Cyber Security Flashcards

1
Q

What does CIA stand for?

A

Confidentiality, Integrity, Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Define confidentiality

A

Data is accessed by only those with the right permit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define Integrity

A

Data is not tampered or altered in anyway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define availability

A

data and resources are able to be accessed and shared

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does DAD stand for?

A

Disclosure, Alteration, Deniability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define disclosure

A

data is accessed by non-authorized individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define alteration

A

Data has been compromised or tampered with

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Define deniability

A

access to data and resources are blocked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define blacklist

A

a list of banned IP addresses, applications, or users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define whitelist

A

a list of allowed IP addresses, applications, or users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define cat fishing

A

the process of creating a fake online profile in order to trick people into believing they are someone else

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define zero day?

A

A threat that is unknown to security specialists and has not been addressed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Define hack value

A

describes a target that may attract an above average level of attention from an attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define non-repudiation

A

once an action is carried out by a party, it cannot be denied by that same party

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define logic bomb

A

Malicious code that is only triggered when a set of conditions are met

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Define obfuscation

A

the tactic of making code unclear so that humans or programs like an antivirus cannot understand it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Define honey pot

A

a decoy or trap for hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Define spoof

A

the act of falsifying the indentity of the source of a communication or interaction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a protocol?

A

a set of rules that determine how computers communicate with each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What does HTTP stand for?

A

Hyper Text Transfer Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Is HTTP stateless or stateful?

A

stateless

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is SSL?

A

Secure Socket Layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is SSH?

A

Secure Shell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is FTP?

A

File Transfer Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is SFTP?
Secure File Transfer Protocol
26
What is IMAP?
Internet Message Access Protocol
27
What is SMTP?
Simple Mail Transfer Protocol
28
What is a cookie?
Pieces of text of stored by a web server on your had disk
29
What are cookies used for?
identify a user, check for their past activity on the website and use this record to provide the most relevant information to the user
30
What is TCP?
Transmission Control Protocol divides a message or file into packets that transmitted over the internet more efficiently
31
What is IP?
Internet Protocol is responsible for the address of each packet so it is sent to the correct destination
32
What are the 4 layers of TCP/IP?
Datalink Layer, internet/networking layer, Transport layer, application layer
33
What is the datalink layer of TCP/IP?
consists of protocols that operate on a link that connects hosts on a network e.g. ethernet
34
Internet/Networking layer
connects independent networks together e.g. IP
35
Transport Layer
handles communication between hosts e.g. TCP
36
Application Layer
standardizes data exchange for applications e.g. HTTP, FTP
37
What are the 5 main Social Engineering Tactics?
Baiting, Pretexting, Quid Pro Quo, Phishing, Vishing
38
What is a brute force attack?
A trial and error attack against passwords
39
What is a dictionary attack?
A type of brute force attack that goes through all the words of a dictionary
40
What is phishing?
An email that contains a malicious link or file
41
What is a spear phishing attack?
a phishing attack directed a specific individual
42
What is vishing?
Phishing attack with a phone call
43
What is smishing?
Phishing over text
44
True or False: Botnets are very often used in DDoS attacks
True
45
What are the three ways to prevent DDoS attacks from taking down your server?
Overprovision bandwidth, Creating a DDoS playbook, outsourcing protection to DDoS specialist
46
What is the Man in the Middle Attack?
An attack where the attacker intercepts and potentially alters messages between computers
47
What is a SQL Injection attack?
An attack where the attacker sends a malicious SQL statement to gain access to a database
48
What is a XSS attack?
A cross site scripting attack is when a attacker sends malicious scripts of code into a website or website application. When a visitor comes to the website, their computer is infected
49
What is a supply chain attack?
When hackers get into company A by getting into Company B's network (where company B has access to company B)
50
What is the server that is used to issue commands to bots in a botnet?
command and control server
51
What are viruses/worms?
Malicious code written to alter the way a computer or a network operates
52
True or False: A virus requires an active host program or already infected system to run
True
53
is a worm or a virus self replicating and self propagating
a worm
54
What is a trojan?
Powerful malware disguised as legitimate software
55
What are the 4 types of Trojans?
backdoor trojans, infostealer trojan, trojan downloader, trojan DDoS
56
What is Adware?
a program that displays unwanted banner advertisements
57
What is spyware?
malware that monitors computer and internet use
58
What is ransomware?
when a hacker encrypts a users data until the user pays the hacker to decrypt their data or threatens to release sensitive data unless a payment is received
59
What is a firewall?
A security device that monitors incoming and outgoing network traffic
60
What are the two types of firewalls?
hardware firewall and software firewall
61
What are the two major types of encryption?
Symmetric and Asymmetric
62
What is the difference between symmetric and asymmetric encryption?
symmetric uses the same key for encryption and decryption while asymmetric uses different keys
63
What is an antivirus?
a software used to protect a computer from malware
64
How does antivirus work?
identifies signatures of already identified malware or it runs the software in a sandbox and observes how it runs
65
What are the main authentication factors
Knowledge factor (password), possession factor (keycard), inheritance factor (fingerprint)
66
What is a DMZ?
A demilitarized zone is a physical or logical subnetwork that separates networks from other untrusted networks
67
What is a security policy?
a written document that describes how an organizations protects it virtual and physical data assets
68
What does BYOD stand for?
Bring your own device
69
What is the weakest link in a companies security?
an employee