Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Cytix Introduction > Cyber Security Landscape > Flashcards

Cyber Security Landscape Flashcards

Cameron's flash cards from when he joined

1
Q

Risk Management, ____________, ____________, and response are the four disciplines to cybersecurity

A

Protection and Detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is DAST?

A

Dynamic Application Security Testing (DAST) is the process of scanning a web application through the front-end to find vulnerabilities through simulated attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are business logic flaws?

A

Business logic flaws are flaws in the design and implementation of an application that allow an attacker to elicit unintended behaviour.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the downside of DAST?

A

They may miss business logic flaws which could only be picked up by a manual penetration test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 2 methods for testing for vulnerabilities in a running application?

A

DAST and Manual Penetration tests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is SAST?

A

Static Application Security Testing (SAST) is a tool that scans an application’s source code for security vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the 2 methods typically used to test for vulnerabilities in source code?

A

SAST and manual code review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How does Cytix fit into the “Protect” category?

A

Cytix fits into the ‘Protection’ element because our software aims to find vulnerabilities BEFORE they reach production. This reduces the friction between development and security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is threat modelling?

A

Threat modelling is the process of analysing system changes before production, to identify potential vulnerabilities and how to mitigate them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is penetration testing?

A

Penetration testing is a process that simulates cyberattacks on a system to identify security vulnerabilities. It helps organisations protect their data and systems from potential cyberattacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are some typical vulnerabilities looked for in a penetration test?

A

Cross-Site Scripting (XSS, pronounced ex-ess-ess)
Business Logic Flaws
SQL injection (pronounced sequel)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Why does Cytix exist?

A

Cytix is the only continuous testing software that identifies all potential vulnerabilities before going into production.

Automatic scanners miss a lot of these vulnerabilities, and annual penetration tests are too slow to detect them promptly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Cytix Introduction (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions