Terminology

Question 1

Week 1 Terminology

Cybersecurity (or security):

Answer 1

The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation

Question 2

Week 1 Terminology

Cloud Security

Answer 2

The process of ensuring that assets stored in the cloud are properly configured and access to those assets is limited to authorized users

Question 3

Week 1 Terminology

Internal threat

Answer 3

A current or former employee, external vendor, or trusted partner who poses a security risk

Question 4

Week 1 Terminology

Network security

Answer 4

The practice of keeping an organization’s network infrastructure secure from unauthorized access

Question 5

Week 1 Terminology

Personally identifiable information (PII):

Answer 5

Any information used to infer an individual’s identity

Question 6

Week 1 Terminology

Security posture

Answer 6

An organization’s ability to manage its defense of critical assets and data and react to change

Question 7

Week 1 Terminology

Sensitive personally identifiable information (SPII)

Answer 7

A specific type of PII that falls under stricter handling guidelines

Question 8

Week 1 Terminology

Technical skills

Answer 8

Skills that require knowledge of specific tools, procedures, and policies

Question 9

Week 1 Terminology

Threat

Answer 9

Any circumstance or event that can negatively impact assets

Question 10

Week 1 Terminology

Threat actor

Answer 10

Any person or group who presents a security risk

Question 11

Week 1 Terminology

Transferable skills

Answer 11

Skills from other areas that can apply to different careers

Question 12

Week 2 Terminology

Adversarial artificial intelligence (AI):

Answer 12

A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently

Question 13

Week 2 Terminology

Business Email Compromise (BEC)

Answer 13

A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage

Question 14

Week 2 Terminology

Computer virus

Answer 14

Malicious code written to interfere with computer operations and cause damage to data and software

Question 15

Week 2 Terminology

Cryptographic attack

Answer 15

An attack that affects secure forms of communication between a sender and intended reci

Question 16

Week 2 Terminology

Hacker

Answer 16

Any person who uses computers to gain access to computer systems, networks, or data

Question 17

Week 2 Terminology

Malware

Answer 17

Software designed to harm devices or networks

Question 18

Week 2 Terminology

Password attack

Answer 18

An attempt to access password secured devices, systems, networks, or data

Question 19

Week 2 Terminology

Phishing

Answer 19

The use of digital communications to trick people into revealing sensitive data or deploying malicious software

Question 20

Week 2 Terminology

Physical attack

Answer 20

A security incident that affects not only digital but also physical environments where the incident is deployed

Question 21

Week 2 Terminology

Physical social engineering

Answer 21

An attack in which a threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location

Question 22

Week 2 Terminology

Social engineering

Answer 22

manipulation technique that exploits human error to gain private information, access, or valuables

Question 23

Week 2 Terminology

Social media phishing

Answer 23

A type of attack where a threat actor collects detailed information about their target on social media sites before initiating the attack

Question 24

Week 2 Terminology

Spear phishing

Answer 24

A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source

Question 25

Week 2 Terminology

Supply-chain attack

Answer 25

An attack that targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed

Question 26

Week 2 Terminology

USB baiting

Answer 26

An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network

Question 27

Week 2 Terminology

Vishing

Answer 27

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source

Question 28

Week 2 Terminology

Watering hole attack

Answer 28

A type of attack when a threat actor compromises a website frequently visited by a specific group of users