Glossary Terms

Question 1

Cybersecurity (or Security)

Answer 1

The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation

Question 2

Cloud security

Answer 2

The process of ensuring the assets stored in the cloud are properly configured, and access to those assets, is limited by authorized users

Question 3

Internal threat

Answer 3

A current, or former employee, external vendor, or trusted partner, who poses our security risk

Question 4

Network security

Answer 4

The practice of keeping in organizations network infrastructure secure from unauthorized access

Question 5

Personally, identifiable information (PII)

Answer 5

Any information used to infer an individuals identity. includes: someone’s full name, date of birth, physical address, phone number, email address, Internet, protocol, IP address, and similar information 

Question 6

Sensitive personally identifiable information (SPII)

Answer 6

A specific type of PII that falls under stricter handling guidelines. May include: Social Security numbers, medical, our financial information, and biometric data, such as facial recognition.

Question 7

Technical skills

Answer 7

Skills that require knowledge of specific tools, procedures, and policies. Which include: programming, languages, secure, information, and event management (SIEM) tools, intrusion detection systems (IDSs), threat, landscape, knowledge, incident response.

Question 8

Threat

Answer 8

Any circumstance, or event that can negatively impact assets

Question 9

Threat actor

Answer 9

Any person or group represents a security risk

Question 10

Transferable skills

Answer 10

Skills from other areas that can apply to different careers. Which includes: communication, collaboration, analysis, problem-solving.

Question 11

Absolute file path

Answer 11

The full file path, which starts from the root

Question 12

Access controls

Answer 12

Security controls that manage access, authorization, and accountability of information

Question 13

Active packet sniffing

Answer 13

A type of attack where data packets are manipulated in transit

Question 14

Address resolution protocol (ARP)

Answer 14

Network protocol used to determine the MAC ADDRESS OF THE NEXT ROUTER OR DEVICE TO TRAVERSE

Question 15

Advanced persistent threat (APT)

Answer 15

An instance where a threat actor maintains unauthorized access to a system for an extended period of time

Question 16

Adversarial artificial intelligence (AI)

Answer 16

A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently

Question 17

Adware

Answer 17

A type of legitimate software that is sometimes used to display digital advertisements in applications

Question 18

Algorithm

Answer 18

A set of rules to solve a problem

Question 19

Analysis

Answer 19

The investigation and validation of alerts

Question 20

Angler phishing

Answer 20

A technique where attackers impersonate customer service representatives on social media 

Question 21

Anomaly-based analysis

Answer 21

Detection method that identifies abnormal behavior

Question 22

Antivirus software

Answer 22

A software program used to prevent, detect, and illuminate malware and viruses

Question 23

Application

Answer 23

A program that performs a specific task

Question 24

Application programming interface (API) token

Answer 24

A small block of encrypted code that contains information about a user

Question 25

Argument (Linux)

Answer 25

Specific information needed by a command

Question 26

Argument (python)

Answer 26

The data brought into a function when it is called

Question 27

Array

Answer 27

Data type that stores data in a comma-separated ordered list

Question 28

Assess

Answer 28

The fifth step of the NIST RMF that means to determine if established controls are implemented correctly

Question 29

Asset

Answer 29

An item perceived as having value to an organization

Question 30

Asset classification

Answer 30

The practice of labeling assets based on sensitivity and importance to an organization

Question 31

Asset inventory

Answer 31

A catalog of assets that need to be protected

Question 32

Asset management

Answer 32

The process of tracking assets and the risks that affect them

Question 33

Asymmetric encryption

Answer 33

The use of a public and private key pair for encryption and decryption of data

Question 34

Attack surface

Answer 34

All the potential vulnerabilities that a threat actor could exploit

Question 35

Attack tree

Answer 35

A diagram that maps threats to assets

Question 36

Attack vectors

Answer 36

The pathways attackers used to penetrate security defenses

Question 37

Authentication

Answer 37

The process of verifying who someone is

Question 38

Authorization

Answer 38

The concept of granting access to specific resources in a system

Question 39

Authorize

Answer 39

The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that might exist in an organization

Question 40

Automation

Answer 40

The use of technology, to reduce human and manual effort to perform common and repetitive tasks

Question 41

Availability

Answer 41

The idea that data is accessible to those who are authorized to access it

Question 42

Baiting

Answer 42

A social engineering tactic that tempts people into compromising their security

Question 43

Bandwidth

Answer 43

The amount of data a device receives every second

Question 44

Baseline configuration (baseline image)

Answer 44

A documented set of specifications within a system that is used as a basis for future builds, releases, and updates

Question 45

Bash

Answer 45

The default shell in most Linux distributions

Question 46

Basic auth

Answer 46

The technology used to establish a users request to access a server

Question 47

Basic input/output system (BIOS)

Answer 47

A microchip that contains loading instructions for the computer and is prevalent in older systems

Question 48

Bootloader

Answer 48

A software program that boots the operating system

Question 49

Biometrics

Answer 49

The unique physical characteristics that can be used to verify a persons identity

Question 50

Boolean data

Answer 50

Data that can only be one of two values: either true or false

Question 51

Botnet

Answer 51

A collection of computers infected by malware that are under the control of a single threat actor, known as a “bot-herder”

Question 52

Bracket notation

Answer 52

The indices placed in square brackets

Question 53

Broken chain of custody

Answer 53

Inconsistencies in the collection of logging of evidence in the chain of custody

Question 54

Brute force attack

Answer 54

The trial and error process of discovering private information

Question 55

Bug bounty

Answer 55

Programs that encourage freelance hackers to find and report vulnerabilities

Question 56

Built-in function

Answer 56

A function that exists within python and can be called directly

Question 57

Business email compromise (BEC)

Answer 57

A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage

Question 58

Business continuity

Answer 58

An organizations ability to maintain their every day productivity by establishing risk disaster. Recovery plans.

Question 59

Business continuity plan (BCP)

Answer 59

A document that outlines the procedures to sustain business operations during and after a significant disruption

Question 60

Categorize

Answer 60

The second step of the NIST RMF that is used to develop risk management processes and tasks

Question 61

CentOS

Answer 61

An open-source distribution that is closely related to red hat

Question 62

Central processing unit (CPU)

Answer 62

A computers, main processor, which is used to perform general computing tasks on a computer

Question 63

Chain of custody

Answer 63

The process of documenting evidence, possession and control during an incident lifecycle

Question 64

Chronicle

Answer 64

A cloud-native tool, design to retain, analyze, and search data

Question 65

Cipher

Answer 65

An algorithm that encrypts information

Question 66

Cloud-based firewalls

Answer 66

Software firewalls that are hosted by the cloud service provider

Question 67

Cloud computing

Answer 67

The practice of using remote servers, applications, and network services that are hosted on the Internet instead of on local physical devices

Question 68

Cloud Network

Answer 68

A collection of servers or computers that stores resources, and data in remote data centers that can be access via the Internet

Question 69

Command

Answer 69

And instruction telling the computer to do something

Question 70

Command and control (C2)

Answer 70

The techniques used by malicious actors to maintain communications with compromised systems

Question 71

Command-line interface (CLI)

Answer 71

A text-based user interface that uses commands to interact with the computer

Question 72

Comment

Answer 72

A note programmers make about the intention behind their code

Question 73

Common event format (CEF)

Answer 73

A log format that uses key-value pairs to instruct data and identify fields and their corresponding values

Question 74

Common vulnerabilities and exposures (CVE) list

Answer 74

An openly accessible dictionary of known vulnerabilities and exposures

Question 75

Common vulnerability scoring system (CVSS)

Answer 75

A measurement system that scores the severity of a vulnerability

Question 76

Compliance

Answer 76

The process of adhering to internal standards and external regulations

Question 77

Computer security incident response teams (CSIRT)

Answer 77

A specialized group of security professionals that are trained in incident management and response

Question 78

Computer virus

Answer 78

Malicious code written to interfere with computer operations, and cause damage to data and software

Question 79

Conditional statement

Answer 79

A statement that evaluates code to determine if it needs a specified set of conditions

Question 80

Confidentiality

Answer 80

The idea that only authorized users can access specific assets or data

Question 81

Confidentiality, integrity, availability (CIA) Triad

Answer 81

A model that helps inform how organizations consider risk when setting up systems and security policies

Question 82

Configuration file

Answer 82

A file used to configure the settings of an application

Question 83

Containment

Answer 83

The act of limiting and preventing additional damage caused by an incident

Question 84

Controlled zone

Answer 84

A subnet that protects the internal network from the uncontrolled zone

Question 85

Cross-site scripting (XSS)

Answer 85

An injection attack that inserts code into a vulnerable website or web application

Question 86

Crowdsourcing

Answer 86

The practice of gathering, information, music, public input, and collaboration

Question 87

Cryptographic attack

Answer 87

An attack that affects secure forms of communication between a center and intended recipient

Question 88

Cryptographic key

Answer 88

A mechanism that decrypts ciphertext

Question 89

Cryptography

Answer 89

A process of transforming information into a form that unintended readers can’t understand

Question 90

Cryptojacking

Answer 90

A form of malware that installs software to illegally mine crypto currencies

Question 91

CVE numbering authority (CNA)

Answer 91

An organization, that volunteers to analyze and distribute information on eligible CVEs

Question 92

Data

Answer 92

Information that is translated, processed, or stored by a computer

Question 93

Data at rest

Answer 93

Data not currently being accessed

Question 94

Data custodian

Answer 94

Anyone or anything that’s responsible for the safe handling, transport, and storage of information

Question 95

Data exfiltration

Answer 95

Unauthorized transmission of data from a system

Question 96

Data in transit

Answer 96

Data traveling from one point to another

Question 97

Data in use

Answer 97

Data being accessed by one or more users

Question 98

Data owner

Answer 98

The person who decides who can access, edit, use, or destroy their information

Question 99

Data packet

Answer 99

A basic unit of information that travels from one device to another within a Network

Question 100

Data point

Answer 100

A specific piece of information

Question 101

Data type

Answer 101

A category for a particular type of data item

Question 102

Database

Answer 102

An organized collection of information or data

Question 103

Date and time data

Answer 103

Data, representing a date and/or time

Question 104

Debugger

Answer 104

A software tool that helps to locate the source of an error and assess it causes

Question 105

Debugging

Answer 105

A practice of identifying and fixing errors in code

Question 106

Defense in depth

Answer 106

A layered approach to vulnerability management that reduces risk

Question 107

Denial of service (DOS) attack

Answer 107

An attack that targets in network or server, and floods it with network traffic

Question 108

Detect

Answer 108

A NIST core function related to identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detection

Question 109

Detection

Answer 109

The prompt discovery of security events

Question 110

Dictionary data

Answer 110

Data that consists of one or more key-value pairs

Question 111

Digital certificate

Answer 111

A file that verifies the identity of a public key holder

Question 112

Digital forensics

Answer 112

The practice of collecting and analyzing data to determine what has happened after an attack

Question 113

Directory

Answer 113

A file that organizes where other files are stored

Question 114

Distributed denial of service (DDOS) attack

Answer 114

A type of denial of service attack that uses multiple devices or servers to flood the target network with unwanted traffic

Question 115

Distributions

Answer 115

The different versions of Linux

Question 116

Documentation

Answer 116

Any form of recorded content that is used for specific purpose

Question 117

DOM-based XSS attack

Answer 117

An instant when malicious script exists in the webpage a browser loads

Question 118

Domain name system (DNS)

Answer 118

A networking protocol that translates Internet domain names into IP addresses

Question 119

Elevator pitch

Answer 119

A brief summary of a persons experience, skills, and background

Question 120

Encapsulation

Answer 120

A process performed by a VPN service that protects your data by wrapping sensitive data in other data packets

Question 121

Encryption

Answer 121

The process of converting data from a readable format to an encoded format

Question 122

Endpoint

Answer 122

Any device connected on a Network

Question 123

Endpoint detection and response (EDR)

Answer 123

An application that monitors an endpoint for malicious activity

Question 124

Eradication

Answer 124

The complete removal of the incident elements from all affected systems

Question 125

Escalation policy

Answer 125

A set of actions that outline who should be notified when an incident alert, occurs and how that incident should be handled

Question 126

Event

Answer 126

An observable occurrence on a network, system or device

Question 127

Exception

Answer 127

An error that involves code that cannot be executed even though it is syntactically correct

Question 128

Exclusive operator

Answer 128

An operator that does not include the value of comparison

Question 129

Exploit

Answer 129

A way of taking advantage of a vulnerability

Question 130

Exposure

Answer 130

A mistake that can be exploited by a threat

Question 131

External threat

Answer 131

Anything outside the organization that has the potential to harm organizational assets

Question 132

False negative

Answer 132

A state where the presence of a threat is not detected

Question 133

False positive

Answer 133

An alert that incorrectly detect the presence of a threat

Question 134

File path

Answer 134

The location of a file or directory

Question 135

Fileless malware

Answer 135

Malware that does not need to be installed by the user because it uses legitimate programs that are already installed to infect a computer

Question 136

Filesystem hierarchy standard (FHS)

Answer 136

The component of the Linux OS that organizes data

Question 137

Filtering

Answer 137

Selecting dated that match a certain condition

Question 138

Final report

Answer 138

Documentation that provides a comprehensive review of an incident

Question 139

Firewall

Answer 139

A network security device that monitors traffic to or from a Network

Question 140

Float data

Answer 140

Data consisting of a number with a decimal point

Question 141

Foreign key

Answer 141

A column in a table that is a primary key in another table

Question 142

Forward proxy server

Answer 142

A server that regulates and restricts a persons access to the Internet

Question 143

Function

Answer 143

A section of code that can be reused in a program

Question 144

Graphical user interface (GUI)

Answer 144

A user interface that uses icons on the screen to manage different tasks on the computer

Question 145

Global variable

Answer 145

A Variable that is available through the entire program

Question 146

Hacker

Answer 146

Any person or group who uses computers to gain unauthorized access to data

Question 147

Hacktivist

Answer 147

A person who uses hacking to achieve a political goal

Question 148

Hard drive

Answer 148

A hardware component used for long-term memory

Question 149

Hardware

Answer 149

The physical components of a computer

Question 150

Hash collision

Answer 150

An instant when different inputs produce the same hash value

Question 151

Hash function

Answer 151

An algorithm that produces a code that can’t be decrypted

Question 152

Hash table

Answer 152

A data structure that used to store and reference hash values

Question 153

Health insurance portability and accountability act (HIPAA)

Answer 153

A US federal law established to protect patients health information

Question 154

Honeypot

Answer 154

A system or resource created as a decoy vulnerable to attacks with the purpose of attracting potential intruders

Question 155

Host-based intrusion detection system (HIDS)

Answer 155

An application that monitors the activity of the host on which it’s installed

Question 156

Hub

Answer 156

A network device that broadcast information to every device on the network

Question 157

Hypertext transfer protocol (HTTP)

Answer 157

An application layer protocol that provides a method of communication between clients and website servers

Question 158

Hypertext transfer protocol secure (HTTPS)

Answer 158

A network protocol that provides a secure method of communication between clients and website servers

Question 159

Identify

Answer 159

A NIST core function related to management of cyber security risk and it’s affect on an organizations people and assets

Question 160

Identity and access management (IAM)

Answer 160

A collection of processes and technologies that helps organizations manage digital identities of their environment

Question 161

IEEE 802.11 (WiFi)

Answer 161

Set of standards that define communication for wireless LANs

Question 162

Immutable

Answer 162

An object that cannot be changed after it is created and assigned a value

Question 163

Implement

Answer 163

The fourth step of the NIST RMF that means to implement security and privacy plans for an organization

Question 164

Improper usage

Answer 164

An incident type that occurs when an employee of an organization violates the organizations acceptable use policies

Question 165

Incident

Answer 165

An occurrence that actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity or availability of information or an information system; or constitutes a violation of imminent threat of violation of law, security policies, security procedures, or acceptable use policies

Question 166

Incident escalation

Answer 166

The process of identifying a potential security incident, triaging it, and handing it off to a more experienced team member

Question 167

Incident handler’s journal

Answer 167

A form of documentation used in incident response

Question 168

Incident response

Answer 168

An organizations quick attempt to identify an attack, contain the damage, and correct the effects of a security breach

Question 169

Incident response plan

Answer 169

A document that outlines the procedures to take in each step of incident response

Question 170

Inclusive operator

Answer 170

An operator that includes the value of comparison

Question 171

Indentation

Answer 171

Space added, at the beginning of a line of code

Question 172

Index

Answer 172

A number assigned to every element in a sequence that indicates its position

Question 173

Indicators of attack (IoA)

Answer 173

A series of observed events that indicate a real-time incident

Question 174

Indicators of compromise (IOC)

Answer 174

Observable evidence that suggest signs of a potential security incident

Question 175

Information privacy

Answer 175

The protection of unauthorized access and distribution of data

Question 176

Information security (InfoSec)

Answer 176

The practice of keeping data in all states away from unauthorized users

Question 177

Injection attack

Answer 177

Malicious code, inserted into a vulnerable application

Question 178

Input sanitization

Answer 178

Programming that validates inputs from users and other programs

Question 179

Integer data

Answer 179

Data consisting of a number that does not include a decimal point

Question 180

Integrated development environment (IDE)

Answer 180

A software application for riding code that provides editing assistance and error correction tools

Question 181

Integrity

Answer 181

The idea that the data is correct, authentic and reliable

Question 182

Internal hardware

Answer 182

The components required to run the computer

Question 183

Internet control message protocol (ICMP)

Answer 183

An Internet protocol used by devices to tell each other about data transmission errors across the network

Question 184

Internet control message protocol flood (ICMP flood)

Answer 184

A type of DOS attack performed by an attacker repeatedly sending ICMP packets to a Netwerk server

Question 185

Internet protocol (IP)

Answer 185

A set of standards used for routing and addressing data packets as a travel between devices on a network

Question 186

Internet protocol (IP) address

Answer 186

Are unique string of characters that identifies the location of a device on the Internet

Question 187

Interpreter

Answer 187

A computer program that translates python code into runable instructions, line by line

Question 188

Intrusion detection system (IDS)

Answer 188

An application that monitor system activity and alerts on a possible intrusion

Question 189

Intrusion prevention system (IPS)

Answer 189

An application that monitors system activity for intrusive activity and takes action to stop the activity

Question 190

IP spoofing

Answer 190

But network attack performed when an attacker changes, the source IP of a data packet to impersonate an authorized system, and gain access to a Network

Question 191

Iterative statement

Answer 191

Code that repeatedly executes a set of instructions.

Question 192

Kali Linux

Answer 192

An open source distribution of Linux that is widely used in the security industry

Question 193

Kernel

Answer 193

The component of the Linux OS that manages processes in memory

Question 194

Key-value pair

Answer 194

A set of data that represents two linked items: a key, and it’s corresponding value

Question 195

Legacy operating system

Answer 195

An operating system that is outdated, but still being used

Question 196

Lessons learned meeting

Answer 196

A meeting that includes all involved parties after a major incident

Question 197

Library

Answer 197

A collection of models that provide code users can access in their programs

Question 198

Linux

Answer 198

An open source operating system

Question 199

List concatenation

Answer 199

The concept of combining two lists into one by placing the elements of the second list, directly after the elements of the first list

Question 200

List data

Answer 200

Data structure that consists of a collection of data in sequential form

Question 201

Local area network (LAN)

Answer 201

But Netwerk that spans small areas like an office building, a school, or a home

Question 202

Local variable

Answer 202

A variable assigned within a function

Question 203

Log

Answer 203

A Record of events that occur within an organization’s system

Question 204

Log analysis

Answer 204

The process of examining logs to identify events of interest

Question 205

Log management

Answer 205

The process of collecting storing analyzing and disposing of log data

Question 206

Logging

Answer 206

The recording of events occurring on a computer system in networks

Question 207

Logic error

Answer 207

An error that results when the logic used in code produces unintended results

Question 208

Loop condition

Answer 208

The part of a loop that determines when the loop terminate

Question 209

Loop variable

Answer 209

A variable that is used to control the iterations of a loop

Question 210

Malware

Answer 210

Software designed to harm devices or networks

Question 211

Malware infection

Answer 211

An incident type that occurs when malicious software designed to disrupt a system infiltrates an organizations computers, or Network

Question 212

Media access control (MAC) address

Answer 212

Are unique alphanumeric identifier that is assigned to each physical device on a Network

Question 213

Method

Answer 213

A function that belongs to a specific data type

Question 214

Metrics

Answer 214

Key technical attributes such as response time, availability, and failure rate which are used to assess the performance of a software application

Question 215

MITRE

Answer 215

A collection of nonprofit research and development centers

Question 216

Modem

Answer 216

A device that connects your router to the Internet and brings Internet access to the LAN

Question 217

Module

Answer 217

Call file that contains additional functions variable, classes, and any kind of runable code

Question 218

Monitor

Answer 218

The seventh step of the NIST RMF that means be aware of how systems are operating

Question 219

Multi-factor authentication (MFA)

Answer 219

A security measure that requires a user to verify their identity in two or more ways to access a system or Network

Question 220

Nano

Answer 220

A command line file editor that is available by default in many Linux distributions

Question 221

National Institute of standards and technology (NIST) cybersecurity framework (CSF)

Answer 221

A voluntary framework that consists of standards, guidelines, and best practices to manage cyber security risk

Question 222

National Institute of standard and technology (NIST) incident response lifecycle

Answer 222

A framework for incident response consisting of four phases: preparation; detection and analysis; containment, eradication and recovery, and post incident activity

Question 223

Network

Answer 223

A Group of connected devices

Question 224

Network-based intrusion detection system (NIDS)

Answer 224

An application that collects and monitors Network traffic and network data

Question 225

Network data

Answer 225

The data that’s transmitted between devices on a Network

Question 226

Network interface card (NIC)

Answer 226

Hardware that connects computers to a Network

Question 227

Network log analysis

Answer 227

The process of examining network logs to identify events of interest

Question 228

Network protocol analyzer (packet sniffer)

Answer 228

A tool design to capture an analyze data traffic within a network

Question 229

Network protocols

Answer 229

I set of rules used by two or more devices on a network to describe the order of delivery and the structure of data

Question 230

Network segmentation

Answer 230

A security technique that divides the network into segments

Question 231

Network traffic

Answer 231

The amount of data that moves across a network

Question 232

National Institute of standards and technology (NIST) special publication (SP) 800-53

Answer 232

A unified framework for protecting the security of information systems within the US federal government

Question 233

Non-repudiation

Answer 233

The concept that the authenticity of information can’t be denied

Question 234

Notebook

Answer 234

An online interface for writing, storing and running code

Question 235

Numeric data

Answer 235

Data consisting of numbers

Question 236

OAuth

Answer 236

An open-standard authorization protocol that shares designated access between applications

Question 237

Object

Answer 237

A data type that stores data in a comma-separated list of key-value pairs

Question 238

On-path attack

Answer 238

An attack wear a malicious actor places themselves in the middle of an authorized connection and intercepts, or alters the data in transit

Question 239

Open systems interconnection (OSI) model

Answer 239

A standardize concept that describes the seven layers computers used to communicate and send data over in Network

Question 240

Open Web application security project (OWASP)

Answer 240

A nonprofit organization focused on improving software security

Question 241

Operating system (OS)

Answer 241

The interface between computer hardware and the user

Question 242

Operator

Answer 242

A symbol or key word that represents an operation

Question 243

Open-source intelligence (OSINT)

Answer 243

The collection and analysis of information from publicly available sources to generate usable intelligence

Question 244

Options

Answer 244

Input that modifies the behavior of a command

Question 245

Order of volatility

Answer 245

A sequence outlining the order of data that must be preserved from first to last

Question 246

OWASP top 10

Answer 246

A globally recognize standard awareness document that list the top 10 most critical security risks to web applications

Question 247

Package

Answer 247

Piece of software that can be combined with other packages to form an application

Question 248

Package manager

Answer 248

A tool that helps users install manage and remove packages or applications

Question 249

Packet capture (P-cap)

Answer 249

A file containing data packets intercepted from an interface or Network

Question 250

Packet sniffing

Answer 250

The practice of capturing and inspecting data packets across a network

Question 251

Parameter (python)

Answer 251

An object that is included in a function definition for use in that function

Question 252

Parrot

Answer 252

Open source distribution that is commonly used for security

Question 253

Parsing

Answer 253

The process of converting data into a more readable format

Question 254

Passive packet sniffing

Answer 254

A type of attack, where a malicious actor connects to a network hub, and looks at all traffic on the Netwerk

Question 255

Password attack

Answer 255

An attempt to access password, secure devices, systems, networks or data

Question 256

Patch update

Answer 256

A software And operating system update that address as security vulnerabilities within a program or product

Question 257

Payment card industry data security standards (PCI DSS)

Answer 257

Any card holder data, that an organization accepts, transmit, or stores

Question 258

Penetration test (pen test)

Answer 258

A simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes

Question 259

PEP 8 style guide

Answer 259

A resource that provides stylistic guidelines for programmers working in python

Question 260

Peripheral devices

Answer 260

Hardware components that are attached and controlled by a computer system

Question 261

Phishing

Answer 261

The use of digital communications to trick people into revealing sensitive data or deploying malicious software

Question 262

Phishing kit

Answer 262

A collection of software tools needed to launch phishing campaigns

Question 263

Physical attack

Answer 263

A security incident that affects not only digital but also physical environments where the incident is deployed

Question 264

Physical social engineering

Answer 264

Attack in which a thread actor impersonates an employee, customer or vendor to obtain on authorized access to a physical location

Question 265

Ping of death

Answer 265

A type of DOS attack when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64KB

Question 266

Playbook

Answer 266

A manual that provides details about an operational action

Question 267

Policy

Answer 267

Set of rules that reduce risk and protect information

Question 268

Port

Answer 268

A software-based location that organizes the sending, and receiving of data between devices on a Network

Question 269

Port filtering

Answer 269

A firewall function that blocks or allows certain port numbers to limit unwanted communication

Question 270

Post-incident activity

Answer 270

The process of reviewing an incident to identify areas for improvement during incident handling

Question 271

Potentially unwanted application (PUA)

Answer 271

A type of unwanted software that is bundled in with legitimate programs which might display ads, cause device slow down, or install other software

Question 272

Prepare

Answer 272

The first step of the NIST RMF related to activities that are necessary to manage security and privacy risks before a breach occurs

Question 273

Prepared statement

Answer 273

A coding technique that executes SQL statements before passing them on to a database

Question 274

Primary key

Answer 274

A column where every row has a unique entry

Question 275

Principle of least privilege

Answer 275

The concept of granting, only the minimal access and authorization required to complete task or function

Question 276

Privacy protection

Answer 276

The act of safeguarding personal information from unauthorized use

Question 277

Privilege

Answer 277

Any authority for making changes in a computer system

Question 278

Procedures

Answer 278

Step-by-step instructions to perform a specific security task

Question 279

Process of attack simulation and threat analysis (PASTA)

Answer 279

A popular threat modeling framework that’s used across many industries

Question 280

Programming

Answer 280

A process that can be used to create a specific set of instructions for a computer to execute tasks

Question 281

Protect

Answer 281

A NIST core function used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats

Question 282

Protected health information (PHI)

Answer 282

Information that relates to the past, present, or future, physical or mental health or condition of an individual

Question 283

Protecting and preserving evidence

Answer 283

The process of properly, working with fragile and volatile digital evidence

Question 284

Proxy server

Answer 284

A server that fulfills the request of its clients by forwarding them to other servers

Question 285

Public key infrastructure (PKI)

Answer 285

An encryption framework that secures the exchange of online information

Question 286

Python standard library

Answer 286

An extensive collection of python code that often comes packaged with python

Question 287

Query

Answer 287

A request for data from a database table or a combination of tables

Question 288

Quid pro quo

Answer 288

A type of baiting used to trick someone into believing that they’ll be rewarded in return for sharing, access, information or money

Question 289

Rainbow table

Answer 289

A file of pregenerated hash values and the associated plaintext

Question 290

Random access memory (RAM)

Answer 290

A hardware component used for short-term memory

Question 291

Ransomware

Answer 291

A malicious attack where threat actors encrypt an organizations data and demand payment to restore access

Question 292

Rapport

Answer 292

A friendly relationship in which the people involved understand each other’s ideas, and communicate well with each other

Question 293

Recover

Answer 293

A NIST core function related to returning affected systems back to normal operation

Question 294

Recovery

Answer 294

The process of returning affected systems back to normal operations

Question 295

Red hat

Answer 295

A subscription-based distribution of a Linux built for enterprise use

Question 296

Reflected XSS attack

Answer 296

In instance when malicious script is sent to a server and activated during the servers response

Question 297

Regular expression (regex)

Answer 297

A sequence of characters that forms a pattern

Question 298

Regulations

Answer 298

Rules set by a government or other authority to control the way something is done

Question 299

Relational database

Answer 299

A structure database containing tables that are related to each other

Question 300

Relative file path

Answer 300

A file path that starts from the users current directory

Question 301

Replay attack

Answer 301

A network detect performed when a malicious actor intercepts of data packet in transit and delays it or repeats it at another time

Question 302

Resiliency

Answer 302

The ability to prepare for, respond to, and recover from disruptions

Question 303

Respond

Answer 303

A NIST core function related to making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process.

Question 304

Critical infrastructure

Answer 304

System and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.

Question 305

Security lifecycle

Answer 305

A constantly evolving set of policies in standards that define how organization manages risks, follows established guidelines, and meets regulatory compliance, or laws

Question 306

Return statement

Answer 306

A python statement that execute inside a function and send information back to the Function call

Question 307

Reverse proxy server

Answer 307

A server that regulates in restricts the Internet access to an internal server

Question 308

Risk

Answer 308

Anything that can impact confidentiality, integrity, or availability of an asset

Question 309

Risk mitigation

Answer 309

The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach

Question 310

Root directory

Answer 310

The highest level directory in Lenox

Question 311

Root user (or superuser)

Answer 311

A user with elevated privileges to modify the system

Question 312

Rootkit

Answer 312

Malware that provides remote, administrative access to a computer

Question 313

Router

Answer 313

A network device that connects multiple networks together

Question 314

Salting

Answer 314

An additional safeguard that used to strengthen Hash functions

Question 315

Scareware

Answer 315

Malware that employees tactics to frighten users into infecting their device

Question 316

Search processing language (SPL)

Answer 316

Splunks weary language

Question 317

Secure file transfer protocol (SFTP)

Answer 317

A secure protocol used to transfer files from one device to another over and network

Question 318

Secure shell (SSH)

Answer 318

A security protocol used to create a shell with a remote system

Question 319

Security architecture

Answer 319

A type of security design composed of multiple components, such as tools and processes, that are used to protect an organization from risks and external threats.

Question 320

Security audit

Answer 320

A review of an organization security controls, policies, and procedures against a set of expectations

Question 321

Security breach

Answer 321

Unauthorized access to systems, applications, networks, or devices

Question 322

Security controls

Answer 322

Safeguards designed to reduce specific security risks

Question 323

Security ethics

Answer 323

Guidelines for making appropriate decisions as a security professional

Question 324

Security zone

Answer 324

A segment of a company’s network that protects the internal network from the Internet

Question 325

Security frameworks

Answer 325

Guidelines used for building, plans to help mitigate risk and threats to data and privacy

Question 326

Security governance

Answer 326

Practices that help support, define and direct security efforts of an organization

Question 327

Security hardening

Answer 327

The process of strengthening assistant, to reduce its vulnerabilities and a tax surface

Question 328

Security information and event management (SIEM)

Answer 328

An application that collects and analyzes log data to monitor critical activities in an organization

Question 329

Security mindset

Answer 329

The ability to evaluate risk and constantly seek out and identify the potential or actual breach of a system, application or data

Question 330

Security operations Center (SOC)

Answer 330

An organizational unit dedicated to monitoring network systems and devices for security, threats or attacks

Question 331

Security orchestration, automation, and response (SOAR)

Answer 331

A collection of applications, tools, and workflows that use automation to respond to security events

Question 332

Security posture

Answer 332

And organizations ability to manage its defense of critical assets and data, and react to change

Question 333

Select

Answer 333

The third step of the NIST RMF, that means to choose customize and capture documentation of the controls that protect an organization

Question 334

Separation of duties

Answer 334

The principle that user should not be given levels of authorization that would allow them to miss use a system

Question 335

Session

Answer 335

A sequence of Network HTTP basic auth request and response associated with the same user

Question 336

Session cookie

Answer 336

A token that websites used to validate a session and determine how long that session should last

Question 337

Session hijacking

Answer 337

An event, when a tackers obtain a legitimate user session ID

Question 338

Session ID

Answer 338

Are unique token that identifies a user and their device while accessing a system

Question 339

Set data

Answer 339

Data that consists of an unordered collection of unique values

Question 340

Shared responsibility

Answer 340

The idea that all individuals within an organization, take an active role in lowering risk and maintaining both physical and virtual security

Question 341

Shell

Answer 341

The command-line interpreter

Question 342

Signature

Answer 342

A pattern that is associated with malicious activity

Question 343

Signature analysis

Answer 343

A detection method used to find events of interest

Question 344

Simple Netwerk management protocol (SNMP)

Answer 344

Network protocol used for monitoring and managing devices on a network

Question 345

Single sign-on (SSO)

Answer 345

A technology that combined several different logins into one

Question 346

Smishing

Answer 346

Do use of a text message to trick users to obtain sensitive information or to impersonate a known source

Question 347

Smurf attack

Answer 347

A network attack performed when an attack or sniffs and authorized users IP address and floods it with ICMP packets

Question 348

Social engineering

Answer 348

I’m in ambulation technique that exploits human error to gain private information, access, or valuables

Question 349

Social media phishing

Answer 349

A type of attack where a threat actor collects detailed information about their target on social media sites before initiating the attack

Question 350

Spear phishing

Answer 350

A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source

Question 351

Speed

Answer 351

The rate at which data packets are received or downloaded

Question 352

Splunk cloud

Answer 352

A cloud hosted tool used to collect, search and monitor log data

Question 353

Splunk enterprise

Answer 353

A self hosted tool used to retain, analyze, and search an organizations log data to provide security information and alerts in real time

Question 354

Spyware

Answer 354

Malware that’s used to gather and sell information without consent

Question 355

SQL (structured query language)

Answer 355

A programming language used to create, interact with, and request information from a database

Question 356

SQL injection

Answer 356

An attack that execute unexpected queries on a database

Question 357

Stakeholder

Answer 357

An individual or group that has an interest in any decision or activity of an organization

Question 358

Standard error

Answer 358

An error message returned by the OS through the shell

Question 359

Standard input

Answer 359

Information received by the OS via the command line

Question 360

Standard output

Answer 360

Information returned by the OS through the shell

Question 361

Standards

Answer 361

References that inform how to set policies

Question 362

STAR method

Answer 362

A technique used to answer behavioral and situational interview questions

Question 363

Stateful

Answer 363

A class of firewall that keeps track of information passing through it, and proactively filters out threats

Question 364

Stateless

Answer 364

A class of firewall that operates based on predefined rules, and that does not keep track of information from data packets

Question 365

Stored XSS attack

Answer 365

An instance, when malicious script is injected directly on the server

Question 366

String concatenation

Answer 366

The process of joining two strings together

Question 367

String data

Answer 367

Data consisting of an ordered sequence of characters

Question 368

Style guide

Answer 368

Emmanuel that informs the writing, formatting and design of documents

Question 369

Subnetting

Answer 369

The subdivision of a network into logical groups called subnets

Question 370

Substring

Answer 370

A continuous sequence of characters within a string

Question 371

Supply-chain attack

Answer 371

An attack that targets systems, applications, hardware, and/or software to locate a vulnerability, where malware can be deployed

Question 372

Suricata

Answer 372

An open-source intrusion detection system, intrusion prevention system, and network analysis tool

Question 373

Switch

Answer 373

A device that makes connection between specific devices on a network by sending, and receiving data between them

Question 374

Symmetric encryption

Answer 374

The use of a single secret key to exchange information

Question 375

Synchronize (SYN) flood attack

Answer 375

A type of DOS attack that simulates a TCP/IP connection and floods a server with SYN packets

Question 376

Syntax

Answer 376

The rules that determine what is correctly structured in a computing language

Question 377

Syntax error

Answer 377

An error that involves invalid usage of a programming language

Question 378

Tailgating

Answer 378

A social engineering tactic in which unauthorized people follow an authorized person into a restricted area

Question 379

TCP/IP model

Answer 379

A framework used to visualize how data is organized and transmitted across a network

Question 380

tcpdump

Answer 380

A command line network protocol analyzer

Question 381

Telemetry

Answer 381

The collection and transmission of data for analysis

Question 382

Threat hunting

Answer 382

The proactive search for threats on a network

Question 383

Threat intelligence

Answer 383

Evidence-based threat information that provides context about existing or emerging threats

Question 384

Threat modeling

Answer 384

The process of identifying assets, their vulnerabilities, and how each is exposed to threats

Question 385

Transmission control protocol (TCP)

Answer 385

An Internet communication protocol that allows two devices to form a connection and stream data

Question 386

Triage

Answer 386

The prioritizing of incidents according to their level of importance or urgency

Question 387

Trojan horse

Answer 387

Malware that looks like a legitimate file or program

Question 388

True negative

Answer 388

A state where there is no detection of malicious activity

Question 389

True positive

Answer 389

An alert that correctly detects the presence of an attack

Question 390

Tuple data

Answer 390

Data that consists of a collection of data that cannot be changed

Question 391

Type error

Answer 391

An error that results from using the wrong data type

Question 392

Ubuntu

Answer 392

An open-source, user-friendly distribution that is widely used in security and other industries

Question 393

Unauthorized access

Answer 393

An incident type that occurs when an individual gain digital or physical access to a system or application without permission

Question 394

Uncontrolled zone

Answer 394

The portion of the network outside the organization

Question 395

Unified extensible firmware interface (UEFI)

Answer 395

A microchip that contains load instructions for the computer and replaces BIOS on more modern systems

Question 396

USB baiting

Answer 396

An attack in which a thread actor strategically leaves a mal wear USB stick for an employee to find and install to unknowingly infect a network

Question 397

User

Answer 397

The person interacting with a computer

Question 398

User datagram protocol (UDP)

Answer 398

A connectionless protocol that does not establish a connection between devices before transmissions

Question 399

User interface

Answer 399

A program that allows the user to control the functions of the operating system

Question 400

User provisioning

Answer 400

The process of creating and maintaining a users digital identity

Question 401

User-defined function

Answer 401

The function that programmers design for their specific needs

Question 402

Variable

Answer 402

A container that stores data

Question 403

Virtual private network (VPN)

Answer 403

The network security service that changes, your public IP address and masks your virtual location so that you can keep your data private when you are using a public network like the Internet

Question 404

Virus

Answer 404

Refers to computer virus

Question 405

Virustotal

Answer 405

A service that allows anyone to analyze suspicious files, domains, URLs and IP addresses for malicious content

Question 406

Vishing

Answer 406

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source

Question 407

Vulnerability

Answer 407

A weakness that can be exploited by a threat

Question 408

Vulnerability assessment

Answer 408

The internal review process of an organization security teams

Question 409

Vulnerability management

Answer 409

The process of finding and patching vulnerabilities

Question 410

Vulnerability scanner

Answer 410

Software that automatically compares existing common vulnerabilities and exposures, or CVEs against the technologies on the net work

Question 411

Watering hole attack

Answer 411

A type of attack when a threat actor compromises a website frequently visited by a specific group of users

Question 412

Web-based exploits

Answer 412

Malicious code or behavior that used to take advantage of coding flaws in a web application

Question 413

Whaling

Answer 413

A category of spearphishing attempts that are aimed at high-ranking executives in an organization

Question 414

Wide area network (WAN)

Answer 414

I know work that spans a large geographic area, like a city, state or country

Question 415

Wi-Fi protected access (WPA)

Answer 415

A wireless security protocol for devices to connect to the Internet

Question 416

Wild card

Answer 416

A character that’s used to represent one or more characters

Question 417

Wiresshark

Answer 417

An open source network protocol analyzer

Question 418

World-writable file

Answer 418

A file that can be altered by anyone in the world

Question 419

Worm

Answer 419

Malware that can duplicate and spread itself across systems on its own

Question 420

YARA-L

Answer 420

A computer language used to create rules for searching through ingested log data

Question 421

Zero-day

Answer 421

An exploit that was previously unknown