Chapter 1: Cybersecurity Fundamentals Flashcards
What is a collection of industry standards and best practices to help organizations manage cybersecurity risks?
NIST Cybersecurity Framework
____ is any potential danger to an asset?
threat
_____ is a weakness in the system design, implementation, software, or code, or the lack of a mechanism?
vulnerability
What is the name for a piece of software, tool, technique, or a process that takes advantage of a vulnerability that leads to access, privilege escalation, loss of integrity, or denial of service on a computer system?
exploit
What is referred to as the knowledge about an existing or emerging threat to assests, including networks and systems?
Threat Intelligence
Vulnerabilities are typically identified by a ?
CVE
What is a type of vulnerability where the flaw is in a web application but the attack is against an end user?
XSS
CIA
Confidentiality
Integrity
Availability
What is cybersecurity?
Process of protecting information by preventing, detecting, and responding to attacks.
NIST
National Institute of Standards and Technology
Collection of industry standards and best practices to help organizations manage cybersecurity risk.
Threat
Any potential danger to an asset.
The entity that takes advantage of the vulnerability?
Malicious Actor
The path used by a malicious actor to perform the attack is known as?
threat agent
threat vector
Vulnerability
A weakness in a system design, implementation, software, or code, or lack of a mechanism.
Exploit
Piece of software, a tool, a technique, or a process that takes advantage of a vulnerability that leads to access, privilege escalation, loss of integrity, or denial of service on a computer system.