Miscellaneous Terms

Question 1

CIA Triad

Answer 1

One of the most commonly used security models in the cybersecurity industry. CIA stands for Confidentiality, Integrity, and Availability

Question 2

Confidentiality

Answer 2

To protect data from unauthorized access.
- Only the people who should see the data should have permission to view it.
- Use secure methods, such as encryption, when storing the data and sharing data across a network.

Question 3

Integrity

Answer 3

To ensure that data is never tampered with
- Give permission to update the data only to the users who are authorized users at all times

Question 4

Availability

Answer 4

To ensure that data is readily accessible to the authorized users at all times.
- Minimum downtime
- UPS (Uninterrupted Power Supply) for network systems
- Rapid system recovery in case of a disaster

Question 5

IoT (Internet of Things)

Answer 5

The network of devices (including computers, mobile devices, home appliances, vehicles, and other electronic devices) that are connected to the internet, enabling the sending and receiving of data among them.

Question 6

Unauthorized Hacker

Answer 6

The unethical criminal hacker who breaks laws, steals data, holds information for ransom, and commits other criminal acts. Their behavior is meant to cause harm, to draw attention to something, or to achieve personal gain.

Question 7

Authorized Hacker

Answer 7

The ethical cybersecurity expert who has permission to perform security tests and who fully discloses their activities. They report vulnerabilities and improve the security of a system. Their behavior is noble and their actions align with society’s greater good.

Question 8

In-Between Hacker

Answer 8

Uses illegal and/or unethical means to discover a system’s security vulnerabilities. Typically, gray-hat hackers access systems illegally - without permission - but then share their findings and report problems they find.

Question 9

Packet

Answer 9

Small units of data, transmitted on a network. Collected together, they compose some larger data, such as a document, a website, a movie, etc.

Question 10

Pen (Penetration) test

Answer 10

Performing a computer attack to evaluate the security of a system

Question 10

IIS (Internet Information Services) Manager

Answer 10

A convenient administration tool for the Microsoft IIS web server. It allows administrators to define the behavior and structure of websites run by IIS and supports secure site configurations.

Question 11

Hardening

Answer 11

In terms of computer science, hardening a system means to increase its security and reduce its vulnerabilities.

Question 12

Abstraction

Answer 12

A very common concept in computer science and information technology; it means that a lot of the details of a system or a process are hidden, allowing the user to focus on the details that are important for the task at hand.

Question 13

HTML tag

Answer 13

A code that defines every structure on a HTML page, such as text, images, and links. HTML tags begin with a less than (<) character and end with a greater than (>).
Examples: < p >, < script >, < i > (Remove Spaces)

Question 14

Linux

Answer 14

An operating system similar in concept to the Windows OS but used more often to host routers and web servers

Question 15

SQL (Structured Query Language)

Answer 15

A language used to manage digital data stored in a relational database (tables that connect to other tables). Data is managed using CRUD: Create (INSERT), Read (SELECT), UPDATE, and DELETE.

Question 16

Data Cleansing

Answer 16

The process of protecting against XSS and SQL exploits by adding security measures that recognize any scripting tags entered by a user. The web server treats them as plain text or deletes them completely from the user input, removing any of their functionality.

Question 17

Packet Sniffing

Answer 17

Watching and analyzing network traffic at the packet level. (ex: Wireshark)

Question 18

ping

Answer 18

A network tool that’s used to check the status of a host.

Question 19

Packet Filtering

Answer 19

In network security, it allows or denies packets based on source and destination addresses, ports, or protocols.

Question 20

Timestamp

Answer 20

In Wireshark, the time the packet arrived. Timestamp is the current system time of the host on which Wireshark is running.

Question 21

pcap file

Answer 21

A Wireshark data capture file that contains packet information of network traffic

Question 22

HTTP (Hyper Text Transfer Protocol)

Answer 22

The underlying protocol used by the World Wide Web. It defines how messages are formatted and transmitted and what actions Web servers and browsers should take in response to various commands.