Foundations of Cybersecurity

Question 1

Compliance

Answer 1

The process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.

Question 2

Security frameworks

Answer 2

Guidelines used for building plans to help mitigate risks and threats to data and privacy.

Question 3

Security controls

Answer 3

Safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.

Question 4

Security posture

Answer 4

An organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization.

Question 5

Threat actor

Answer 5

Aka, a malicious attacker. Any person or group who presents a security risk.

Question 6

Internal threat

Answer 6

A current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, this threat is accidental.

Question 7

Network security

Answer 7

The practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.

Question 8

Cloud security

Answer 8

The process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users.

Question 9

Programming

Answer 9

A process that can be used to create a specific set of instructions for a computer to execute tasks.

Question 10

Cybersecurity (or security)

Answer 10

The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.

Question 11

Personally identifiable information (PII)

Answer 11

Any information used to infer an individual’s identity.

Question 12

Sensitive personally identifiable information (SPII)

Answer 12

A specific type of PII that falls under stricter handling guidelines. E.g. SS # or credit card information.

Question 13

Technical skills

Answer 13

Skills that require knowledge of specific tools, procedures, and policies.

Question 14

Threat

Answer 14

Any circumstance or event that can negatively impact assets.

Question 15

Transferable skills

Answer 15

Skills from other areas that can apply to different careers.

Question 16

Phishing

Answer 16

The use of digital communications to trick people into revealing sensitive data or deploying malicious software.

Question 17

What are the most common types of phishing attacks?

Answer 17

Business Email Compromise (BEC), Spear phishing, Whaling, Vishing, and Smishing

Question 18

Business Email Compromise (BEC)

Answer 18

A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.

Question 19

Spear phishing

Answer 19

A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.

Question 20

Whaling

Answer 20

A form of spear phishing. Threat actors target company executives to gain access to sensitive data.

Question 21

Vishing

Answer 21

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.

Question 22

Smishing

Answer 22

The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.

Question 23

Malware

Answer 23

Software designed to harm devices or networks.

Question 24

What are the most common types of malware?

Answer 24

Viruses, Worms, Ransomware, and Spyware

Question 25

Viruses

Answer 25

Malicious code written to interfere with computer operations and cause damage to data and software.

Question 26

Worms

Answer 26

Malware that can duplicate and spread itself across systems on its own.

Question 27

Ransomware

Answer 27

A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.

Question 28

Spyware

Answer 28

Malware that’s used to gather and sell information without consent. This type of malware can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.

Question 29

Social engineering

Answer 29

A manipulation technique that exploits human error to gain private information, access, or valuables.

Question 30

Phishing, Smishing, Vishing, Spear phishing, Whaling, Social media phishing, Business Email Compromise (BEC), Watering hole attack, USB (Universal Serial Bus) baiting, and Physical social engineering.

Answer 30

What are the most common types of social engineering attacks?

Question 31

What does CISSP stand for?

Answer 31

Certified Information Systems Security Professional

Question 32

1. Security and Risk Management
2. Asset Security
3. Security Architecture and Engineering
4. Communications and Network Security
5. Identity and Access Management
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security

Answer 32

What are the eight CISSP security domains?

Question 33

Password attack

Answer 33

An attempt to access password-secured devices, systems, networks, or data.

Question 34

What are the two common forms of password attacks?

Answer 34

Brute force and Rainbow table

Question 35

Physical attack

Answer 35

A security incident that affects not only digital but also physical environments where the incident is deployed.

Question 36

What are some of the most common examples of physical attacks?

Answer 36

Malicious USB cable, Malicious flash drive, and Card cloning and skimming

Question 37

Adversarial artificial intelligence

Answer 37

A technique that manipulates
artificial intelligence and machine learning technology to conduct attacks more efficiently.

Question 38

Supply-chain attack

Answer 38

An attack that targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed.

Question 39

Cryptographic attack

Answer 39

An attack that affects secure forms of communication between a sender and intended recipient.

Question 40

What are some forms of cryptographic attacks?

Answer 40

Birthday, Collision, and Downgrade

Question 41

Advanced persistent threats (APTs)

Answer 41

Those who have significant expertise accessing an organization’s network without authorization.

Question 42

Insider threats

Answer 42

Those who abuse their authorized access to obtain data that may harm an organization.

Question 43

What are 4 potential intentions and motivations of Insider Threats?

Answer 43

Sabotage, Corruption, Espionage, and Unauthorized data access or leaks

Question 44

Hacktivist

Answer 44

A person who uses hacking to achieve a political goal.

Question 45

What are 4 potential goals of a hacktivist?

Answer 45

Demonstrations, Propaganda, Social change campaigns, Fame

Question 46

Hacker

Answer 46

Any person who uses computers to gain access to computer systems, networks, or data.

Question 47

What does the CIA triad stand for?

Answer 47

Confidentiality, Integrity, and Availability

Question 48

Protected Health Information (PHI)

Answer 48

Relates to the past, present, or future physical or mental health or condition of an individual, whether it’s a plan of care or payments for care.

Question 49

Security ethics

Answer 49

Guidelines for making appropriate decisions as a security professional.

Question 50

Confidentiality

Answer 50

The idea that only authorized users can access specific assets or data.

Question 51

Privacy protection

Answer 51

Safeguarding personal information from unauthorized use.

Question 52

Laws

Answer 52

Rules that are recognized by a community and enforced by a governing entity.

Question 53

Health Insurance Portability and Accountability Act (HIPAA)

Answer 53

A U.S. federal law established to protect patients’ health information, also known as PHI, or protected health information.

Question 54

Asset

Answer 54

An item perceived as having value to an organization.

Question 55

Availability

Answer 55

The idea that data is accessible to those who are authorized to access it.

Question 56

Confidentiality, integrity, availability (CIA) triad

Answer 56

A model that helps inform how organizations consider risk when setting up systems and security policies.

Question 57

Integrity

Answer 57

The idea that the data is correct, authentic, and reliable.

Question 58

What does NIST CSF stand for?

Answer 58

National Institute of Standards and Technology Cyber Security Framework

Question 59

National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF)

Answer 59

A voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk.

Question 60

Security architecture

Answer 60

A type of security design composed of multiple components, such as tools and processes, that are used to protect an organization from risks and external threats.

Question 61

Security governance

Answer 61

Practices that help support, define, and direct security efforts of an organization.

Question 62

Security information and event management (SIEM) tool

Answer 62

An application that collects and analyzes log data to monitor critical activities in an organization.

Question 63

Log

Answer 63

A record of events that occur within an organization’s systems.

Question 64

Network protocol analyzer

Answer 64

Aka packet sniffer. A tool designed to capture and analyze data traffic in a network.

Question 65

Playbook

Answer 65

A manual that provides details about any operational action, such as how to respond to a security incident.

Question 66

What are two types of playbooks?

Answer 66

Chain of Custody and Protecting and Preserving Evidence playbooks

Question 67

Order of volatility

Answer 67

A sequence outlining the order of data that must be preserved from first to last.

Question 68

Automation

Answer 68

The use of technology to reduce human and manual effort in performing common and repetitive tasks.

Question 69

Structured Query Language (SQL)

Answer 69

Used to create, interact with, and request information from a database.

Question 70

Database

Answer 70

An organized collection of information or data.

Question 71

Data point

Answer 71

A specific piece of information.

Question 72

Operating system

Answer 72

The interface between computer hardware and the user.

Question 73

Linux

Answer 73

An open-source operating system.

Question 74

Command

Answer 74

An instruction telling the computer to do something.

Question 75

Command-line interface (CLI)

Answer 75

A text-based user interface that uses commands to interact with the computer.

Question 76

Web vulnerability

Answer 76

A unique flaw in a web application that a threat actor could exploit by using malicious code or behavior, to allow unauthorized access, data theft, and malware deployment.

Question 77

Antivirus software

Answer 77

A software program used to prevent, detect, and eliminate malware and viruses.

Question 78

Intrusion detection system (IDS)

Answer 78

An application that monitors system activity and alerts on possible intrusions.

Question 79

Encryption

Answer 79

The process of converting data from a readable format to a cryptographically encoded format.

Question 80

Cryptographic encoding

Answer 80

Converting plaintext into secure ciphertext.

Question 81

Plaintext

Answer 81

Unencrypted information.

Question 82

Secure ciphertext

Answer 82

The result of encryption

Question 83

Penetration testing

Answer 83

Aka, pen testing. The act of participating in a simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes.

Question 84

Protecting and preserving evidence

Answer 84

The process of properly working with fragile and volatile digital evidence.

Question 85

Active packet sniffing

Answer 85

A type of attack where data packets are manipulated in transit.

Question 86

Botnet

Answer 86

A collection of computers infected by malware that are under the control of a single threat actor, known as the “bot-herder”.

Question 87

Denial of service (DoS) attack

Answer 87

An attack that targets a network or server and floods it with network traffic.

Question 88

Distributed denial of service (DDoS) attack

Answer 88

A type of denial of service attack that uses multiple devices or servers located in different locations to flood the target network with unwanted traffic.

Question 89

Internet Control Message Protocol (ICMP)

Answer 89

An internet protocol used by devices to tell each other about data transmission errors across the network.

Question 90

Internet Control Message Protocol (ICMP) flood

Answer 90

A type of DoS attack performed by an attacker repeatedly sending ICMP request packets to a network server.

Question 91

IP spoofing

Answer 91

A network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network.

Question 92

On-path attack

Answer 92

An attack where a malicious actor places themselves in the middle of an authorized connection and intercepts or alters the data in transit.

Question 93

Packet sniffing

Answer 93

The practice of capturing and inspecting data packets across a network.

Question 94

Passive packet sniffing

Answer 94

A type of attack where a malicious actor connects to a network hub and looks at all traffic on the network.

Question 95

Ping of death

Answer 95

A type of DoS attack caused when a hacker pings a system by sending it an oversized ICMP packet that is larger than 64KB.

Question 96

Replay attack

Answer 96

A network attack performed when a malicious actor intercepts a data packet in transit and delays it or repeats it at another time.

Question 97

Smurf attack

Answer 97

A network attack performed when an attacker sniffs an authorized user’s IP address and floods it with ICMP packets.

Question 98

Synchronize (SYN) flood attack

Answer 98

A type of DoS attack that simulates a TCP/IP connection and floods a server with SYN packets.

Question 99

Backdoor attack

Answer 99

Weaknesses intentionally left by programmers or system and network administrators that bypass normal access control mechanisms.