K01 (Part 1)

Question 1

What is a threat in cybersecurity?

Answer 1

A new incident or event that has the potential to harm a system or network.

Question 2

What is a vulnerability in cybersecurity?

Answer 2

A known weakness in a system that could be exploited by attackers.

Question 3

What is risk in the context of cybersecurity?

Answer 3

The potential for damage when a threat successfully exploits a vulnerability.

Question 4

What is a Certificate Authority (CA)?

Answer 4

A trusted entity that issues digital certificates to verify the ownership of encryption keys used in secure communications like SSL/TLS.

Question 5

What is perimeter protection in cybersecurity?

Answer 5

Security measures that guard physical or network perimeters against intrusions and external threats.

Question 6

Name common cybersecurity vulnerabilities:

Answer 6

W – Weak backups
I – Info left on display
M – Misconfigurations
P – Poor data/device disposal
L – Lack of protection software
E – Exposed ports

Question 7

What is penetration testing?

Answer 7

A simulated cyberattack used to test and identify weaknesses in a system before real attackers do.

Question 8

What is black-box penetration testing?

Answer 8

A method where testers have no prior knowledge of the system, mimicking an external attack.

Question 9

What is white-box penetration testing?

Answer 9

A method where testers have full access to system information, like source code and network details.

Question 10

What is grey-box penetration testing?

Answer 10

A method where testers have limited knowledge of the system, simulating an insider with restricted access.