Cyber Security for Beginners - glossary Flashcards

1
Q

Acceptable use policy

A

A set of wording describes an agreement between any user and the enterprise that owns the service, application or device being accessed. The agreement usually defines both the primary permitted and prohibited activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Access controls

A

Rules and techniques used to manage and restrict entry to or exit from a physical, virtual or digital area through the use of permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

APT

A

Advanced Persistent Threats, a term used to describe the tenacious and highly evolved set of tactics used by hackers to infiltrate networks through digital devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Adware

A

Any computer program designed to render adverts to an end user. Considered malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Air gap

A

to use some form of physical and electronic separation to ensure that activities in one are canoot impact or infect activities in another.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Alert status

A

An escalation flag that can be assigned to a security incident to indicate that it cannot be managed inside allowable time limits or other acceptable tolerances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Anti-malware

A

A computer progeram designed to look for specific files and behaviours that indicate the presence or attempted installation of malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Anti-virus

A

Predecessor of anti-malware that was used before the nature of malware had diversifided.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Application

A

a collection of functions and instructions in electronic format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

asset

A

any item that has inherent value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

attack

A

the occurance of unatuhorized intrusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

attack surface

A

the sum of the potential exposure area that could be used to gain unauthorized entry to any part of a digital landscape. This area usually includes perimeter network hardware and web servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Audits

A

The use of independent examiners to check if a target product, service and/or location is meeting the specific required standards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Backdoor

A

a covert method of accessing software or a device that bypasses normal authentication requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Black box penetration testing

A

It is the term used to describe a situation in which no advance information about the technical details of a computer programs has been made available to the pen-testers?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Black hat

A

A hacker with unethical goals, or no perceived ethical goals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Bleeding edge

A

using inventions so new , they have the likelihood to cause damage to their population before they become stable or safe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

BGP

A

Border Gateway Protocol is a standard format that different systems on a network can use to share and make decisions about the path for information being transmitted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Breach notification procedure

A

Some types of information, when suspected or known to be lost or stolen, must, by law be reporter to one or more autorities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Brute force,

A

A systematic approach that can quickly generate large volumes of possible methods to gain unauthorized access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Buffer overflow

A

Exceeding the region of electronic memory used to store data temporarily when it is being moved between locations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

BCP

A

Business Continuity Plan an operational document that describes how an organization can restore its critical products or services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

BYOD

A

Bring your own devicce

24
Q

CAPA

A

Corrective Action Preventive Action.

25
Q

CISO

A

Chief information security officer - single point of accountability in any organization for ensuring that an appropriate framework for managing dangers and threats to electronic an physical information assets is operating and effective

26
Q

Cipher

A

the use of a key to change information into a secret or hidden format

27
Q

Closed system

A

a collection of applications, systems and devices that only have the ability to communicate with each other

28
Q

Compliance

A

The process used to verify that governance items are being followed. Audits, assessments and monitoring can be used to identify and report compliance deficiencies.

29
Q

Confidentiality

A

The assignment of a value to a set of information to indicate the level of secrecy and the access restriction required to prevent unauthorized people from viewing it. A typical example of a confidentiality scale is. 1. Public 2. Internal 3. Confidential 4. Strictly Confidential and 5. Restricted

30
Q

Containerization

A

the partitioning of software functions within a single device, system or network that is sufficient to isolate it from potential harm

31
Q

Containment

A

a stage during an incident response when steps are taken to isolate a confirmed problem

32
Q

Control modes

A

Umbrella term for preventitive, detective and corrective methods of defense.

33
Q

Corrective Control

A

a method of defense that is introduced as the reactive result of an observed deficiency

34
Q

Cros-Site scripting

A

A securit exploits that take advantage of security design flaws in web-generated pages.

35
Q

Cyber

A

Using digital devices

36
Q

Cyber attack

A

an aggressive or hostile action that leverages or targets digital de-vices

37
Q

Cyber attack lifecycle

A

A model of sequential steps that are involved in a successful unauthorized intrusion or disruption into a digital landscape or digital device.

38
Q

Cyber Defense Points

A

The digital locations were controls can be added

39
Q

Cybersecurity

A

The protection of digital devices and their communication channels to keep them stable, dependable and reasonably safe.

40
Q

dark web

A

website that hide their server locations, although publically accessible they are not registered on standard search engines and the hidden server values make it extremely difficult to determine which organizations and people are behind these sites.

41
Q

Data

A

Information stored in an electronic or digital format

42
Q

DLP

A

Data Loss Prevention this term can describe both the technologies and the strategies used to help stop information from being taken out of an organization without appropriate authorization.

43
Q

DDOS

A

Distributed Denial of Service

44
Q

deep web

A

Internet content that cannot be seen by search engines, This includes not only dark web content but also harmless and general content not indexed.

45
Q

Defense by design

A

The process of ensuring that protective security measures are consistently included and embedded from the earliest requirements stage of any component

46
Q

Defense in depth

A

The use of multiple layers of security techniques to help reduce the chance of a successful attack

47
Q

Doxxing

A

Pubicly exposing personal information on the internet.

48
Q

Drive-by download

A

An covert unintended download of software onto a device.

49
Q

Eavesdropping

A

Covertly or secretly listening in on communication

50
Q

Encryption

A

The act of encoding messages so that if they are intercepted by an unauthorized party the cannot be read unless the encoding mechanism can be deciphered.

51
Q

Endpoint

A

Any electronic device that can be used to store or process information ex. Laptop, Phone

52
Q

Ethical Hacker

A

Alternative name for Pen Tester

53
Q

Exploit

A

To take advantage of a vulnerability.

54
Q

HIPS

A

Host Based Intrusion Prevention Systems, a version of an IPS that is installed directly onto the digital device

55
Q

IAM

A

Identity Access Management

56
Q

Patch management

A

Controlled process used to deploy critical interim updates.

57
Q
A