Module 1 - 01-1 Flashcards
Introduction to Cybersecurity
Define Cybersecurity (or security)
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation
Cybersecurity is the practice of ensuring ___ . (3)
Confidentiality, Integrity, and Availability of Information are ensured through the effective practice of security. This involves protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
What are the Benefits of Security (5)?
- Protects against External and Internal Threats
- Meets Regulatory Compliance (laws or guidelines)
- Maintains and Improve Business Productivity
- Reduce Expenses
- Maintains Brand Trust
Define Threat
Any circumstance or event that can negatively impact assets
Define External Threat
Someone outside of the organization trying to gain access to private information, networks or devices
Define Internal Threat
A current or former employee, external vendor, or trusted partner who poses a security risk
What are Common Job Titles for Security positions (6)?
- Security analyst or specialist
- Cybersecurity analyst or specialist
- Security operation center or SOC analyst
- Information security analyst
What are Security Analysts responsible for?
Security analysts are responsible for monitoring and protecting information and systems.
What are Three primary responsibilities of a security analyst?
Protecting computer and network systems
Install prevention software
Conducting periodic security audits
Define Security Audit
A review of an organization’s security records, activities, and other related documents
Define Compliance
The process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.
Define Security Framework
Guidelines used for building plans to help mitigate risks and threats to data and privacy
Define Security controls
Safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.
Define Security Posture
An organization’s ability to manage its defense of critical assets and data and react to change.
A strong security posture leads to lower risk for the organization.
Define Threat Actor
(or malicious attacker)
Any person or group who presents a security risk.
This risk can relate to computers, applications, networks, and data.
Define Network Security
The practice of keeping an organization’s network infrastructure secure from unauthorized access.
This includes data, services, systems, and devices that are stored in an organization’s network.
Define Cloud Security
The process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users.
Define Programming
A process that can be used to create a specific set of instructions for a computer to execute tasks.
What are examples of programming tasks (3)?
- Automation of repetitive tasks (e.g., searching a list of malicious domains)
- Reviewing web traffic
- Alerting suspicious activity
What are the primary responsibilities of an entry-level security analyst (3)?
- Monitor systems
- Protect information
- Search for weaknesses
Cybersecurity is the practice of ensuring _____ by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
- customer trust, increased revenue, and advancement
- confidentiality, integrity, and availability of information
- continuity, infrastructure, and attainment of business goals
- compliance, instructions, and accuracy
confidentiality, integrity, and availability of information
What are the primary responsibilities of an entry-level security analyst? Select three answers.
- Monitor systems
- Protect information
- Search for weaknesses
- Create compliance laws
- Monitor systems
- Protect information
- Search for weaknesses
The primary responsibilities of an entry-level security analyst are as follows: Monitor systems, protect information, and search for weaknesses.
Performing _____ enables security professionals to review an organization’s security records, activities, and related documents.
- security audits
- ethical hacking
- penetration tests
- software developments
security audits
In what ways do security teams bring value to an organization? Select two answers.
- Achieving regulatory compliance
- Increasing operational expenses
- Reducing business productivity
- Protecting against external and internal threats
Achieving regulatory compliance
Protecting against external and internal threats
Achieving regulatory compliance and protecting against external and internal threats are ways that security teams bring value to an organization.