Google Cyber Security - Glossary - All Flashcards
The full file path, which starts from the root
Absolute file path
Security controls that manage access, authorization, and accountability of information
Access controls
A type of attack where data packets are manipulated in transit
Active packet sniffing
A network protocol used to determine the MAC address of the next router or device on the path
Address Resolution Protocol (ARP)
An instance when a threat actor maintains unauthorized access to a system for an extended period of time
Advanced persistent threat (APT)
A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently
Adversarial artificial intelligence (AI)
A type of legitimate software that is sometimes used to display digital advertisements in applications
Adware
A set of rules used to solve a problem
Algorithm
The investigation and validation of alerts
Analysis
A technique where attackers impersonate customer service representatives on social media
Angler phishing
A detection method that identifies abnormal behavior
Anomaly-based analysis
A software program used to prevent, detect, and eliminate malware and viruses
Antivirus software
A program that performs a specific task
Application
A small block of encrypted code that contains information about a user
Application programming interface (API) token
Specific information needed by a command
Argument (Linux)
The data brought into a function when it is called
Argument (Python)
A data type that stores data in a comma-separated ordered list
Array
The fifth step of the NIST RMF that means to determine if established controls are implemented correctly
Assess
An item perceived as having value to an organization
Asset
The practice of labeling assets based on sensitivity and importance to an organization
Asset classification
A catalog of assets that need to be protected
Asset inventory
The process of tracking assets and the risks that affect them
Asset management
The use of a public and private key pair for encryption and decryption of data
Asymmetric encryption
All the potential vulnerabilities that a threat actor could exploit
Attack surface
A diagram that maps threats to assets
Attack tree
The pathways attackers use to penetrate security defenses
Attack vectors
The process of verifying who someone is
Authentication
The concept of granting access to specific resources in a system
Authorization
The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that might exist in an organization
Authorize
The use of technology to reduce human and manual effort to perform common and repetitive tasks
Automation
The idea that data is accessible to those who are authorized to access it
Availability
A social engineering tactic that tempts people into compromising their security
Baiting
The maximum data transmission capacity over a network, measured by bits per second
Bandwidth
A documented set of specifications within a system that is used as a basis for future builds, releases, and updates
Baseline configuration (baseline image)
The default shell in most Linux distributions
Bash
The technology used to establish a user’s request to access a server
Basic auth
A microchip that contains loading instructions for the computer and is prevalent in older systems
Basic Input/Output System (BIOS)
The unique physical characteristics that can be used to verify a person’s identity
Biometrics
The smallest unit of data measurement on a computer
Bit
Data that can only be one of two values: either True or False
Boolean data
A software program that boots the operating system
Bootloader
A collection of computers infected by malware that are under the control of a single threat actor, known as the “bot-herder”
Botnet
The indices placed in square brackets
Bracket notation
Inconsistencies in the collection and logging of evidence in the chain of custody
Broken chain of custody
The trial and error process of discovering private information
Brute force attack
Programs that encourage freelance hackers to find and report vulnerabilities
Bug bounty
A function that exists within Python and can be called directly
Built-in function
An organization’s ability to maintain their everyday productivity by establishing risk disaster recovery plans
Business continuity
A document that outlines the procedures to sustain business operations during and after a significant disruption
Business continuity plan (BCP)
A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage
Business Email Compromise (BEC)
The second step of the NIST RMF that is used to develop risk management processes and tasks
Categorize
An open-source distribution that is closely related to Red Hat
CentOS
A computer’s main processor, which is used to perform general computing tasks on a computer
Central Processing Unit (CPU)
The process of documenting evidence possession and control during an incident lifecycle
Chain of custody
A cloud-native tool designed to retain, analyze, and search data
Chronicle
An algorithm that encrypts information
Cipher
Software firewalls that are hosted by the cloud service provider
Cloud-based firewalls:
The practice of using remote servers, applications, and network services that are hosted on the internet instead of on local physical devices
Cloud computing
A collection of servers or computers that stores resources and data in remote data centers that can be accessed via the internet
Cloud network
The process of ensuring that assets stored in the cloud are properly configured and access to those assets is limited to authorized users
Cloud security
An instruction telling the computer to do something
Command
The techniques used by malicious actors to maintain communications with compromised systems
Command and control (C2)
A text-based user interface that uses commands to interact with the computer
Command-line interface (CLI)
A note programmers make about the intention behind their code
Comment:
A log format that uses key-value pairs to structure data and identify fields and their corresponding values
Common Event Format (CEF)
An openly accessible dictionary of known vulnerabilities and exposures
Common Vulnerabilities and Exposures (CVE®) list
A measurement system that scores the severity of a vulnerability
Common Vulnerability Scoring System (CVSS)
The process of adhering to internal standards and external regulations
Compliance
A specialized group of security professionals that are trained in incident management and response
Computer security incident response teams (CSIRT)
Malicious code written to interfere with computer operations and cause damage to data and software
Computer virus
A statement that evaluates code to determine if it meets a specified set of conditions
Conditional statement
The idea that only authorized users can access specific assets or data
Confidentiality
Data that often has limits on the number of people who have access to it
Confidential data
A model that helps inform how organizations consider risk when setting up systems and security policies
Confidentiality, integrity, availability (CIA) triad
A file used to configure the settings of an application
Configuration file
The act of limiting and preventing additional damage caused by an incident
Containment
A subnet that protects the internal network from the uncontrolled zone
Controlled zone
An injection attack that inserts code into a vulnerable website or web application
Cross-site scripting (XSS)
The practice of gathering information using public input and collaboration
Crowdsourcing
Cryptographic attack: An attack that affects secure forms of communication between a sender and intended recipient
Cryptographic attack
A mechanism that decrypts ciphertext
Cryptographic key
The process of transforming information into a form that unintended readers can’t understand
Cryptography
A form of malware that installs software to illegally mine cryptocurrencies
Cryptojacking
An organization that volunteers to analyze and distribute information on eligible CVEs
CVE Numbering Authority (CNA)
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation
Cybersecurity (or security)
Information that is translated, processed, or stored by a computer
Data
Data not currently being accessed
Data at rest
An organized collection of information or data
Database
A person that determines the procedure and purpose for processing data
Data controller
Anyone or anything that’s responsible for the safe handling, transport, and storage of information
Data custodian
Unauthorized transmission of data from a system
Data exfiltration:
Data traveling from one point to another
Data in transit:
Data being accessed by one or more users
Data in use
The person who decides who can access, edit, use, or destroy their information
Data owner
A basic unit of information that travels from one device to another within a network
Data packet
A specific piece of information
Data point
A person that is responsible for processing data on behalf of the data controller
Data processor
An individual that is responsible for monitoring the compliance of an organization’s data protection procedures
Data protection officer (DPO)
A category for a particular type of data item
Data type
Data representing a date and/or time
Date and time data
A software tool that helps to locate the source of an error and assess its causes
Debugger
The practice of identifying and fixing errors in code
Debugging
A layered approach to vulnerability management that reduces risk
Defense in depth
An attack that targets a network or server and floods it with network traffic
Denial of service (DoS) attack
A NIST core function related to identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections
Detect
The prompt discovery of security events
Detection
Data that consists of one or more key-value pairs
Dictionary data
A file that verifies the identity of a public key holder
Digital certificate
The practice of collecting and analyzing data to determine what has happened after an attack
Digital forensics
A file that organizes where other files are stored
Directory
A plan that allows an organization’s security team to outline the steps needed to minimize the impact of a security incident
Disaster recovery plan
A type of denial or service attack that uses multiple devices or servers located in different locations to flood the target network with unwanted traffic
Distributed denial of service (DDoS) attack
The different versions of Linux
Distributions
Any form of recorded content that is used for a specific purpose
Documentation
An instance when malicious script exists in the webpage a browser loads
DOM-based XSS attack
A networking protocol that translates internet domain names into IP addresses
Domain Name System (DNS)
Dropper: A program or a file used to install a rootkit on a target computer
Dropper
A brief summary of your experience, skills, and background
Elevator pitch
A process performed by a VPN service that protects your data by wrapping sensitive data in other data packets
Encapsulation
The process of converting data from a readable format to an encoded format
Encryption
Any device connected on a network
Endpoint
An application that monitors an endpoint for malicious activity
Endpoint detection and response (EDR)
The complete removal of the incident elements from all affected systems
Eradication
A set of actions that outline who should be notified when an incident alert occurs and how that incident should be handled
Escalation policy
An observable occurrence on a network, system, or device
Event
An error that involves code that cannot be executed even though it is syntactically correct
Exception
An operator that does not include the value of comparison
Exclusive operator
A way of taking advantage of a vulnerability
Exploit
A mistake that can be exploited by a threat
Exposure
Anything outside the organization that has the potential to harm organizational assets
External threat
A state where the presence of a threat is not detected
False negative
An alert that incorrectly detects the presence of a threat
False positive
Malware that does not need to be installed by the user because it uses legitimate programs that are already installed to infect a computer
Fileless malware
The location of a file or directory
File path
The component of the Linux OS that organizes data
Filesystem Hierarchy Standard (FHS)
Selecting data that match a certain condition
Filtering
Documentation that provides a comprehensive review of an incident
Final report
Firewall: A network security device that monitors traffic to or from a network
Firewall
Data consisting of a number with a decimal point
Float data
A column in a table that is a primary key in another table
Foreign key
A server that regulates and restricts a person’s access to the internet
Forward proxy server
A section of code that can be reused in a program
Function
A variable that is available through the entire program
Global variable
A user interface that uses icons on the screen to manage different tasks on the computer
Graphical user interface (GUI)
Any person or group who uses computers to gain unauthorized access to data
Hacker
A person who uses hacking to achieve a political goal
Hacktivist
A hardware component used for long-term memory
Hard drive
The physical components of a computer
Hardware
An instance when different inputs produce the same hash value
Hash collision
An algorithm that produces a code that can’t be decrypted
Hash function
A data structure that’s used to store and reference hash values
Hash table
A U.S. federal law established to protect patients’ health information
Health Insurance Portability and Accountability Act (HIPAA)
A system or resource created as a decoy vulnerable to attacks with the purpose of attracting potential intruders
Honeypot
An application that monitors the activity of the host on which it’s installed
Host-based intrusion detection system (HIDS)
A network device that broadcasts information to every device on the network
Hub
An application layer protocol that provides a method of communication between clients and website servers
Hypertext Transfer Protocol (HTTP)
A network protocol that provides a secure method of communication between clients and website servers
Hypertext Transfer Protocol Secure (HTTPS)
A NIST core function related to management of cybersecurity risk and its effect on an organization’s people and assets
Identify:
A collection of processes and technologies that helps organizations manage digital identities in their environment
Identity and access management (IAM):
A set of standards that define communication for wireless LANs
IEEE 802.11 (Wi-Fi):
An object that cannot be changed after it is created and assigned a value
Immutable:
The fourth step of the NIST RMF that means to implement security and privacy plans for an organization
Implement:
An incident type that occurs when an employee of an organization violates the organization’s acceptable use policies
Improper usage:
An occurrence that actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies
Incident:
Observable evidence that suggests signs of a potential security incident
Indicators of compromise (IoC):
The process of identifying a potential security incident, triaging it, and handing it off to a more experienced team member
Incident escalation:
A form of documentation used in incident response
Incident handler’s journal:
An organization’s quick attempt to identify an attack, contain the damage, and correct the effects of a security breach
Incident response:
A document that outlines the procedures to take in each step of incident response
Incident response plan:
An operator that includes the value of comparison
Inclusive operator:
Space added at the beginning of a line of code
Indentation:
The practice of keeping data in all states away from unauthorized users
Information security (InfoSec):