CYBERSECURITY Coursera Specialization

Question 1

The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation

Answer 1

Cybersecurity (or security)

Question 2

The process of ensuring that assets stored in the cloud are properly configured and access to those assets is limited to authorized users

Answer 2

Cloud Security

Question 3

A current or former employee, external vendor, or trusted partner who poses a security risk

Answer 3

Internal threat

Question 4

The practice of keeping an organization’s network infrastructure secure from unauthorized access

Answer 4

Network security

Question 5

Any information used to infer an individual’s identity

Answer 5

Personally identifiable information (PII)

Question 6

A specific type of PII that falls under stricter handling guidelines

Answer 6

Sensitive personally identifiable information (SPII)

Question 7

Skills that require knowledge of specific tools, procedures, and policies

Answer 7

Technical skills

Question 8

Any circumstance or event that can negatively impact assets

Answer 8

Threat

Question 9

Any person or group who presents a security risk

Answer 9

Threat actor

Question 10

Skills from other areas that can apply to different careers

Answer 10

Transferable skills

Question 11

: A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently

Answer 11

Adversarial artificial intelligence (AI):

Question 12

The process of verifying who someone is

Answer 12

Authentication

Question 13

A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage

Answer 13

Business Email Compromise (BEC)

Question 14

Malicious code written to interfere with computer operations and cause damage to data and software

Answer 14

Computer virus

Question 15

: An attack that affects secure forms of communication between a sender and the intended recipient

Answer 15

Cryptographic attack

Question 16

An attempt to access password secured devices, systems, networks, or data

Answer 16

Password attack

Question 17

Software designed to harm devices or networks

Answer 17

Malware

Question 18

Any person or group who uses computers to gain unauthorized access to data

Answer 18

Hacker

Question 19

An attack that targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed

Answer 19

Supply-chain attack

Question 20

A type of attack when a threat actor compromises a website frequently visited by a specific group of user

Answer 20

Watering hole attack

Question 21

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source

Answer 21

Vishing

Question 22

An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network

Answer 22

USB baiting

Question 23

The use of digital communications to trick people into revealing sensitive data or deploying malicious software

Answer 23

Phishing

Question 24

A security incident that affects not only digital but also physical environments where the incident is deployed

Answer 24

Physical attack

Question 25

An attack in which a threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location

Answer 25

Physical social engineering:

Question 26

: A manipulation technique that exploits human error to gain private information, access, or valuables

Answer 26

Social engineering:

Question 27

A type of attack where a threat actor collects detailed information about their target on social media sites before initiating the attack

Answer 27

Social media phishing

Question 28

A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source

Answer 28

Spear phishing