Definitions

Question 1

Cybersecurity

Answer 1

the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation

Question 2

Threat actor

Answer 2

(malicious actor) person or group that presents a security risk; risk can be to computers, applications, networks, and data

Question 3

Transferable Skills

Answer 3

skills from other areas that can apply to different careers

Question 3

Playbook

Answer 3

reference guide for certain detections and how to investigate incidents

Question 4

Technical Skills

Answer 4

skills that require knowledge of specific tools, procedures, and policies

Question 5

Personally Identifiable Information (PII)

Answer 5

information used to infer an individual’s identity; full name, date of birth, physical address, phone number, email address, IP address

Question 6

Sensitive Personally Identifiable Information (SPII)

Answer 6

stricter handling guidelines of information used to infer an individual’s identity; social security number, medical information, financial (bank) information, and biometric data (facial recognition)

Question 7

Identity theft

Answer 7

act of stealing PII/SPII to commit fraud while impersonating a victim; for financial gain

Question 8

5 Benefits of Security

Answer 8

1. Protects against external and internal threats
2. Meets regulatory compliance
3. Maintains and improves business productivity
4. Reduces expenses
5. Maintains brand trust

Question 9

Common Job Titles

Answer 9

1. Security analyst/specialist
2. Cybersecurity analyst/specialist
3. Security operations center (SOC) analyst
4. Information security analyst

Question 10

Analyst Responsiblities

Answer 10

Responsible for monitoring and protecting information and system. This includes protecting computer and software systems, installing prevention software, and conducting periodic security audits.

Question 11

Operations

Answer 11

responding to detections and doing investigations

Question 12

Projects

Answer 12

working with other teams to build new detections or improve the current ones (mostly engineers)

Question 13

Compliance

Answer 13

process of adhering to internal standards as well as external regulations and enables organizations to avoid fines and security breaches

Question 14

Security frameworks

Answer 14

guidelines used for building plans to help mitigate risks and threats to data and privacy

Question 15

Security controls

Answer 15

safeguards used to reduce specific security risks; used with security frameworks to bolster security posture

Question 16

Internal Threat

Answer 16

can be current or former employee, an external vendor, or a trusted partner who poses a security risk

Question 17

Accidental Threat

Answer 17

employee accidentally clicks on a malicious email link

Question 18

Network security

Answer 18

practice of keeping an organization’s network infrastructure secure from unauthorized access from data, services, systems, and devices that are stored in an organization’s network

Question 19

Cloud security

Answer 19

process of ensuring that assets stored in the cloud are properly configured and limited to authorized users

Question 20

The cloud

Answer 20

a network made up of a collection of servers via the internet

Question 21

Programming

Answer 21

process that can be used to create a specific set of instructions for a computer to execute tasks; automation of repetitive tasks (searching malicious domains), reviewing web traffic, and/or alerting suspicious activity

Question 22

Transferable Analyst Skills

Answer 22

1. Communication
2. Collaboration
3. Problem-solving
   4.Time management
4. Growth mindset
5. Diverse perspectives (inclusive)

Question 23

Technical Analyst Skills

Answer 23

1. Programming languages
2. Security information and event management (SIEM) tools
3. Intrusion detection systems (IDSs)
4. Computer forensics
5. Threat landscape knowledge
6. Incident response

Question 24

Programming Languages

Answer 24

used to automate tasks and identify error messages

Question 25

SIEM tools

Answer 25

used to identify and analyze security threats, risks and vulnerabilities more efficiently; preventative action against cyber attacks

Question 26

IDSs

Answer 26

used to monitor system activity and alerts for possible intrusions; only detect and report events

Question 27

Digital forensic investigators

Answer 27

attempt to identify, analyze, and preserve criminal evidence within networks, computers, and electronic devices

Question 28

Threat landscape knowledge

Answer 28

up to date on trends related to threat actors, malware, or threat methodologies

Question 29

Incident response

Answer 29

ability to detect and act upon a security threat