Security posture
is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.
threat actor
can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, it’s accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access.
internal threat
is the practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.
Network security
is the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Its a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.
Cloud security
is a process that can be used to create a specific set of instructions for a computer to execute tasks. These tasks can include:
Programming
is the use of digital communications to trick people into revealing sensitive data or deploying malicious software.
Phishing
A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.
Business Email Compromise (BEC)
A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.
Spear phishing
A form of spear phishing. Threat actors target company executives to gain access to sensitive data.
Whaling
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.
Vishing
The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.
Smishing
software designed to harm devices or networks. There are many types. The primary purpose of is to obtain money, or in some cases, an intelligence advantage that can be used against a person, an organization, or a territory.
Malware
Malicious code written to interfere with computer operations and cause damage to data and software. It needs to be initiated by a user (i.e., a threat actor), who transmits the it via a malicious attachment or file download. When someone opens the malicious attachment or download, it hides itself in other files in the now infected system. When the infected files are opened, it allows it to insert its own code to damage and/or destroy data in the system.
Virus
Malware that can duplicate and spread itself across systems on its own. In contrast to a virus, it does not need to be downloaded by a user. Instead, it self-replicates and spreads from an already infected computer to other devices on the same network.
Worms
A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.
Ransomware
Malware that’s used to gather and sell information without consent. It can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.
Spyware
a manipulation technique that exploits human error to gain private information, access, or valuables. Human error is usually a result of trusting someone without question. It’s the mission of a threat actor, acting, to create an environment of false trust and lies to exploit as many people as possible.
Social engineering
A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.
Social media phishing
A threat actor attacks a website frequently visited by a specific group of users.
Watering hole attack
A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network.
USB baiting
A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.
Physical social engineering
An item perceived as having value to an organization
Asset
The idea that data is accessible to those who are authorized to access it
Availability
The idea that only authorized users can access specific assets or data
Confidentiality
A model that helps inform how organizations consider risk when setting up systems and security policies
Confidentiality, integrity, availability (CIA) triad
A person who uses hacking to achieve a political goal
Hacktivist