Foundations of Cybersecurity Flashcards
Module One
What is the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation?
Cybersecurity (or security)
What does the CIA triad stand for in cybersecurity?
Confidentiality, Integrity, Availability
What is cloud security?
The process of ensuring that assets stored in the cloud are properly configured and access to those assets is limited to authorized users.
What is an internal threat?
A current or former employee, external vendor, or trusted partner who poses a security risk.
What is network security?
The practice of keeping an organization’s network infrastructure secure from unauthorized access.
What is personally identifiable information (PII)?
Any information used to infer an individual’s identity.
What is sensitive personally identifiable information (SPII)?
A specific type of PII that falls under stricter handling guidelines.
What is security posture?
An organization’s ability to manage its defense of critical assets and data and react to change.
What are technical skills?
Skills that require knowledge of specific tools, procedures, and policies.
What is a threat actor?
Any person or group who presents a security risk.
What is compliance in cybersecurity?
The process of adhering to internal standards and external regulations to avoid fines and security breaches.
What are security frameworks?
Guidelines used for building plans to help mitigate risks and threats to data and privacy.
What are security controls?
Safeguards designed to reduce specific security risks.
What are the primary responsibilities of an entry-level security analyst?
Monitor systems, protect information, and search for weaknesses.
What enables security professionals to review an organization’s security records, activities, and related documents?
Security audits.
How do security teams bring value to an organization?
Achieving regulatory compliance and protecting against external and internal threats.
Name two transferable skills important for cybersecurity professionals.
Communication and problem-solving.
Name two technical skills needed to become an entry-level security analyst.
Programming and data analysis.
Who identifies, analyzes, and preserves criminal evidence within networks, computers, and electronic devices?
Digital forensic investigators.
What are examples of sensitive personally identifiable information (SPII) that cybersecurity professionals need to protect?
Medical records and bank account numbers
What is the purpose of Security Information and Event Management (SIEM) tools?
To collect and analyze log data, monitor critical activities, and identify and analyze potential security threats, risks, and vulnerabilities.
What do intrusion detection systems (IDSs) do?
Monitor system activity and alert for possible intrusions.
Why is knowledge of the threat landscape important for cybersecurity analysts?
It allows security teams to build stronger defenses against threat actor tactics and techniques.
What certification does the Google Cybersecurity Certificate help prepare you for?
CompTIA Security+ exam.
What is programming used for in cybersecurity?
Automating tasks, reviewing web traffic, and alerting suspicious activity.
