Basics

Question 1

antivirus software

Answer 1

The software program used to prevent, detect and eliminate malware and viruses

Question 2

asset management

Answer 2

The process of tracking assets, and the risks that affect them

Question 3

asset inventory

Answer 3

A catalog of assets that need to be protected

Question 4

Biometrics

Answer 4

The unique physical characteristics that can be used to verify a persons identity

Question 5

Business continuity

Answer 5

An organizations ability to maintain their everyday productivity by establishing risk disaster recovery plans.

Question 6

Business continuity plan (BCP)

Answer 6

A documented outlines the procedures to sustain business operations during and after a significant disruption

Question 7

Business email compromise (BEC)

Answer 7

a type of fishing attack, where a threat actor impersonates a known source to obtain financial advantage

Question 8

Computer virus

Answer 8

Malicious code written to interfere with computer operations, and cause damage to data and software

Question 9

Cyber security

Answer 9

The practice of ensuring confidentiality, integrity and availability information by protecting networks devices, people and data from unauthorized access or criminal exploitation

Question 10

Data

Answer 10

Information that is translated, processed or stored by a computer

Question 11

hacker

Answer 11

Any person who uses computers to gain access to computers, systems, networks or data

Question 12

Hacktivist

Answer 12

any person who uses hacking to achieve a political goal

Question 13

Linux

Answer 13

Open source operating system

Question 14

Log

Answer 14

A record of events that occur within an organization system

Question 15

malware

Answer 15

software designed to harm devices or networks

Question 16

National Institute of standards and technology (NIST) cybersecurity framework (CSF)

Answer 16

A voluntary framework that consists of standards guidelines, and best practices to manage cybersecurity risk

Question 17

operating system (OS)

Answer 17

The interface between computer hardware and the user

Question 18

order of volatility

Answer 18

A sequence outlining the order of data that must be preserved from first to last

Question 19

Packet sniffing

Answer 19

The practice of capturing and inspecting data packets across the network

Question 20

phishing

Answer 20

The use of digital communications to trick people into revealing sensitive data or deploying malicious software

Question 21

playbook

Answer 21

a manual that provides details about any operational action

Question 22

ransomware

Answer 22

A malicious attack or threat actors and krypton organizations, data, and demand payment to restore access

Question 23

risk

Answer 23

Anything that can impact the confidentiality, integrity, or availability of an asset

Question 24

risk mitigation

Answer 24

The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach

Question 25

security information and event management (SIEM)

Answer 25

An application that collects and analyzes log data to monitor critical activities in an organization

Question 26

sensitive data

Answer 26

A type of data that includes personally, identifiable, information(PII) , sensitive, personal identifiable (SPII) information, or protected health information (PHI)

Question 27

social engineering

Answer 27

A manipulation technique that exploits human error to gain, private information, access, or valuables

Question 28

spear phishing

Answer 28

A malicious email attack, targeting a specific user or group of users, appearing to originate from a trusted source

Question 29

spyware

Answer 29

malware that’s used to gather and sell information without consent

Question 30

SQL (structured query language)

Answer 30

A programming language used to create, interact with, and request information from a database

Question 31

Threat

Answer 31

Any circumstance, or event that can negatively impact assets

Question 32

threat actor

Answer 32

Any person or group who presents a security risk

Question 33

USB baiting

Answer 33

an attack in which a threat actor strategically leaves a malware USB stick for an employee to find an install to unknowingly infected network

Question 34

virus

Answer 34

Malicious code written to interfere with computer operations, and cause damage to data and software

Question 35

Visual dashboard

Answer 35

A way of displaying various types of data quickly in one place

Question 36

vulnerability

Answer 36

A weakness that can be exploited by a threat

Question 37

vulnerability assessment

Answer 37

The internal review process of an organizations security systems

Question 38

watering hole attack

Answer 38

A type of attack when a threat actor compromises a website frequently visited by a specific group of users

Question 39

Layers of the web

Answer 39

Surface web
Deep web
Dark web

Question 40

risk management framework (7)

Answer 40

Prepare
Categorize
Select
Implement
Assess
Authorize
Monitor

Question 41

RMF Step 1: Prepare

Answer 41

Activities that are necessary to manage security security, and privacy risks before a breach occurs

Question 42

RMF Step 2: Categorize

Answer 42

Used to develop risk management processes and tasks

Question 43

RMF Step 3: Select

Answer 43

Choose, customize, and capture documentation of the controls that protect an organization

Question 44

RMF Step 4: Implement

Answer 44

implement security and privacy plans for the organization

Question 45

RMF Step 5: Assess

Answer 45

Determine if established controls are implemented correctly

Question 46

RMF Step 6: Authorize

Answer 46

Being accountable for the security and privacy risks that may exist in an organization

Question 47

RMF Step 7: Monitor

Answer 47

be aware of how systems are operating

Question 48

Asset

Answer 48

An item perceived is having value to an organization. Assets can be digital or physical.

Question 49

insider threats

Answer 49

Staff members or vendors abuse their authorized access to obtain data that may harm an organization

Question 50

Aavanced persistent threats (APTs)

Answer 50

A threat actor maintains an authorized access to a system for an extended period of time

Question 51

External risk

Answer 51

Anything outside the organization that has the potential to harm organizational assets, such as threat actors, attempting to gain access to private information

Question 52

Internal risk

Answer 52

A current, or former employee, vendor, or trusted partner, who poses a security risk

Question 53

Legacy systems

Answer 53

Old systems that might not be accounted for or updated, but still impact assets, such as workstations or old mainframe systems

Question 54

Multiparty risk

Answer 54

Outsourcing work to third-party vendors, can give them access to intellectual property, such as trade, secrets, software, designs, and inventions

Question 55

software compliance/licensing

Answer 55

Software that is not updated or in compliance, or patches that are not installed in timely manner

Question 56

ProxyLogon

Answer 56

A pre-authenticated vulnerability that affects the Microsoft exchange server. This means a threat actor can complete a user authentication process to deploy malicious code for a remote location.

Question 57

ZeroLogon

Answer 57

A vulnerability in Microsoft net logon authentication protocol. An authentication protocol is a way to verify a persons identity. Net logon is a service insurance, a users identity before allowing access to a websites location

Question 58

Log4Shell

Answer 58

Allows attackers to run Java code on someone else’s computer or leak sensitive information. It does this by enabling a remote attacker to take control of devices, connected to the Internet and run malicious code.

Question 59

PetitPotam

Answer 59

affects windows, new technology, local area network (LAN) manager (NTLM). it is a theft technique that allows a LAN-based attacker to initiate an authentication request.

Question 60

security, logging, and monitoring failures

Answer 60

Insufficient, logging and monitoring capabilities that result in hackers exploiting vulnerabilities without the organization, knowing it

Question 61

server side request, forgery

Answer 61

Allows attackers to manipulate a server, side application into accessing and updating backend resources. It can also allow threat actors to steal data.

Question 62

security posture

Answer 62

In organizations ability to manage its defense, critical assets and data, and react to change

Question 63

Shared responsibility

Answer 63

The idea that all individuals within an organization, take an active role in lowering risk and maintaining both physical and virtual security. Core concept of the security and risk management domain.

Question 64

security framework

Answer 64

Guidelines used for building, plans to help mitigate risk and threats to data and privacy

Question 65

security controls

Answer 65

Safeguards designed to reduce specific security risks

Question 66

encryption

Answer 66

The process of converting data from readable format to an encoded format. Typically involves converting data from plain text to ciphertext.

Question 67

Cyphertext

Answer 67

raw encoded message that is unreadable by people and machines until it has been de-encrypted.

Question 68

authentication

Answer 68

The process of verifying who someone or something is. MFA is an example

Question 69

Vishing

Answer 69

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source

Question 70

authorization

Answer 70

The concept of granting access to specific resources within a system

Question 71

CIA Triad

Answer 71

Confidentiality
Integrity
Availability

Question 72

cyber threat framework (CTF)

Answer 72

According to the office of the Director of national intelligence, the CTF was developed by the US government to provide a common language for describing and communicating information about cyber threat activity

Question 73

International organization for standardization/international electrotechnical commission
(ISO/IEC) 27001

Answer 73

An internationally recognized and used framework is ISO/IEC 27001. ISO 27000 family of standards enables organizations of all sectors and sizes to manage the security of assets, such as financial information, textual property, data, and information. Trust the third parties. This outlines requirements for an information security management system, best practices, and controls to support an organizations ability to manage risks.

Question 74

CIA Triad

Answer 74

A model that helps inform how organizations consider risk when setting up systems in security policies

Question 75

confidentiality

Answer 75

Only authorized users can access specific assets or data

Question 76

integrity

Answer 76

The data is correct, authentic, and reliable

Question 77

availability

Answer 77

Data is accessible to those who are authorized to access it

Question 78

NIST S.P. 800-53

Answer 78

A unified framework for protecting the security of information systems within the federal government

Question 79

NIST CSF Core Functions

Answer 79

Identify
Protect
Detect
Respond
Recover

Question 80

NIST CSF Core Function #1 Identify

Answer 80

The management of cyber security risk, and it’s effect on an organizations, people and assets

Question 81

NIST CSF Core Function #2 Protect

Answer 81

The strategy used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cyber security threats

Question 82

NIST CSF Core Function #3 Detect

Answer 82

Identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections

Question 83

NIST CSF Core Function #4 Respond

Answer 83

Making sure that the proper procedures are used to contain, neutralize, and analyze security, incidents, and implementing improvements to the security process

Question 84

NIST CSF Core Function #5 Recover

Answer 84

process of returning affected systems, back to normal operations

Question 85

attack surface area

Answer 85

refers to all potential vulnerabilities, a thread actor could exploit

Question 86

principle of least privilege

Answer 86

Users have the least amount of access required to perform their everyday tasks

Question 87

defense in depth

Answer 87

Organization should have varying security controls that mitigate risks and threats

Question 88

separation of duties

Answer 88

Critical actions should rely on multiple people, each of whom follow the principle of lease privilege

Question 89

keep security, simple

Answer 89

Avoid unnecessarily complicated solutions. Complexity makes security difficult.

Question 90

fix security issues correctly

Answer 90

When security incident occur, identify the root cause, contain the impact, identify, vulnerabilities, and conduct tests to ensure that remediation is successful

Question 91

establish secure defaults

Answer 91

this principal means that the optimal security state of an application is also its default state for users. It should take extra work to make the application insecure.

Question 92

fail securely

Answer 92

Fail securely means that when a control fails or stops, it should do so by defaulting to its most secure option

Question 93

avoid security by obscurity

Answer 93

The security of key systems should not rely on keeping details hidden.

Question 94

security audit

Answer 94

Review of an organizations, security controls, policies, and procedures against a set of expectations

Question 95

security controls

Answer 95

Safeguards designed to reduce specific security risks

Question 96

attack vectors

Answer 96

The pathways attackers used to penetrate security defenses

Question 97

Open Web application, security project/open worldwide application, security project (OWASP)

Answer 97

a nonprofit organization, focused on improving software security

Question 98

firewall

Answer 98

Network security device that monitors traffic to or from your network. They can also restrict specific incoming and outgoing network traffic.

Question 99

Hub

Answer 99

A network device that broadcast information to every device on the network

Question 100

switch

Answer 100

A device that makes connections between specific devices on a network by sending, and receiving data between them

Question 101

Router

Answer 101

A network device that connects multiple networks together

Question 102

Modem

Answer 102

A device to connect your router to the Internet and brings Internet access to the LAN

Question 103

virtualization tools

Answer 103

Pieces of software that perform network operations

Question 104

cloud, computing

Answer 104

Practice of using remote servers, applications, and network services that are hosted on the Internet Internet instead of on local physical devices

Question 105

cloud network

Answer 105

A collection of servers or computers, that stores, resources, and data and remote data centers that can be accessed via the Internet

Question 106

Data packet

Answer 106

Basic unit of information that travels from one device to another within a network

Question 107

bandwidth

Answer 107

The amount of data a device receives every second

Question 108

speed

Answer 108

The rates at which data packets are received or downloaded

Question 109

packet sniffing

Answer 109

The practice of capturing and inspecting data packets across the network

Question 110

transmission control protocol

Answer 110

In Internet communication protocol that allows two devices to form a connection and stream data

Question 111

Internet protocol

Answer 111

A set of standards used for routing and dressing data packets as they travel between devices on a network

Question 112

Port

Answer 112

A software based location that organizes the sending, and receiving of data between devices on a network

Question 113

network protocols

Answer 113

A set of rules used by two or more devices on a network to describe the order of delivery in the structure of the data

Question 114

transmission control protocol (TCP)

Answer 114

In Internet communications protocol that allows two devices to form a connection and stream data

Question 115

Address resolution protocol (ARP)

Answer 115

A network used to determine the MAC address of the next router or device on the path

Question 116

HyperText Transfer Protocol Secure (HTTPS)

Answer 116

A network protocol that provides a secure method of communication between clients and website servers

Question 117

Domain name system (DNS)

Answer 117

A network protocol that translate Internet domain names into IP addresses

Question 118

user datagram protocol (UDP)

Answer 118

connection list protocol that does not establish a connection between devices before atransmission

Question 119

simple network management protocol (snmp)

Answer 119

Network protocol used for monitoring and managing devices on a network

Question 120

Internet control message protocol (ICMP)

Answer 120

Network protocol used by devices to tell each other about data transmission errors across the network

Question 121

Secure file transfer protocol (sftp)

Answer 121

Secure protocol used to transfer files from one device to another over network