Common Terminology Flashcards

1
Q

What is compliance?

A

Compliance refers to adhering to specific rules, regulations, policies, and standards that are designed to protect sensitive information, maintain data privacy, and ensure the security of information systems. Compliance measures are essential to meet legal requirements, industry standards, and organizational policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are security frameworks?

A

are structured sets of guidelines, best practices, and controls that organizations can follow to manage and improve their information security. These frameworks provide a systematic approach to identifying, assessing, and mitigating security risks, ensuring that an organization’s information assets are protected effectively. They serve as a blueprint for building and maintaining robust security programs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are security controls?

A

also known as security safeguards or measures, are specific actions, technologies, policies, or procedures implemented to protect information systems and data from security threats and vulnerabilities. These controls are put in place to mitigate risks and ensure the confidentiality, integrity, and availability of sensitive information. Security controls are a fundamental component of any cybersecurity strategy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is Security Posture?

A

refers to the overall strength and resilience of an organization’s security measures and defenses against potential threats and attacks. It reflects the organization’s ability to protect its information systems, data, and assets from unauthorized access, breaches, and vulnerabilities. A strong security posture is essential for reducing security risks and maintaining the confidentiality, integrity, and availability of critical information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define Threat Actor

A

is an entity or individual responsible for carrying out malicious activities or posing a potential security risk to an organization, its information systems, and its data. Threat actors can encompass a wide range of actors with varying motivations, capabilities, and methods for conducting cyberattacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define Internal Threat

A

refers to a security risk or threat posed to an organization’s information systems, data, or network infrastructure by individuals or entities within the organization. These individuals may have authorized access to the organization’s resources but may misuse their privileges intentionally or inadvertently, potentially causing harm or compromising security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Network Security?

A

Network security encompasses the practices, technologies, policies, and procedures designed to protect an organization’s computer networks and the data they transmit and store from unauthorized access, breaches, disruptions, and other security threats. Network security is crucial for maintaining the confidentiality, integrity, and availability of an organization’s information assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Cloud Security

A

The process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define Programming

A

a process that can be used to create a specific set of instructions for a computer to execute tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Name 3 tasks related to programming

A
  • Automation of repetitive tasks (e.g., searching a list of malicious domains)
  • Reviewing web traffic
  • Alerting suspicious activity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Cybersecurity?

A

The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is (SPII)

A

Sensitive personally identifiable information is a specific type of PII that falls under stricter handling guidelines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is PII

A

Personally identifiable information is any information used to infer an individual’s identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define SIEM tools

A

Security information and event management tools are cybersecurity solutions designed to collect, analyze, correlate, and report on security data from various sources within an organization’s network and information systems. These tools play a critical role in threat detection, incident response, and compliance management. SIEM tools enable security analysts to monitor and investigate security events and incidents effectively.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly