Cyber - Sheet1 Flashcards
What is the CIA triad in cybersecurity?
CIA Triad: Confidentiality ensures data is only accessible by authorized parties. Integrity ensures data is accurate and unaltered. Availability ensures data is accessible when needed.
Explain the difference between symmetric and asymmetric encryption.
Symmetric Encryption: Uses the same key for both encryption and decryption. Asymmetric Encryption: Uses a pair of keys (public and private) for encryption and decryption, providing stronger security.
What is the difference between a vulnerability and an exploit?
Vulnerability: Weakness in a system that could be exploited. Exploit: Code or technique used to take advantage of a vulnerability.
Describe the concept of least privilege.
Least Privilege: Users should only have the minimum level of access required to perform their job functions, reducing the risk of unauthorized access.
What is a DDoS attack, and how can it be mitigated?
DDoS Attack: Overwhelms a target system with a flood of traffic, making it inaccessible to legitimate users. Mitigation involves filtering and blocking malicious traffic.
What is a phishing attack, and how can it be prevented?
Phishing Attack: Attempts to trick users into divulging sensitive information or clicking on malicious links. Prevention includes user education and email filtering.
Describe the concept of defense in depth.
Defense in Depth: Layered approach to security, where multiple security measures are implemented to protect against various threats.
What is malware, and what are some common types?
Malware: Malicious software designed to disrupt, damage, or gain unauthorized access to a computer system. Common types include viruses, worms, and ransomware.
Explain the difference between white-box and black-box testing.
White-Box Testing: Tester has full knowledge of the system’s internal workings. Black-Box Testing: Tester has no prior knowledge of the system’s internal structure.
What is SSL/TLS, and how does it provide security for internet communication?
SSL/TLS: Secure Sockets Layer/Transport Layer Security protocols encrypt data transmitted over the internet, providing secure communication between clients and servers.
What is the OWASP Top Ten, and why is it important?
OWASP Top Ten: List of the most critical web application security risks. Important for developers to prioritize security measures.
How do you secure a wireless network?
Wireless Network Security: Securing Wi-Fi networks involves using strong encryption (e.g., WPA2), disabling SSID broadcasting, and implementing MAC address filtering.
Describe the concept of social engineering and provide examples.
Social Engineering: Manipulating individuals to divulge confidential information or perform actions that compromise security, often through psychological manipulation or deception.
What is a zero-day vulnerability, and how can organizations protect against it?
Zero-Day Vulnerability: Vulnerability that is exploited before the vendor releases a patch or fix. Protection involves keeping systems up-to-date and using intrusion detection systems.
Explain the concept of a security incident response plan.
Security Incident Response Plan: Documented procedures outlining how an organization will respond to and manage security incidents, minimizing their impact.
Describe the difference between a virus, a worm, and a Trojan horse.
Virus, Worm, Trojan: Virus attaches to files, Worm spreads independently, Trojan hides in seemingly harmless software.
What is a VPN tunneling protocol, and which protocol is commonly used for secure VPN connections?
VPN Tunneling Protocol: Establishes secure connection over public network. Common protocol: OpenVPN, IPSec.
Explain the concept of a “man-in-the-middle” attack and how it can be mitigated.
Man-in-the-Middle Attack: Attacker intercepts communication between two parties. Mitigated by using encryption and digital signatures.
What is the difference between vulnerability scanning and penetration testing?
Vulnerability Scanning vs Penetration Testing: Scanning identifies weaknesses, Testing actively exploits them.
How does a Public Key Infrastructure (PKI) work, and what is its role in cybersecurity?
Public Key Infrastructure (PKI): Manages keys and certificates for secure communication.
Describe the steps involved in a typical cybersecurity incident response process.
Incident Response Process: Prepare, Identify, Contain, Eradicate, Recover, Learn.
What are the benefits and risks of using cloud services for storing sensitive data?
Cloud Services: Benefits: Scalability, Accessibility. Risks: Data privacy, Security.
Explain the concept of a “zero-trust” security model and its implications for network security.
Zero-Trust Model: Assumes no trust, verifies everything. Improves network security by limiting access.
What is the difference between symmetric and asymmetric key cryptography, and when would you use each?
Symmetric vs Asymmetric Key Cryptography: Symmetric uses same key for encryption/decryption, Asymmetric uses key pair (public and private). Symmetric is faster, asymmetric provides better security for key exchange.
