Module 1 Vocab Flashcards
Compliance
Is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches
Security frameworks
Are guidelines used for building plans to help mitigate risks and threats to data and privacy
Security controls
Are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture
Security posture
Is an organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization
Threat actor
Or malicious attacker, is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data
Internal threat
Can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental (ex- an employee who accidentally clicks on a malicious email link). Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access
Network security
Is the practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network
Cloud security
Is the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.
Programming
Is a process that can be used to create a specific set of instructions for a computer to execute tasks
What tasks may a computer execute?
- automation of repetitive tasks
- reviewing web traffic
- alerting suspicious activity
Communication
(Transferable skills) as a cybersecurity analyst, you will need to communicate and collborate with others. Understanding others’ questions or concerns and communicating information clearly to individuals with technical and non-technical knowledge will help you mitigate security issues quickly
Problem solving
(Transferable skills) one of your main tasks as a cybersecurity analyst will be to proactively identify and solve problems. You can do this by recognizing attack patterns, then determining the most efficient solution to minimize risk. Don’t be afraid to take risks, and try new things. Also, understand that it’s rare to find a perfect solution to a problem. You’ll likely need to compromise
Time management
(Transferable skills) having a heightened sense of urgency and prioritizing tasks appropriately is essential in the cybersecurity field. So, effective time management will help you minimize potential damage and risks to critical assets and data. Additionally, it will be important to prioritize tasks and stay focused on the most urgent issue
Growth mindset
(Transferable skills) technology moves fast, it doesn’t mean you will need to learn it all, but it does mean you’ll need to continue to learn throughout your career
Diverse perspectives
(Transferable skills) by having respect for each other and encouraging diverse perspectives and mutual respect, you’ll undoubtedly find multiple and better solutions to security problems
