Foundations of Cybersecurity

Question 1

What is the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation?

Answer 1

Cybersecurity (or security)

Question 2

What does the CIA triad stand for in cybersecurity?

Answer 2

Confidentiality, Integrity, Availability

Question 3

What is cloud security?

Answer 3

The process of ensuring that assets stored in the cloud are properly configured and access to those assets is limited to authorized users.

Question 4

What is an internal threat?

Answer 4

A current or former employee, external vendor, or trusted partner who poses a security risk.

Question 5

What is network security?

Answer 5

The practice of keeping an organization’s network infrastructure secure from unauthorized access.

Question 6

What is personally identifiable information (PII)?

Answer 6

Any information used to infer an individual’s identity.

Question 7

What is sensitive personally identifiable information (SPII)?

Answer 7

A specific type of PII that falls under stricter handling guidelines.

Question 8

What is security posture?

Answer 8

An organization’s ability to manage its defense of critical assets and data and react to change.

Question 9

What are technical skills?

Answer 9

Skills that require knowledge of specific tools, procedures, and policies.

Question 10

What is a threat actor?

Answer 10

Any person or group who presents a security risk.

Question 11

What is compliance in cybersecurity?

Answer 11

The process of adhering to internal standards and external regulations to avoid fines and security breaches.

Question 12

What are security frameworks?

Answer 12

Guidelines used for building plans to help mitigate risks and threats to data and privacy.

Question 13

What are security controls?

Answer 13

Safeguards designed to reduce specific security risks.

Question 14

What are the primary responsibilities of an entry-level security analyst?

Answer 14

Monitor systems, protect information, and search for weaknesses.

Question 15

What enables security professionals to review an organization’s security records, activities, and related documents?

Answer 15

Security audits.

Question 16

How do security teams bring value to an organization?

Answer 16

Achieving regulatory compliance and protecting against external and internal threats.

Question 17

Name two transferable skills important for cybersecurity professionals.

Answer 17

Communication and problem-solving.

Question 18

Name two technical skills needed to become an entry-level security analyst.

Answer 18

Programming and data analysis.

Question 19

Who identifies, analyzes, and preserves criminal evidence within networks, computers, and electronic devices?

Answer 19

Digital forensic investigators.

Question 20

What are examples of sensitive personally identifiable information (SPII) that cybersecurity professionals need to protect?

Answer 20

Medical records and bank account numbers

Question 21

What is the purpose of Security Information and Event Management (SIEM) tools?

Answer 21

To collect and analyze log data, monitor critical activities, and identify and analyze potential security threats, risks, and vulnerabilities.

Question 22

What do intrusion detection systems (IDSs) do?

Answer 22

Monitor system activity and alert for possible intrusions.

Question 23

Why is knowledge of the threat landscape important for cybersecurity analysts?

Answer 23

It allows security teams to build stronger defenses against threat actor tactics and techniques.

Question 24

What certification does the Google Cybersecurity Certificate help prepare you for?

Answer 24

CompTIA Security+ exam.

Question 25

What is programming used for in cybersecurity?

Answer 25

Automating tasks, reviewing web traffic, and alerting suspicious activity.