Common Terminology Flashcards
What is compliance?
Compliance refers to adhering to specific rules, regulations, policies, and standards that are designed to protect sensitive information, maintain data privacy, and ensure the security of information systems. Compliance measures are essential to meet legal requirements, industry standards, and organizational policies.
What are security frameworks?
are structured sets of guidelines, best practices, and controls that organizations can follow to manage and improve their information security. These frameworks provide a systematic approach to identifying, assessing, and mitigating security risks, ensuring that an organization’s information assets are protected effectively. They serve as a blueprint for building and maintaining robust security programs.
What are security controls?
also known as security safeguards or measures, are specific actions, technologies, policies, or procedures implemented to protect information systems and data from security threats and vulnerabilities. These controls are put in place to mitigate risks and ensure the confidentiality, integrity, and availability of sensitive information. Security controls are a fundamental component of any cybersecurity strategy.
What is Security Posture?
refers to the overall strength and resilience of an organization’s security measures and defenses against potential threats and attacks. It reflects the organization’s ability to protect its information systems, data, and assets from unauthorized access, breaches, and vulnerabilities. A strong security posture is essential for reducing security risks and maintaining the confidentiality, integrity, and availability of critical information.
Define Threat Actor
is an entity or individual responsible for carrying out malicious activities or posing a potential security risk to an organization, its information systems, and its data. Threat actors can encompass a wide range of actors with varying motivations, capabilities, and methods for conducting cyberattacks.
Define Internal Threat
refers to a security risk or threat posed to an organization’s information systems, data, or network infrastructure by individuals or entities within the organization. These individuals may have authorized access to the organization’s resources but may misuse their privileges intentionally or inadvertently, potentially causing harm or compromising security.
What is Network Security?
Network security encompasses the practices, technologies, policies, and procedures designed to protect an organization’s computer networks and the data they transmit and store from unauthorized access, breaches, disruptions, and other security threats. Network security is crucial for maintaining the confidentiality, integrity, and availability of an organization’s information assets
What is Cloud Security
The process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.
Define Programming
a process that can be used to create a specific set of instructions for a computer to execute tasks.
Name 3 tasks related to programming
- Automation of repetitive tasks (e.g., searching a list of malicious domains)
- Reviewing web traffic
- Alerting suspicious activity
What is Cybersecurity?
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation
What is (SPII)
Sensitive personally identifiable information is a specific type of PII that falls under stricter handling guidelines.
What is PII
Personally identifiable information is any information used to infer an individual’s identity.
Define SIEM tools
Security information and event management tools are cybersecurity solutions designed to collect, analyze, correlate, and report on security data from various sources within an organization’s network and information systems. These tools play a critical role in threat detection, incident response, and compliance management. SIEM tools enable security analysts to monitor and investigate security events and incidents effectively.