Foundations of Cybersecurity Module 1 Flashcards
______________ is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.
Compliance
____________ are guidelines used for building plans to help mitigate risks and threats to data and privacy.
Security Frameworks
_____________ are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.
Security Controls
____________ is an organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization.
Security posture
A __________ , or malicious attacker, is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.
Threat Actor
An _______________ can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access.
Internal threat
_____________ is the practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.
Network Security
____________ is the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.
Cloud Security
______________ is a process that can be used to create a specific set of instructions for a computer to execute tasks. These tasks can include:
Automation of repetitive tasks (e.g., searching a list of malicious domains)
Reviewing web traffic
Alerting suspicious activity
Programming
________________ collect and analyze log data, or records of events such as unusual login behavior, and support analysts’ ability to monitor critical activities in an organization. This helps cybersecurity professionals identify and analyze potential security threats, risks, and vulnerabilities more efficiently.
Siem Tools
Security Information and Event Management
Cybersecurity analysts use __________ to monitor system activity and alerts for possible intrusions. It’s important to become familiar with IDSs because they’re a key tool that every organization uses to protect assets and data. For example, you might use an IDS to monitor networks for signs of malicious activity, like unauthorized access to a network.
Intrusion detection systems (IDSs)
Cybersecurity analysts need to be able to follow established policies and procedures to respond to incidents appropriately. For example, a security analyst might receive an alert about a possible malware attack, then follow the organization’s outlined procedures to start the incident response process. This could involve conducting an investigation to identify the root issue and establishing ways to remediate it.
Incident Response
__________________, known as ____, is any information used to infer an individual’s identity. __________ includes someone’s full name, date of birth, physical address, phone number, email address, internet protocol, or IP address and similar information.
Personally identifiable information, known as PII
________________, known as _____, is a specific type of PII that falls under stricter handling guidelines and may include social security numbers, medical or financial information, and biometric data, such as facial recognition. If _________ is stolen, this has the potential to be significantly more damaging to an individual than if ________ is stolen.
Sensitive personally identifiable information
known as SPII
____________ is the act of stealing personal information to commit fraud while impersonating a victim. And the primary objective of ___________ is financial gain.
Identity theft