General Terms Flashcards
1
Q
Absolute file path?
A
The full file path, which starts from the root
2
Q
Access Controls?
A
Security controls that manage access, authorization, and accountability of information
3
Q
Active Packet sniffing?
A
A type of attack where data packets are manipulated in transit
4
Q
Address Resolution Protocol (ARP)?
A
A network protocol used to determine the MAC address of the next router or device on the path
5
Q
Advanced Persistent Threat (APT)?
A
An instance when a threat actor maintains unauthorized access to a system for an extended period of time
6
Q
Adversarial Artificial Intelligence (AI)?
A
A technique that manipulates artificial
intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently
7
Q
Adware?
A
A type of legitimate software that is sometimes used to display digital
advertisements in applications
8
Q
Algorithm?
A
A set of rules used to solve a problem.
9
Q
Analysis?
A
The investigation and validation of alerts
10
Q
Angler Phishing?
A
A technique where attackers impersonate customer service
representatives on social media
11
Q
Anomaly-based Analysis?
A
A detection method that identifies abnormal behavior
12
Q
Antivirus Software?
A
A software program used to prevent, detect, and eliminate
malware and viruses
13
Q
Application?
A
A program that performs a specific task
14
Q
Application Programming Interface (API) token?
A
A small block of encrypted code
that contains information about a user
15
Q
Argument (Linux) ?
A
Specific information needed by a command
16
Q
Argument (Python)?
A
The data brought into a function when it is called
17
Q
Array?
A
A data type that stores data in a comma-separated ordered list
18
Q
Assess?
A
The fifth step of the NIST RMF that means to determine if established controls
are implemented correctly
19
Q
Asset?
A
An item perceived as having value to an organization
20
Q
Asset Classification?
A
The practice of labeling assets based on sensitivity and
importance to an organization
21
Q
Asset Inventory?
A
A catalog of assets that need to be protected
22
Q
Asset Management?
A
The process of tracking assets and the risks that affect them
23
Q
Asymmetric encryption?
A
The use of a public and private key pair for encryption and
decryption of data
24
Q
Attack Surface?
A
All the potential vulnerabilities that a threat actor could exploit
25
Attack Tree?
A diagram that maps threats to assets
26
Attack Vectors?
The pathways attackers use to penetrate security defenses
27
Authentication?
The process of verifying who someone is
28
Authorization?
The concept of granting access to specific resources in a system
29
Authorize?
The sixth step of the NIST RMF that refers to being accountable for the
security and privacy risks that might exist in an organization
30
Automation?
The use of technology to reduce human and manual effort to perform
common and repetitive tasks
31
Availability?
The idea that data is accessible to those who are authorized to access it
32
Baiting?
A social engineering tactic that tempts people into compromising their
security
33
Bandwidth?
The maximum data transmission capacity over a network, measured by
bits per second
34
Baseline Configuration (baseline image)?
A documented set of specifications within
a system that is used as a basis for future builds, releases, and updates
35
Bash?
The default shell in most Linux distributions
36
Basic Auth?
The technology used to establish a user’s request to access a server
37
Basic Input/Output System (BIOS)
A microchip that contains loading instructions for
the computer and is prevalent in older systems
38
Biometrics?
The unique physical characteristics that can be used to verify a person’s
identity
39
Bit?
The smallest unit of data measurement on a computer
40
Boolean Data?
Data that can only be one of two values: either True or False
41
Bootloader?
A software program that boots the operating system
42
Botnet?
A collection of computers infected by malware that are under the control of a
single threat actor, known as the “bot-herder"
43
Bracket Notation?
The indices placed in square brackets
44
Broken Chain of Custody?
Inconsistencies in the collection and logging of evidence in
the chain of custody
45
Brute force Attack?
The trial and error process of discovering private information
46
Bug Bounty?
Programs that encourage freelance hackers to find and report
vulnerabilities
47
Built-in Function?
A function that exists within Python and can be called directly
48
Business Continuity?
An organization's ability to maintain their everyday productivity
by establishing risk disaster recovery plans
49
Business Continuity Plan (BCP)?
A document that outlines the procedures to sustain
business operations during and after a significant disruption
50
Business Email Compromise (BEC)?
A type of phishing attack where a threat actor
impersonates a known source to obtain financial advantage
51
Categorize?
The second step of the NIST RMF that is used to develop risk
management processes and tasks
52
CentOS?
An open-source distribution that is closely related to Red Hat
53
Central Processing Unit (CPU)?
A computer’s main processor, which is used to
perform general computing tasks on a computer
54
Chain of Custody?
The process of documenting evidence possession and control
during an incident lifecycle
55
Chronicle?
A cloud-native tool designed to retain, analyze, and search data
56
Cipher?
An algorithm that encrypts information
57
Cloud-based Firewalls?
Software firewalls that are hosted by the cloud service
provider
58
Cloud Computing?
The practice of using remote servers, applications, and network
services that are hosted on the internet instead of on local physical devices
59
Cloud Network?
A collection of servers or computers that stores resources and data in
remote data centers that can be accessed via the internet
60
Cloud Security?
The process of ensuring that assets stored in the cloud are properly
configured and access to those assets is limited to authorized users
61
Command?
An instruction telling the computer to do something
62
Command and Control (C2)?
The techniques used by malicious actors to maintain
communications with compromised systems
63
Command-line Interface (CLI)?
A text-based user interface that uses commands to
interact with the computer
64
Comment?
A note programmers make about the intention behind their code
65
Common Event Format (CEF)?
A log format that uses key-value pairs to structure
data and identify fields and their corresponding values
66
Common Vulnerabilities and Exposures (CVE) list?
An openly accessible dictionary
of known vulnerabilities and exposures
67
Common Vulnerability Scoring System (CVSS)?
A measurement system that scores
the severity of a vulnerability
68
Compliance?
The process of adhering to internal standards and external regulations
69
Computer Security Incident Response Teams (CSIRT)?
A specialized group of
security professionals that are trained in incident management and response
70
Computer Virus?
Malicious code written to interfere with computer operations and
cause damage to data and software
71
Conditional Statement?
A statement that evaluates code to determine if it meets a
specified set of conditions
72
Confidentiality?
The idea that only authorized users can access specific assets or data
73
Confidential Data?
Data that often has limits on the number of people who have
access to it
74
Confidentiality, Integrity, Availability (CIA) Triad?
A model that helps inform how
organizations consider risk when setting up systems and security policies
75
Configuration File?
A file used to configure the settings of an application
76
Containment?
The act of limiting and preventing additional damage caused by an
incident
77
Controlled Zone?
A subnet that protects the internal network from the uncontrolled
zone
78
Cross-Site Scripting (XSS)
An injection attack that inserts code into a vulnerable
website or web application
79
Crowdsourcing?
The practice of gathering information using public input and
collaboration
80
Cryptographic Attack?
An attack that affects secure forms of communication
between a sender and intended recipient
81
Cryptographic Key?
A mechanism that decrypts ciphertext
82
Cryptography?
The process of transforming information into a form that unintended
readers can’t understand
83
Cryptojacking?
A form of malware that installs software to illegally mine
cryptocurrencies
84
CVE Numbering Authority (CNA)?
An organization that volunteers to analyze and
distribute information on eligible CVEs
85
Cybersecurity (or security)?
The practice of ensuring confidentiality, integrity, and
availability of information by protecting networks, devices, people, and data from
unauthorized access or criminal exploitation
86
Data?
Information that is translated, processed, or stored by a computer
87
Data at Rest?
Data not currently being accessed
88
Database?
An organized collection of information or data
89
Data Controller?
A person that determines the procedure and purpose for processing
data
90
Data Custodian?
Anyone or anything that’s responsible for the safe handling,
transport, and storage of information
91
Data Exfiltration?
Unauthorized transmission of data from a system
92
Data in Transit?
Data traveling from one point to another
93
Data in use?
Data being accessed by one or more users
94
Data Owner?
The person who decides who can access, edit, use, or destroy their
information
95
Data Packet?
A basic unit of information that travels from one device to another within
a network
96
Data Point?
A specific piece of information
97
Data Processor?
A person that is responsible for processing data on behalf of the data
controller
98
Data Protection Officer (DPO)?
An individual that is responsible for monitoring the
compliance of an organization's data protection procedures
99
Data Type?
A category for a particular type of data item
100
Date and Time Data?
Data representing a date and/or time
101
Debugger?
A software tool that helps to locate the source of an error and assess its
causes
102
Debugging?
The practice of identifying and fixing errors in code
103
Defense in Depth?
A layered approach to vulnerability management that reduces risk
104
Denial of Service (DoS) Attack?
An attack that targets a network or server and floods
it with network traffic
105
Detect?
A NIST core function related to identifying potential security incidents and
improving monitoring capabilities to increase the speed and efficiency of detections
106
Detection?
The prompt discovery of security events
107
Dictionary Data?
Data that consists of one or more key-value pairs
108
Digital Certificate?
A file that verifies the identity of a public key holder
109
Digital Forensics?
The practice of collecting and analyzing data to determine what has
happened after an attack
110
Directory?
A file that organizes where other files are stored
111
Disaster Recovery Plan?
A plan that allows an organization’s security team to outline
the steps needed to minimize the impact of a security incident
112
Distributed Denial of Service (DDoS) attack?
A type of denial or service attack that
uses multiple devices or servers located in different locations to flood the target
network with unwanted traffic
113
Distributions?
The different versions of Linux
114
Documentation?
Any form of recorded content that is used for a specific purpose
115
DOM-based XSS attack?
An instance when malicious script exists in the webpage a
browser loads
116
Domain Name System (DNS)?
A networking protocol that translates internet domain
names into IP addresses
117
Dropper?
A program or a file used to install a rootkit on a target computer
118
Elevator Pitch?
A brief summary of your experience, skills, and background
119
Encapsulation?
A process performed by a VPN service that protects your data by
wrapping sensitive data in other data packets
120
Encryption?
The process of converting data from a readable format to an encoded
format
121
Endpoint?
Any device connected on a network
122
Endpoint Detection and Response (EDR)
An application that monitors an endpoint
for malicious activity
123
Eradication?
The complete removal of the incident elements from all affected systems
124
Escalation Policy?
A set of actions that outline who should be notified when an
incident alert occurs and how that incident should be handled
125
Event?
An observable occurrence on a network, system, or device
126
Exception?
An error that involves code that cannot be executed even though it is
syntactically correct
127
Exclusive Operator?
An operator that does not include the value of comparison
128
Exploit?
A way of taking advantage of a vulnerability
129
Exposure?
A mistake that can be exploited by a threat
130
External Threat?
Anything outside the organization that has the potential to harm
organizational assets
131
False Negative?
A state where the presence of a threat is not detected
132
False Positive?
An alert that incorrectly detects the presence of a threat
133
Fileless Malware?
Malware that does not need to be installed by the user because it
uses legitimate programs that are already installed to infect a computer
134
File Path?
The location of a file or directory
135
Filesystem Hierarchy Standard (FHS)?
The component of the Linux OS that organizes
data
136
Filtering?
Selecting data that match a certain condition
137
Final Report?
Documentation that provides a comprehensive review of an incident
138
Firewall?
A network security device that monitors traffic to or from a network
139
Float Data?
Data consisting of a number with a decimal point
140
Foreign Key?
A column in a table that is a primary key in another table
141
Forward Proxy Server?
A server that regulates and restricts a person’s access to the
internet
142
Function?
A section of code that can be reused in a program
143
Global Variable?
A variable that is available through the entire program
144
Graphical User Interface (GUI)?
A user interface that uses icons on the screen to
manage different tasks on the computer
145
Hacker?
Any person or group who uses computers to gain unauthorized access to
data
146
Hacktivist?
A person who uses hacking to achieve a political goal
147
Hard Drive?
A hardware component used for long-term memory
148
Hardware?
The physical components of a computer
149
Hash Collision?
An instance when different inputs produce the same hash value
150
Hash Function?
An algorithm that produces a code that can’t be decrypted
151
Hash Table?
A data structure that's used to store and reference hash values
152
Health Insurance Portability and Accountability Act (HIPAA)?
A U.S. federal law
established to protect patients’ health information
153
Honeypot?
A system or resource created as a decoy vulnerable to attacks with the
purpose of attracting potential intruders
154
Host-based Intrusion Detection System (HIDS)?
An application that monitors the
activity of the host on which it’s installed
155
Hub?
A network device that broadcasts information to every device on the network
156
Hypertext Transfer Protocol (HTTP)?
An application layer protocol that provides a
method of communication between clients and website servers
157
Hypertext Transfer Protocol Secure (HTTPS)?
A network protocol that provides a
secure method of communication between clients and website servers
158
Identify?
A NIST core function related to management of cybersecurity risk and its
effect on an organization’s people and assets
159
Identity and Access Management (IAM)?
A collection of processes and technologies
that helps organizations manage digital identities in their environment
160
IEEE 802.11 (Wi-Fi)?
A set of standards that define communication for wireless LANs
161
Immutable?
An object that cannot be changed after it is created and assigned a value
162
Implement?
The fourth step of the NIST RMF that means to implement security and
privacy plans for an organization
163
Improper Usage?
An incident type that occurs when an employee of an organization
violates the organization’s acceptable use policies
164
Incident?
An occurrence that actually or imminently jeopardizes, without lawful
authority, the confidentiality, integrity, or availability of information or an information
system; or constitutes a violation or imminent threat of violation of law, security
policies, security procedures, or acceptable use policies
165
Incident Escalation?
The process of identifying a potential security incident, triaging it,
and handing it off to a more experienced team member
166
Incident Handler's Journal?
A form of documentation used in incident response
167
Incident Response?
An organization’s quick attempt to identify an attack, contain the
damage, and correct the effects of a security breach
168
Incident Response Plan?
A document that outlines the procedures to take in each step
of incident response
169
Inclusive Operator?
An operator that includes the value of comparison
170
Indentation?
Space added at the beginning of a line of code
171
Index?
A number assigned to every element in a sequence that indicates its position
172
Indicators of attack (IoA) ?
The series of observed events that indicate a real-time
incident
173
Indicators of compromise (IoC)?
Observable evidence that suggests signs of a
potential security incident
174
Information Privacy?
The protection of unauthorized access and distribution of data
175
Information Security (InfoSec)?
The practice of keeping data in all states away from
unauthorized users
176
Injection Attack?
Malicious code inserted into a vulnerable application
177
Input Validation?
Programming that validates inputs from users and other programs
178
Integer Data?
Data consisting of a number that does not include a decimal point.
179
Integrated Development Environment (IDE)?
A software application for writing code
that provides editing assistance and error correction tools
180
Integrity?
The idea that the data is correct, authentic, and reliable
181
Internal Hardware?
The components required to run the computer
182
Internal Threat?
A current or former employee, external vendor, or trusted partner who
poses a security risk
183
Internet Control Message Protocol (ICMP)?
An internet protocol used by devices to
tell each other about data transmission errors across the network
184
Internet Control Message Protocol Flood (ICMP flood)?
A type of DoS attack
performed by an attacker repeatedly sending ICMP request packets to a network
server
185
Internet Protocol (IP)?
A set of standards used for routing and addressing data
packets as they travel between devices on a network
186
Internet Protocol (IP) Address?
A unique string of characters that identifies the
location of a device on the internet
187
Interpreter?
A computer program that translates Python code into runnable
instructions line by line
188
Intrusion Detection System (IDS)?
An application that monitors system activity and
alerts on possible intrusions
189
Intrusion Prevention System (IPS)?
An application that monitors system activity for
intrusive activity and takes action to stop the activity
190
IP Spoofing?
A network attack performed when an attacker changes the source IP of a
data packet to impersonate an authorized system and gain access to a network
191
Iterative Statement?
Code that repeatedly executes a set of instructions
192
Kali Linux?
An open-source distribution of Linux that is widely used in the security
industry
193
Kernel?
The component of the Linux OS that manages processes and memory
194
Key-value pair?
A set of data that represents two linked items: a key, and its
corresponding value
195
Legacy Operating System?
An operating system that is outdated but still being used
196
Lessons Learned Meeting?
A meeting that includes all involved parties after a major
incident
197
Library?
A collection of modules that provide code users can access in their programs
198
Linux?
An open-source operating system
199
List Concatenation?
The concept of combining two lists into one by placing the
elements of the second list directly after the elements of the first list
200
List Data?
Data structure that consists of a collection of data in sequential form
201
Loader?
Malicious code that launches after a user initiates a dropper program
202
Local Area Network (LAN)?
A network that spans small areas like an office building, a
school, or a home
203
Local Variable?
A variable assigned within a function
204
Log?
A record of events that occur within an organization’s systems
205
Log Analysis?
The process of examining logs to identify events of interest
206
Logging?
The recording of events occurring on computer systems and networks
207
Logic Error?
An error that results when the logic used in code produces unintended
results
208
Log Management?
The process of collecting, storing, analyzing, and disposing of log
data
209
Loop Condition?
The part of a loop that determines when the loop terminates
210
Loop Variable?
A variable that is used to control the iterations of a loop
211
Malware?
Software designed to harm devices or networks
212
Malware Infection?
An incident type that occurs when malicious software designed to
disrupt a system infiltrates an organization’s computers or network
213
Media Access Control (MAC) Address?
A unique alphanumeric identifier that is
assigned to each physical device on a network
214
Method?
A function that belongs to a specific data type
215
Metrics?
Key technical attributes such as response time, availability, and failure rate,
which are used to assess the performance of a software application
216
MITRE?
A collection of non-profit research and development centers
217
Modem?
A device that connects your router to the internet and brings internet access
to the LAN
218
Module?
A Python file that contains additional functions, variables, classes, and any
kind of runnable code
219
Monitor?
The seventh step of the NIST RMF that means be aware of how systems are
operating
220
Multi-factor Authentication (MFA)?
A security measure that requires a user to verify
their identity in two or more ways to access a system or network
221
Nano?
A command-line file editor that is available by default in many Linux distributions
222
National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)?
A voluntary framework that consists of standards, guidelines, and best
practices to manage cybersecurity risk
223
National Institute of Standards and Technology (NIST) Incident Response?
A framework for incident response consisting of four phases: Preparation;
Detection and Analysis; Containment, Eradication and Recovery, and Post-incident
activity
