Module 1: The Cybersecurity Industry

Question 1

Cybersecurity

Answer 1

“The art of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information” —Cybersecurity and Infrastructure Security Agency (2019)

Question 2

CIA

Answer 2

Stands for Confidentiality, Integrity, and Availability, representing the fundamental principles to ensure data and systems are protected from unauthorized access, tampering, and downtime.

Question 3

Regulations and compliance laws

Answer 3

Refer to the legal and industry-specific rules and standards that organizations must follow to protect sensitive information, maintain data privacy, and mitigate cyber risks.

Question 4

Blue team

Answer 4

A security team responsible for maintaining overall system security, preventing security breaches, monitoring potential threats, and researching security technology; typically responsible for finding and implementing security controls to strengthen the CIA triad.

Question 5

Red team

Answer 5

An organizational security team responsible for providing security assessments outlining an organization’s system defense efficacy and resilience; uses penetration testing tools to search for weaknesses and vulnerabilities.

Question 6

Cybersecurity engineer

Answer 6

Keeps computer information systems secure and controls access to systems based on user classifications.

Question 7

Cyberseek

Answer 7

Website that provides details on cybersecurity-related positions in the US job market.

Question 8

Defensive cybersecurity analyst

Answer 8

Researches and evaluates security threats and products; recommends improvements to organizational cyber defense.

Question 9

Digital forensic investigator

Answer 9

Gathers digital information evidence and trails in the systems to determine how cybercrimes were committed.

Question 10

Ethical hacker

Answer 10

Hired by organizations to legally hack into their networks and identify weak entry points.

Question 11

Incident detection engineer

Answer 11

Replicates real threats to understand how they operate and how to neutralize them.

Question 12

IT auditor

Answer 12

Assesses technology for potential security, efficiency, and compliance issues.

Question 13

Network security administrator

Answer 13

Responsible for the management and monitoring of organizational network security.

Question 14

Security operations center (SOC) analyst

Answer 14

Monitors and manages networks; works with intrusion detection/prevention systems.

Question 15

Vulnerability assessment analyst

Answer 15

Hunts for critical flaws and vulnerabilities in networks, often as a third-party consultant.

Question 16

Chief Information Security Officer (CISO)

Answer 16

A senior executive responsible for overseeing and implementing an organization’s information security strategy to protect against cyber threats and ensure data confidentiality, integrity, and availability.