Cybersecurity

Question 1

the use of digital communications to trick people into revealing sensitive data or deploying malicious software.

Answer 1

Phishing
Some of the most common types of phishing attacks today include:

Business Email Compromise (BEC): A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.

Spear phishing: A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.

Whaling: A form of spear phishing. Threat actors target company executives to gain access to sensitive data.

Vishing: The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.

Smishing: The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.

Question 2

a manipulation technique that exploits human error to gain private information, access, or valuables.

Answer 2

Social engineering
Some of the most common types of social engineering attacks today include:

Social media phishing: A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.

Watering hole attack: A threat actor attacks a website frequently visited by a specific group of users.

USB baiting: A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network.

Physical social engineering: A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.

Question 3

a type of computer virus that can duplicate and spread on its own without human involvement.

Answer 3

worm

Question 4

malicious code written to interfere with computer operations and cause damage to data and software.

Answer 4

computer virus
The virus attaches itself to programs or documents on a computer, then spreads and infects one or more computers in a network.

Question 5

A current or former employee, external vendor, or trusted partner who poses a security risk

Answer 5

Internal threat

Question 6

The practice of keeping an organization’s network infrastructure secure from unauthorized access

Answer 6

Network security

Question 7

Any circumstance or event that can negatively impact assets

Answer 7

Threat

Question 8

An organization’s ability to manage its defense of critical assets and data and react to change

Answer 8

Security posture

Question 9

… … … identify, analyze, and preserve criminal evidence within networks, computers, and electronic devices.

Answer 9

Digital forensic investigators

Question 10

An application that collects and analyzes* log data* to monitor critical activities in an organization

Answer 10

Security information and event management (SIEM)
When security analysts need to review vulnerabilities, they conduct a periodic security audit. This is a review of an organization’s records, activities, and related documents. During audits, Security Information and Event Management (SIEM) tools help analysts better understand security threats, risks, and vulnerabilities.

Question 11

A review of an organization’s security controls, policies, and procedures against a set of expectations

Answer 11

Security audit

Question 12

Software designed to harm devices or networks

Answer 12

malware
Some of the most common types of malware attacks today include:

Viruses: Malicious code written to interfere with computer operations and cause damage to data, software, and hardware. A virus attaches itself to programs or documents, on a computer. It then spreads and infects one or more computers in a network.

Worms: Malware that can duplicate and spread itself across systems on its own.

Ransomware: A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.

Spyware: Malware that’s used to gather and sell information without consent. Spyware can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.

Question 13

a specific type of PII that falls under stricter handling guidelines and may include social security numbers, medical or financial information, and biometric data, such as facial recognition.

Answer 13

Sensitive personally identifiable information, (SPII)
If SPII is stolen, this has the potential to be significantly more damaging to an individual than if PII is stolen.

Question 14

any information used to infer an individual’s identity. It includes someone’s full name, date of birth, physical address, phone number, email address, internet protocol, or IP address, and similar information.

Answer 14

Personally identifiable information (PII)

Question 15

a security violation, in which sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, altered, or used by an individual unauthorized to do so

Answer 15

data breach
A data breach, for example, affects everyone that is associated with the organization. This is because data losses or leaks can affect an organization’s reputation as well as the lives and reputations of its users, clients, and customers.

Question 16

a process that can be used to create a specific set of instructions for a computer to execute tasks.

Answer 16

Programming

These tasks can include:
Automation of repetitive tasks (e.g., searching a list of malicious domains)

Reviewing web traffic

Alerting suspicious activity

Question 17

the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users.

Answer 17

Cloud security
The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.

Question 18

a current or former employee, an external vendor, or a trusted partner who poses a security risk.

Answer 18

internal threat
At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access.

Question 19

any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.

Answer 19

malicious attacker (A threat actor)

Question 20

safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.

Answer 20

Security controls

Question 21

guidelines used for building plans to help mitigate risks and threats to data and privacy.

Answer 21

Security frameworks

Question 22

the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.

Answer 22

Compliance

Question 23

*.to make an opening in a wall or fence, especially in order to attack someone or something behind it
*.to break a law, promise, agreement, or relationship

Answer 23

breach

Question 24

the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.

Answer 24

Cybersecurity

Question 25

any person or group who presents a security risk.

Answer 25

threat actor