Untitled Deck Flashcards

Question

Encryption

Answer 1

Process of converting data into a code to prevent unauthorized access

Answer 2

Setting up strong user permissions to ensure only authorized personnel can access certain data

Answer 3

Obscuring specific data within a database for unauthorized users while retaining its use for authorized users

Answer 4

Ensuring confidentiality for both physical and digital information

Answer 5

Regular training on security awareness best practices

Answer 6

To ensure data accuracy, To maintain trust, To ensure system operability

Answer 7

Hashing, Digital Signatures, Checksums, Access Controls, Regular Audits

Answer 8

Process of converting data into a fixed-size value

Answer 9

Ensure both integrity and authenticity

Answer 10

Method to verify the integrity of data during transmission

Answer 11

Ensure only authorized individuals can modify data

Answer 12

Systematically reviewing logs and operations to ensure only authorized changes have been made

Answer 13

Ensuring Business Continuity, Maintaining Customer Trust, Upholding an Organization's Reputation

Answer 14

Using redundancy in systems and network designs

Answer 15

Duplication of critical components or functions of a system to enhance reliability

Answer 16

Using multiple servers in a load-balanced or failover configuration

Answer 17

Storing data in multiple places

Answer 18

Ensures that if one network path fails, the data can travel through another route

Answer 19

Using backup power sources, like generators and UPS systems

Answer 20

To confirm the authenticity of digital transactions, To ensure the integrity of critical communications, To provide accountability in digital processes

Answer 21

Something you know (Knowledge Factor), Something you have (Possession Factor), Something you are (Inherence Factor), Something you do (Action Factor), Somewhere you are (Location Factor)

Answer 22

Relies on information a user can recall

Answer 23

Relies on the user presenting a physical item

Answer 24

Relies on a unique physical or behavioral characteristic

Answer 25

Relies on a unique action

Answer 26

Relies on the user being in a certain geographic location

Answer 27

Requires multiple methods of identification

Answer 28

To prevent unauthorized access, To protect user data and privacy, To ensure resources are accessed by valid users only

Answer 29

Permissions and privileges granted after authentication

Answer 30

To protect sensitive data, To maintain system integrity, To create a streamlined user experience

Answer 31

Ensures all user activities are tracked and recorded

Answer 32

Create an audit trail, Maintain regulatory compliance, Conduct forensic analysis, Perform resource optimization, Achieve user accountability

Answer 33

Syslog Servers, Network Analysis Tools, SIEM Systems

Answer 34

Aggregate logs from various devices for analysis

Answer 35

Capture and analyze network traffic

Answer 36

Real-time analysis of security alerts

Answer 37

Technical, Managerial, Operational, Physical

Answer 38

Technologies, hardware, and software to manage and reduce risks

Answer 39

Strategic planning and governance of security

Answer 40

Procedures and measures for day-to-day data protection

Answer 41

Tangible measures to protect assets

Answer 42

Preventive, Deterrent, Detective, Corrective, Compensating, Directive

Answer 43

Proactive measures to thwart threats

Answer 44

Discourage attackers by making attacks less appealing

Answer 45

Monitor and alert to malicious activities

Answer 46

Mitigate damage and restore systems

Answer 47

Alternative measures when primary controls are not feasible

Answer 48

Guide, inform, or mandate actions (often policy-based)

Answer 49

Evaluating the differences between current and desired performance

Answer 50

Define the scope, Gather data on the current state, Analyze the data, Develop a plan to bridge the gap

Answer 51

Technical Gap Analysis, Business Gap Analysis

Answer 52

Evaluating technical infrastructure

Answer 53

Evaluating business processes

Answer 54

Outlines measures to address vulnerabilities, allocate resources, and set timelines

Answer 55

Demands verification for every device, user, and transaction

Answer 56

Control Plane, Data Plane

Answer 57

Framework for defining, managing, and enforcing access policies

Answer 58

Adaptive Identity, Threat Scope Reduction, Policy-Driven Access Control, Secured Zones

Answer 59

Real-time validation based on user behavior, device, location, etc.

Answer 60

Limits user access to reduce the attack surface

Answer 61

Managing access based on roles and responsibilities

Answer 62

Isolated environments for sensitive data

Answer 63

Policy Engine, Policy Administrator

Answer 64

Cross-references access requests with predefined policies

Answer 65

Establishes and manages access policies

Answer 66

Consists of the Subject/System and Policy Enforcement Point

Answer 67

The entity attempting to gain access

Answer 68

Where access decisions are executed

Answer 69

Summarize security concepts, Compare threat actors and motivations, Explain threat vectors and attack surfaces

Answer 70

Data Exfiltration, Blackmail, Espionage, Service Disruption, Financial Gain, Philosophical/Political Beliefs, Ethical Reasons, Revenge, Disruption/Chaos, War

Answer 71

Internal vs. External, Differences in resources and funding, Level of sophistication

Answer 72

Unskilled Attackers, Hacktivists, Organized Crime, Nation-state Actors, Insider Threats

Answer 73

Individuals with limited technical expertise who use readily available tools

Answer 74

Individuals or groups driven by political, social, or environmental ideologies

Answer 75

Groups that execute cyberattacks for financial gain (e.g., ransomware, identity theft)

Answer 76

Highly skilled attackers sponsored by governments for cyber espionage or warfare

Answer 77

Security threats originating from within the organization

Answer 78

IT systems, devices, software, or services managed without explicit organizational approval

Answer 79

The means or pathway by which an attacker gains unauthorized access

Answer 80

Use of information technology systems, devices, software, applications, and services without explicit organizational approval; IT-related projects managed outside of the IT department.

Answer 81

An organization's security posture is set too high or too complex, negatively affecting business operations.

Answer 82

Involves the use of personal devices for work purposes.

Answer 83

The means or pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload.

Answer 84

Encompasses all the various points where an unauthorized user can try to enter or extract data from an environment. Can be minimized by restricting access, removing unnecessary software, and disabling unused protocols.

Answer 85

Threats delivered via email, SMS text messaging, or other forms of instant messaging. ## Footnote Phishing campaigns are commonly used.

Answer 86

When an attacker impersonates a trusted entity to trick victims into revealing sensitive information.

Answer 87

Embedding malicious code inside an image file.

Answer 88

Files, often disguised as legitimate documents or software, transferred as email attachments, through file-sharing services, or hosted on malicious websites.

Answer 89

Vhishing: Use of voice calls to trick victims into revealing sensitive information.

Answer 90

Use of voice calls to trick victims into revealing sensitive information.

Answer 91

One common technique is baiting: leaving a malware-infected USB drive in a public location.

Answer 92

An attacker leaves a malware-infected USB drive in a location where a target might find it.

Answer 93

Wireless, wired, and Bluetooth networks that lack appropriate security measures. Unauthorized access can intercept communications or gain network access.

Answer 94

An attack that can occur with physical access to network infrastructure.

Answer 95

An attack that can occur with physical access to network infrastructure.

Answer 96

A set of vulnerabilities in Bluetooth technology that allows attackers to take over devices, spread malware, or establish on-path attacks.

Answer 97

A type of Denial of Service attack targeting Bluetooth devices by sending a specially crafted packet.

Answer 98

Technologies designed to mislead, confuse, and divert attackers while detecting and neutralizing threats.

Answer 99

Specific methods and patterns of activities associated with a particular threat actor.

Answer 100

Decoy systems or networks set up to attract potential hackers.

Answer 101

A network of honeypots designed to mimic an entire network of systems (servers, routers, switches).

Answer 102

Decoy files placed within a system to lure attackers.

Answer 103

Pieces of data or resources with no legitimate value but are monitored for access or use.

Answer 104

Fake Domain Name System entries introduced into a system's DNS server.

Answer 105

Fake folders and files placed within a system's storage.

Answer 106

Effective against automated scraping tools or bots trying to index or steal content.

Answer 107

Security mechanism where services/ports remain closed until a specific outbound traffic pattern is detected.

Answer 108

When a system detects a network scan, it can be configured to respond with fake network data.

Answer 109

Measures to protect tangible assets (buildings, equipment, people) from harm or unauthorized access.

Answer 110

Physical security controls. Fences are barriers made of posts and wire or boards. Bollards are short, sturdy vertical posts preventing vehicle access.

Answer 111

Barriers made of posts and wire or boards to enclose or separate areas; provide visual deterrent, physical barrier, and delay intruders.

Answer 112

Robust, short vertical posts (steel or concrete) designed to manage or redirect vehicular traffic.

Answer 113

Forcible entry, tampering with security devices, confronting security personnel, or ramming barriers with vehicles.

Answer 114

Gaining unauthorized access by physically breaking or bypassing barriers (windows, doors, fences).

Answer 115

Manipulating security devices to create exploitable vulnerabilities.

Answer 116

Direct confrontation or attack of an organization's security personnel.

Answer 117

Using a vehicle to ram into physical security barriers.

Answer 118

An organized strategy to observe and report activities. Components include video surveillance, security guards, lighting, and sensors.

Answer 119

Can include motion detection, night vision, facial recognition, and remote access.

Answer 120

Flexible and adaptable forms of surveillance.

Answer 121

Crucial for effective surveillance; deters criminals, reduces hiding spots, and enhances video quality.

Answer 122

Devices that detect and respond to external stimuli. Categories include infrared, pressure, microwave, and ultrasonic.

Answer 123

Detect changes in infrared radiation (emitted by warm bodies).

Answer 124

Activated when a specified weight is detected.

Answer 125

Detect movement by emitting microwave pulses and measuring reflections.

Answer 126

Measure the reflection of ultrasonic waves off moving objects.

Answer 127

Visual obstruction, blinding sensors/cameras, interfering with acoustics or electromagnetics, or attacking the physical environment.

Answer 128

Blocking a camera's line of sight (e.g., paint, stickers, objects).

Answer 129

Overwhelming a sensor or camera with a sudden burst of light.

Answer 130

Jamming or playing loud music to disrupt microphones.

Answer 131

Jamming the signals that surveillance systems rely on.

Answer 132

Physically tampering with surveillance equipment (e.g., cutting wires).

Answer 133

Double-door systems electronically controlled so only one door is open at a time; prevents piggybacking and tailgating.

Answer 134

Two people working together; one with access allows another without access to enter.

Answer 135

An unauthorized person closely follows someone with access into a secure area without their knowledge.

Answer 136

Restrict and regulate access to spaces. Types include padlocks, pin and tumbler locks, numeric locks, wireless locks, biometric locks, and cipher locks.

Answer 137

Easily defeated, offer minimal protection.

Answer 138

Vulnerable to simple techniques like lock picking.

Answer 139

Utilize various authentication methods (identification numbers, wireless signals, biometrics).

Answer 140

False Acceptance Rate (FAR), False Rejection Rate (FRR), Crossover Error Rate (CER).

Answer 141

System erroneously authenticates an unauthorized user.

Answer 142

System denies access to an authorized user.

Answer 143

Balance between FAR and FRR for optimal authentication.

Answer 144

Mechanical locks with numbered push buttons requiring a correct combination.

Answer 145

Copying data from an RFID or NFC card onto another device. Steps: Scanning, Data Extraction, Writing, Using.

Answer 146

A technology used for contactless authentication.

Answer 147

A technology used for contactless authentication.

Answer 148

Manipulative strategy exploiting human psychology for unauthorized access.

Answer 149

Familiarity/Likability, Consensus/Social Proof, Authority/Intimidation, Scarcity/Urgency, Fear.

Answer 150

People comply if they believe the request comes from someone in authority.

Answer 151

Creating a sense of immediacy to drive quick action.

Answer 152

Looking to others' behaviors to determine one's own actions.

Answer 153

Psychological pressure when a resource is perceived as limited.

Answer 154

People want to interact with those they like.

Answer 155

Threatening negative consequences if instructions aren't followed.

Answer 156

Pretending to be someone else. Includes brand impersonation, typosquatting, and watering hole attacks.

Answer 157

Pretending to represent a legitimate company or brand.

Answer 158

Registering domain names similar to popular websites with typographical errors.

Answer 159

Compromising a website or service that a target is known to use.

Answer 160

Creating a fabricated scenario to manipulate targets.

Answer 161

Sending fraudulent emails to obtain personal information.

Answer 162

Targeted phishing focused on a specific group or organization.

Answer 163

Targets high-profile individuals (CEOs, CFOs).

Answer 164

Using a compromised business email account to trick other employees.

Answer 165

Tricking victims into sharing information over the phone.

Answer 166

Using text messages to trick individuals into providing information.

Answer 167

Urgency, unusual requests, mismatched URLs, strange email addresses, poor spelling/grammar.

Answer 168

Wrongful or criminal deception for financial or personal gain.

Answer 169

Using another person's information without authorization.

Answer 170

Fraudulent or deceptive acts or operations.

Answer 171

A scam in which a person is tricked into paying for a fake invoice for a product or service they did not order.

Answer 172

Coordinated efforts to affect public perception or behavior towards a particular cause, individual, or group. They foster misinformation and disinformation.

Answer 173

False or inaccurate information shared without harmful intent.

Answer 174

The deliberate creation and sharing of false information with the intent to deceive or mislead.

Answer 175

Involves manipulating a situation or creating a distraction to steal valuable items or information.

Answer 176

Malicious deceptions often spread through social media, email, or other communication channels, often paired with phishing and impersonation. Prevention requires fact-checking and critical thinking.

Answer 177

Involves looking over someone's shoulder to gather personal information, sometimes using cameras. Prevention requires awareness of surroundings.

Answer 178

Searching through trash to find valuable information, often discarded documents. Prevention involves clean desk and clean desktop policies.

Answer 179

Secretly listening to private conversations, intercepting communications without knowledge. Prevention involves data encryption in transit.

Answer 180

Leaving a malware-infected physical device (e.g., USB drive) in a place where it will be found by a victim. Prevention requires user training not to use found devices.

Answer 181

An attacker follows an employee through an access control point without their knowledge.

Answer 182

An attacker convinces an authorized employee to let them into a facility by having them swipe their access badge.

Answer 183

Malicious software designed to infiltrate and potentially damage computer systems without user consent. Categories include viruses, worms, Trojans, ransomware, spyware, rootkits, and spam.

Answer 184

The method used to infiltrate a victim's machine (e.g., unpatched software, USB drives, phishing).

Answer 185

The means by which the attacker gains access and infects the system, combining infiltration method and infection process.

Answer 186

Attach to clean files, spread, and corrupt host files.

Answer 187

Standalone programs replicating and spreading to other computers without user interaction.

Answer 188

Disguise as legitimate software, granting unauthorized access.

Answer 189

Encrypts user data and demands ransom for decryption.

Answer 190

Compromised computers (zombies) remotely controlled in a network (botnet) for malicious purposes.

Answer 191

Hide presence and activities on a computer, operating at the OS level.

Answer 192

Bypass normal security and authentication functions, often placed by designers/programmers or threat actors.

Answer 193

Malicious code that executes only when specific conditions are met.

Answer 194

Record every keystroke made on a computer or mobile device.

Answer 195

Monitors and gathers user/system information without knowledge.

Answer 196

Unnecessary software pre-installed on devices, consuming resources and potentially introducing vulnerabilities.

Answer 197

Malicious code that runs on a machine without the user's knowledge, infecting the computer when executed.

Answer 198

Stored in the first sector of a hard drive, loaded into memory upon boot-up.

Answer 199

Code embedded inside a document, executing when the document is opened.

Answer 200

Infects executable or application files.

Answer 201

Combines boot sector and program virus characteristics.

Answer 202

Hides from detection by encrypting its code/payloads.

Answer 203

Changes its code each time it executes to evade detection.

Answer 204

Rewrites itself entirely before infecting a file.

Answer 205

Uses techniques to prevent detection by antivirus software.

Answer 206

Has a layer of protection to confuse analysis.

Answer 207

A form of technical social engineering that scares users into undesirable actions.

Answer 208

Self-replicating malicious software that spreads without user interaction, disrupting network traffic.

Answer 209

Malicious software disguised as harmless or desirable software.

Answer 210

Provides an attacker with remote control of a victim's machine.

Answer 211

Malware that blocks access to a system or data by encrypting it until a ransom is paid.

Answer 212

A network of compromised computers or devices controlled remotely.

Answer 213

A compromised computer or device within a botnet.

Answer 214

The computer managing and coordinating botnet activities.

Answer 215

Many machines target a single victim simultaneously.

Answer 216

Designed to gain administrative-level control over a system without detection.

Answer 217

Account with the highest level of permissions.

Answer 218

Operating at Ring 0, controlling access to device drivers and other core system functions.

Answer 219

Technique to run arbitrary code within another process by forcing it to load a dynamic-link library.

Answer 220

A collection of code and data used by multiple programs.

Answer 221

Software code placed between two components to intercept and redirect calls.

Answer 222

Bypasses normal security and authentication functions.

Answer 223

A hidden feature or novelty within a program.

Answer 224

Malicious code that executes when specific conditions are met.

Answer 225

Software or hardware that records every keystroke.

Answer 226

Malicious software designed to gather and send user/organization information without knowledge.

Answer 227

Unnecessary software pre-installed on devices.

Answer 228

Malware that retrieves additional malware code and tricks the user into activating it.

Answer 229

Malware designed to initiate or run other malware forms within a payload.

Answer 230

Retrieves additional tools post-initial infection.

Answer 231

Lightweight code meant to execute an exploit.

Answer 232

Downloads and installs a remote access Trojan.

Answer 233

Threat actors execute primary objectives (e.g., data exfiltration, file encryption).

Answer 234

Hiding tracks and erasing logs to prolong unauthorized access.

Answer 235

Exploiting standard system tools for intrusions.

Answer 236

Multiple failed login attempts.

Answer 237

Multiple simultaneous sessions from a single account.

Answer 238

Increased alerts from security tools.

Answer 239

Account access from geographically separated locations in an impossibly short time.

Answer 240

Unusual spikes in CPU, memory, or network bandwidth.

Answer 241

Files or systems suddenly become inaccessible.

Answer 242

Logs generated at odd hours.

Answer 243

Gaps in logs or cleared logs without authorization.

Answer 244

Reports of network infection.

Answer 245

Safeguarding information from corruption, compromise, or loss.

Answer 246

Categorizing data based on value and sensitivity (e.g., Sensitive, Confidential, Public).

Answer 247

Senior executives responsible for labeling and protecting information assets.

Answer 248

Entities responsible for determining data storage, collection, and usage purposes.

Answer 249

Entities hired by data controllers to assist with data tasks.

Answer 250

Focus on data quality and metadata, ensuring proper labeling and classification.

Answer 251

Responsible for managing data storage systems and enforcing access controls.

Answer 252

Data at rest, data in transit, and data in use.

Answer 253

Inactive data on storage devices.

Answer 254

Data actively moving from one location to another.

Answer 255

Data actively being created, retrieved, updated, or deleted.

Answer 256

Encrypts the entire hard drive.

Answer 257

Encrypts specific partitions.

Answer 258

Encrypts individual files.

Answer 259

Encrypts selected files or directories.

Answer 260

Encrypts data within a database.

Answer 261

Encrypts specific fields within a database record.

Answer 262

Secure communication over networks.

Answer 263

Creates secure connections over less secure networks.

Answer 264

Secures IP communications by authenticating and encrypting IP packets.

Answer 265

Encrypts data during processing.

Answer 266

Restricts access to data during processing.

Answer 267

Isolated environments for processing sensitive data.

Answer 268

Controlled by laws, regulations, or industry standards.

Answer 269

Information used to identify an individual.

Answer 270

Information about health status, healthcare provision, or payment.

Answer 271

Confidential business information giving a competitive edge.

Answer 272

Creations of the mind (e.g., inventions, literary works).

Answer 273

Data related to legal proceedings, contracts, or regulatory compliance.

Answer 274

Data related to financial transactions.

Answer 275

Understandable directly by humans.

Answer 276

Requires a machine or software to interpret.

Answer 277

Digital information is subject to the laws of the country where it is located.

Answer 278

Protects EU citizens' data.

Answer 279

Virtual boundaries to restrict data access based on location.

Answer 280

Transforms plaintext into ciphertext.

Answer 281

Converts data into fixed-size hash values.

Answer 282

Replaces data with placeholders.

Answer 283

Replaces sensitive data with non-sensitive tokens.

Answer 284

Makes data unclear or unintelligible.

Answer 285

Divides a network into separate segments.

Answer 286

Defining data access and actions through ACLs or RBAC.

Answer 287

A strategy to prevent sensitive information from leaving an organization.

Answer 288

Installed on workstations/laptops, monitors data in use.

Answer 289

Monitors data in transit across the network.

Untitled Deck Flashcards

(313 cards)