Key words

Question 1

What does CIA stand for and what is meant by each letter of the CIA?

Answer 1

Confidentiality, Integrity and Availability

Question 2

What is the meaning of Non - Repudiation?

Answer 2

Non- repudiation is the idea that someone cannot deny the validity of something, or that they cannot dispute responsibility for an action. In information systems, thus can be achieved through hashing and digital signatures amongst other ways. An example of this is when someone sends data, that the third party can verify that it came from the sender.

Question 3

What is confidentiality of information and how can it be achieved?

Answer 3

Prevent the disclosure of information to unauthorised individuals or systems - Certain information should only be known to certain people

Some of the ways in which this can be achieved are as follows:

Encryption - Encrypt data so only some certain people can read it

Access controls - Restrict access to a resource

MFA - An extra layer of security to prevent unauthorised access to a resource

Question 4

What is integrity of information and how can it be achieved?

Answer 4

Data cannot be modified without detection - This is to ensure that data received is the data that was sent and that no changes were made - We should be able to identify any modification

Hashing - This involves mapping an arbitrary length of data to data of a fixed length - If data received is different to data sent then the hash of the data would be different

Digital Signature

Certificates

Question 5

What is availability and how can it be achieved?

Answer 5

Systems & networks must be up and running

Fault tolerance

Redundancy

Patching - Adds stability and closes security holes

Question 6

What is a digital signature, what is the purpose and how does it work?

Answer 6

This is a hash that has been encrypted with an asymmetrical encryption algorithm. The hash allows us to verify that the data that has been sent has not been changed and the encryption allows us to confirm the person who sent the data - Provides an additional level of integrity in comparison to hashing alone.

Question 7

What is a Digital Certificate, what is the purpose and how does it work?

Question 8

What does AAA stand for?

Answer 8

Authentication - Determines if a user, device, or system is allowed to access the network

Authorization - Determines what an authenticated entity can do within the network

Accounting - Measures what a user is doing within a system, what data is accessed, received or sent and the time of these actions - Think logs.

Question 9

What is a Certificate Authority and provide the names of 3 Root CA’s?

Answer 9

A certificate authority is a company or organization that acts to validate the identities of entities (such as websites, email addresses, companies, or individual persons) and bind them to cryptographic keys through the issuance of electronic documents known as digital certificates.

A digital certificate provides:

Authentication, by serving as a credential to validate the identity of the entity that it is issued to.

Encryption, for secure communication over insecure networks such as the internet.

Integrity of documents signed with the certificate so that they cannot be altered by a third party in transit.

These certificates allow secure, encrypted communication between two parties through public key cryptography. The CA verifies the certificate applicant’s identity and issues a certificate containing their public key. The CA will then digitally sign the issued certificate with their own private key which establishes trust in the certificate’s validity.

Question 10

What is a GAP analysis and what is it used for?

Answer 10

A gap analysis is the process whereby a company examines their current performance/state vs their desired performance and state. This is then used to map out the required actions needed in order to reach that desired performance/state.

Allows you to work towards a baseline - Could be a cybersecurity framework like NIST CSF or the ISO 27001 or a regulatory requirement ie DORA for finance

Question 11

What is the principle of Zero Trust?

Answer 11

Zero trust is a security model that treats all users, devices, and components as untrusted by default and requires strict identity authentication and authorization

Question 12

What is meant by the principal of least privilege?

Answer 12

This is a cybersecurity concept that limits access of users, devices, applications and systems to only what they need to perform their job

Question 13

What is change management, purpose of it and benefits?

Answer 13

Change management is a structure process that helps companies implement changes as smooth as possible and to ensure that any potential issues can be foreseen as best as possible and that employees are prepared for that change.

Question 14

What is meant by redundancy?

Answer 14

Ensuring that your systems are redundant can improve availability of systems by ensuring systems can continue to function if something fails because there is a backup or alternative way of executing a specific function

Data redundancy - This would involve creating multiple copies of data to minimising the risk of data loss - Think backups and data replication

Geographic redundancy - Replicating data and applications across multiple locations to ensure systems remain available during a disaster.

Hardware redundancy - Provide backup for important and fault prone components to improve system reliability

Power redundancy - In the case that the main power goes down, main systems can be kept running by using a UPS (uninterruptible power supply)

Automatic Failover - Enable a backup system to automatically takeover if the main system goes down

Regular testing - testing backup systems in order to ensure that these systems can be relied upon if needed

Question 15

What is the difference between Fault tolerance and redundancy?

Answer 15

Fault tolerance is when the overall system can tolerate the failure of a system whereas redundancy is where a particular function can be performed in more than one way - Redundancy is one way of achieving fault tolerance

Question 16

What is data obfuscation?

Answer 16

Data obfuscation is the process of disguising confidential or sensitive data to protect it from unauthorized access.

Question 17

What is steganography?

Answer 17

the practice of concealing messages or information within other non-secret text or data.

Question 18

What is a threat vector?

Answer 18

A method used by the attacker to gain access to your system - also called an attack vector

Question 19

What is meant by adaptive identity?

Answer 19

It is an advanced form of authentication that goes beyond traditional methods such as passwords and PINs. Adaptive authentication takes into account contextual information such as location, device, behavior, and risk level to determine whether a user should be granted access or not.

Question 20

What is PKI?

Question 21

What is tokenisation and what are some use cases?

Question 22

What is HIPS?

Answer 22

Host Intrusions Prevention System - A host intrusion prevention system (HIPS) is an approach to security that relies on third-party software tools to identify and prevent malicious activities. Host-based intrusion prevention systems are typically used to protect endpoint devices. Once it detects malicious activity, the HIPS tool can take a variety of actions, including sending an alarm to the computer user, logging the malicious activity for future investigation, resetting the connection, dropping malicious packets and blocking subsequent traffic from the suspect IP address. Some host intrusion prevention systems allow users to send logs of malicious activity and suspicious code directly to the vendor for analysis and possible identification.

Question 23

What is stateful inspection?

Question 24

What is stateless inspection?

Question 25

What is ACL?

Answer 25

An access control list is a security mechanism that controls access to data and resources in a network. ACLS are made up of rules that determine which users or systems can access specific resources.

Question 26

What is SDLC?

Answer 26

Software Development Lifecycle is the cost effective and time efficient process that development teams use to design and build high-quality software. The goal is to minimise project risks through forward planning. The seven phases are: Phase 1 - Planning Phase 2 - Requirements analysis Phase 3 - Design Phase 4 - Coding Phase 5 - Testing Phase 6 - Deployment Phase 7 - Maintenance

Question 27

What is IDP?

Answer 27

Identity provider - A system that stores, manages and creates digital identities. They can directly authenticate users or provide authentication services to third party service providers.

Question 28

What is UTM?

Answer 28

Unified threat management - is a network security solution that combines multiple security features into one device or service. UTM appliances typically include the following security functions: Antivirus Anti-spam - Tags or blocks unwanted e-mail traffic Content filtering - Filters traffic based on file extension, mime type and protocol commans Network Firewall - Protects against network-level attacks Intrusion detection and prevention - Protcts against intrusion attempts

Question 29

What is NGFW?

Answer 29

A traditional firewall provides stateful inspection of network traffic. It allows or blocks traffic based on state, port, and protocol, and filters traffic based on administrator-defined rules. A next-generation firewall (NGFW) does this, and so much more. In addition to access control, NGFWs can block modern threats such as advanced malware and application-layer attacks. According to Gartner's definition, a next-generation firewall must include: Standard firewall capabilities like stateful inspection Integrated intrusion prevention Application awareness and control to see and block risky apps Threat intelligence sources Upgrade paths to include future information feeds Techniques to address evolving security threats

Question 30

What is SLE and how is it calculated?

Answer 30

Single loss expectancy - This is a risk assessment formula - Calculates the estimated financial loss that might occur if an asset is compromised - Asset value multiplied by exposure factor

Question 31

What is ARO?

Answer 31

Annual rate of occurence - This is a risk assessment formula - Calculates the estimated probability that of how many time an incident may occur within a given year. Calculated by dividing the number of estimated incidents by the time frame - ARO = Incidents/year ARO is often based on historical data or expert judgment. It can be used to: Understand and manage risk exposure, Prioritize security investments, and Prioritize mitigation strategies.

Question 32

What is ALE?

Answer 32

Annual loss expectancy - a financial metric that estiamtes the yearly cost of a potential risk to an organisation. Its calculated by multiplying the annual rate of occurence (ARO) by the single loss expectancy (SLE)

Question 33

What is SLA?

Answer 33

Service level agreement - A written contract that defines the level of service a provider will deliver. Typically between a client and service provider but can also be used between departments within a company. SLA's outline the following: Services - services that will be delivered Responsiveness - The level of responsiveness that can be expected Performance metrics - how perfomance will be measured, such as uptime, delivery time, response time and resolution time Course of action - What will happen if requirements are not met such as additional support or pricing discounts

Question 34

What is MSA?

Answer 34

Master service agreement which is a legally binding contract that outlines the terms and conditions for a business relationship between two or more parties

Question 35

What is BPA?

Answer 35

BPA stands for Best Practice Assessment, a tool that helps users evaluate their firewall configuration against best practices

Question 36

What is MOA?

Answer 36

MOA is an acronym for Memorandum of Agreement, which is a document that clarifies the responsibilities of parties involved in a cybersecurity agreement. MOAs are often used to establish a smooth working relationship between parties.

Question 37

What is PKI?

Question 38

What is PII?

Answer 38

Personally Identifiable Information, which is any data that can be used to identify a specific person. PII is considered sensitive data and is often targeted by attackers in data breaches.

Question 39

What is the role of a firewall?

Answer 39

A firewall's primary role is to protect a network from unauthorized access and harmful data by monitoring and filtering network traffic: Separates networks A firewall acts as a barrier between a private network and the public internet. It prevents unauthorized users from accessing the private network. Filters traffic A firewall inspects and authenticates each data packet that passes through the network. It uses a set of security rules to determine whether to allow or block the packet. Prevents threats A firewall protects against a variety of threats, including malware, hackers, and spyware. It can also help ensure compliance with data protection and privacy regulations.

Question 40

What is RBAC?

Answer 40

The role of role-based access control (RBAC) is to manage user access to systems, networks, and resources based on their role within an organization. RBAC helps to protect sensitive data from improper access, modification, addition, or deletion.

Question 41

What is RuBac?

Answer 41

Rule-based access control (RuBAC) is an access control system that allows user access to network resources according to pre-defined rules. In rule-based systems, administrators define the conditions users must meet before gaining access.

Question 42

What is AUP?

Answer 42

AUP stands for Acceptable Use Policy, which is a set of rules that outline how to use a network, website, or other technology resources. AUPs are like a code of conduct for the digital world, and are designed to ensure the responsible and secure use of these resources.

Question 43

What is EULA?

Answer 43

EULA stands for End-User License Agreement, which is a legal contract between a software developer or vendor and the user of their software. The primary purpose of a EULA is to protect the developer's intellectual property rights.

Question 44

What is SED?

Answer 44

Self encrypting drive

Question 45

What is EFS?

Answer 45

Encrypting file system

Question 46

What is DRP?

Answer 46

Disaster recovery plan

Question 47

What is BCP?

Answer 47

Business continuity plan

Question 48

What is IRP?

Answer 48

Incident response plan

Question 49

What is DLP?

Answer 49

Data loss prevention

Question 50

What is NFS?

Answer 50

Network File System - is a file server standard that allows users to access files on a remote computer as if they were local

Question 51

What is NTFS?

Answer 51

New technology file system

Question 52

What is WPA?

Answer 52

Wi-FI protected access, a security protocol that protects wireless networks from unauthorized.

Question 53

What is TKIP?

Answer 53

Temporal key integrity protocol - an encryption protocol for wireless lans that provide more secure encryption than WEP

Question 54

What is WEP?

Question 55

What is meant by the term KEK?

Answer 55

Key Encryption Key, which is a cryptographic key that protects other keys

Question 56

What is POP3 used for?

Question 57

What is SAAS?

Answer 57

Software-as-a-service (SaaS) applications run in the cloud. Users subscribe to SaaS applications instead of purchasing them, and they access them over the Internet.

Question 58

What is PAAS?

Answer 58

Platform as a service

Question 59

What is IAAS?

Answer 59

Infrastructure as a service

Question 60

What is FAAS?

Answer 60

Function as a service

Question 61

What is GDPR?

Answer 61

GDPR stands for General Data Protection Regulation, which is a European Union (EU) law that governs how personal data can be processed and transferred. The GDPR is considered the world's strongest privacy and security law.

Question 62

What is HIPPA?

Answer 62

HIPAA, or the Health Insurance Portability and Accountability Act, is a US federal law that protects sensitive patient health information (PHI)

Question 63

What is PCI DSS?

Answer 63

PCI DSS stands for Payment Card Industry Data Security Standard, a set of rules and guidelines that protect cardholder data and authentication information. It's a global requirement for any business that processes credit, debit, or prepaid cards, including those that use a third party for transactions.

Question 64

What is PII?

Answer 64

Personally Identifiable Information (PII) is any data that can be used to identify a person, either directly or indirectly. PII is considered sensitive data and is often used in identity theft.

Question 65

What is SCADA?

Answer 65

SCADA stands for Supervisory Control and Data Acquisition, and it's a computerized system that monitors, controls, and manages industrial processes. SCADA systems are used in a variety of industries.

Question 66

What is HVAC?

Answer 66

HVAC stands for heating, ventilation, and air conditioning. It's a system that controls the temperature, humidity, and air quality of indoor spaces. HVAC systems are used in residential, commercial, and industrial settings.

Question 67

What is 802.1x?

Answer 67

802.1X is an IEEE standard that controls network access for devices and users on wired and wireless networks. It's designed to increase the security of local area networks (LANs) by authenticating devices before they can access the network.

Question 68

What is PSK?

Question 69

What is SPIM?

Answer 69

SPIM stands for "spam over instant messaging" and is a type of spam that targets users of instant messaging (IM) services, SMS, or private messages within websites. SPIM messages are similar to email spam, but they appear on your screen as soon as they are sent, making them harder to filter and block.

Question 70

What is OSINT?

Answer 70

Open-source intelligence (OSINT) is the process of gathering and analyzing information from publicly available sources to gain insight. OSINT can be used for many purposes

Question 71

What is IoC?

Answer 71

Indicators of compromise

Question 72

What is IPsec?

Answer 72

IPsec is a group of protocols for securing connections between devices. IPsec helps keep data sent over public networks secure

Question 73

What is SOW?

Answer 73

SOW is an acronym for Statement of Work, a legally binding document that outlines the details of a project. It's a crucial document that serves as a roadmap for a project, and is typically created and agreed upon before a more detailed scope of work is drafted.

Question 74

What is MOU?

Answer 74

A memorandum of understanding is an agreement between two or more parties outlined in a formal document. It is not necessarily legally binding, which depends on the signatories' intent and the language in the agreement, but signals the willingness of the parties to move forward with a contract.

Question 75

What is RPO?

Answer 75

The maximum amount of data loss that is acceptable after an unplanned data loss incident. RPO is expressed as a time frame, which is usually the point before the incident when data can be recovered.

Question 76

What is MTTR?

Answer 76

mean time to repair, which is a metric that measures the average time it takes to fix a system or piece of equipment after it has failed. It includes the time it takes to repair the system, as well as any testing time, until the system is fully functional again.

Question 77

What is RTO?

Answer 77

RTO stands for Recovery Time Objective, which is the maximum amount of time that a system, network, application, or computer can be down after a failure or disaster. It's a key part of business continuity and disaster recovery planning, and it helps determine how quickly a company needs to restore operations to avoid significant impact.

Question 78

What is MTTF?

Answer 78

Mean Time to Failure

Question 79

What is S/MIME?

Question 80

What is TACACS+?

Question 81

What is RADIUS?

Question 82

What is CRL?

Answer 82

Certificate Revocation List

Question 83

What is a PED?

Answer 83

Portable Electronic Device

Question 84

What is SRTP?

Question 85

What is WIPS?

Question 86

What is ESP?

Answer 86

Encapsulating Security Payload

Question 87

What is EAP?

Question 88

What is CHAP?

Question 89

What is MS-CHAP?

Question 90

What is PAP?

Question 91

What is ATT&CK?

Question 92

What is ECC?

Question 93

What is ASLR?

Question 94

What is the role of RA in PKI?

Question 95

What is URI?

Question 96

What is Oauth?

Question 97

What is SAML?

Question 98

What is SQLI?

Question 99

What is APT?

Question 100

What is STIX?

Question 101

What is CVE?

Answer 101

CVE stands for common vulnerabilities and exposures, a publicly available list of known computer security vulnerabilities. Each vulnerability is assigned a unique identifier

Question 102

What is CVSS?

Answer 102

Common vulnerability scoring system - Used to help organisations prioritise their responses to different security threats

Question 103

What is a WAF?

Answer 103

Web application firewall

Question 104

What is UEM?

Answer 104

Unified endpoint management

Question 105

What is OSPF?

Answer 105

Open shortest path first is a routing protocol thats used to direct traffic on IP networks

Question 106

What is BGP?

Answer 106

Border gateway protocol

Question 107

What is SIEM?

Answer 107

Security information and event management

Question 108

What is SOAR?

Answer 108

Security orchestration, automation and response

Question 109

What is SWG?

Answer 109

Secure web gateway

Question 110

What is RDP?

Answer 110

Remote desktop protocol

Question 111

What is VNC?

Answer 111

Virtual Network Computing (VNC) is a cross-platform system that allows a user to remotely control another computer's screen, keyboard, and mouse

Question 112

What is MAC?

Question 113

What is FACL?

Answer 113

File access control list

Question 114

What is TTP?

Answer 114

Tactics, Techniques, and Procedures (TTPs) are a cybersecurity framework that describes how cybercriminals plan and execute attacks. TTPs are a key concept in cybersecurity and threat intelligence, and are used to identify patterns of behavior that can be used to defend against attacks.

Question 115

What is FDE?

Answer 115

Full disk encryption

Question 116

What is RIP?

Question 117

What is RAS?

Question 118

What is ECDSA?

Question 119

What is HMAC?

Question 120

What is ECDHE?

Question 121

What is TAXII?

Question 122

What is ICS?

Question 123

What is RFID?

Question 124

What is NFC?

Question 125

What is L2TP?

Question 126

What is PGP?

Question 127

What is OTA?

Question 128

What is a PUP?

Answer 128

Potentially unwanted program

Question 129

what is IKE?

Question 130

What is FRR?

Answer 130

False reject rate

Question 131

What is SCAP?

Question 132

What is DEP?

Answer 132

Data execution prevention

Question 133

What is API?

Answer 133

APIs are mechanisms that enable two software components to communicate with each other using a set of definitions and protocols. For example, the weather bureau’s software system contains daily weather data. The weather app on your phone “talks” to this system via APIs and shows you daily weather updates on your phone. API stands for Application Programming Interface. In the context of APIs, the word Application refers to any software with a distinct function. Interface can be thought of as a contract of service between two applications. This contract defines how the two communicate with each other using requests and responses.

Question 134

What is ICS?

Answer 134

Industrial Control System

Question 135

What is SDLM?

Question 136

What is CASB?

Question 137

What is RAD?