Definitions Flashcards
Cybersecurity
the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation
Threat actor
(malicious actor) person or group that presents a security risk; risk can be to computers, applications, networks, and data
Transferable Skills
skills from other areas that can apply to different careers
Playbook
reference guide for certain detections and how to investigate incidents
Technical Skills
skills that require knowledge of specific tools, procedures, and policies
Personally Identifiable Information (PII)
information used to infer an individual’s identity; full name, date of birth, physical address, phone number, email address, IP address
Sensitive Personally Identifiable Information (SPII)
stricter handling guidelines of information used to infer an individual’s identity; social security number, medical information, financial (bank) information, and biometric data (facial recognition)
Identity theft
act of stealing PII/SPII to commit fraud while impersonating a victim; for financial gain
5 Benefits of Security
- Protects against external and internal threats
- Meets regulatory compliance
- Maintains and improves business productivity
- Reduces expenses
- Maintains brand trust
Common Job Titles
- Security analyst/specialist
- Cybersecurity analyst/specialist
- Security operations center (SOC) analyst
- Information security analyst
Analyst Responsiblities
Responsible for monitoring and protecting information and system. This includes protecting computer and software systems, installing prevention software, and conducting periodic security audits.
Operations
responding to detections and doing investigations
Projects
working with other teams to build new detections or improve the current ones (mostly engineers)
Compliance
process of adhering to internal standards as well as external regulations and enables organizations to avoid fines and security breaches
Security frameworks
guidelines used for building plans to help mitigate risks and threats to data and privacy
Security controls
safeguards used to reduce specific security risks; used with security frameworks to bolster security posture
Internal Threat
can be current or former employee, an external vendor, or a trusted partner who poses a security risk
Accidental Threat
employee accidentally clicks on a malicious email link
Network security
practice of keeping an organization’s network infrastructure secure from unauthorized access from data, services, systems, and devices that are stored in an organization’s network
Cloud security
process of ensuring that assets stored in the cloud are properly configured and limited to authorized users
The cloud
a network made up of a collection of servers via the internet
Programming
process that can be used to create a specific set of instructions for a computer to execute tasks; automation of repetitive tasks (searching malicious domains), reviewing web traffic, and/or alerting suspicious activity
Transferable Analyst Skills
- Communication
- Collaboration
- Problem-solving
4.Time management - Growth mindset
- Diverse perspectives (inclusive)
Technical Analyst Skills
- Programming languages
- Security information and event management (SIEM) tools
- Intrusion detection systems (IDSs)
- Computer forensics
- Threat landscape knowledge
- Incident response
Programming Languages
used to automate tasks and identify error messages
SIEM tools
used to identify and analyze security threats, risks and vulnerabilities more efficiently; preventative action against cyber attacks
IDSs
used to monitor system activity and alerts for possible intrusions; only detect and report events
Digital forensic investigators
attempt to identify, analyze, and preserve criminal evidence within networks, computers, and electronic devices
Threat landscape knowledge
up to date on trends related to threat actors, malware, or threat methodologies
Incident response
ability to detect and act upon a security threat
