Module !

Question 1

Cybersecurity

Answer 1

“The art of protecting networks, devices, and data from unauthorized access
or criminal use and the practice of ensuring confidentiality, integrity, and availability of
information” —Cybersecurity and Infrastructure Security Agency (2019)

Question 2

CIA

Answer 2

stands for Confidentiality, Integrity, and Availability, representing the fundamental
principles to ensure data and systems are protected from unauthorized access, tampering,
and downtime.

Question 3

Why is cyber security important?

Answer 3

Global need, firewalls and antivirus software are no longer sufficient, tech development, users and system access are the biggest threat, businesses cannot properly protect themselves, compliance laws and regulations require more specific procedures.

Question 4

What is a problem solver?

Answer 4

Problem Solver: A problem solver is someone who identifies and resolves challenges or
obstacles effectively and efficiently.

Question 5

What does upskill mean?

Answer 5

Upskill: refers to the process of acquiring new knowledge, abilities, or certifications to
enhance one’s expertise and stay current with the evolving cybersecurity landscape.

Question 6

What does Regulations and compliance laws refer to?

Answer 6

Regulations and compliance laws: refer to the legal and industry-specific rules and
standards that organizations must follow to protect sensitive information, maintain data
privacy, and mitigate cyber risks.

Question 7

What does the Blue Team do?

Answer 7

Blue team: A security team responsible for maintaining overall system security, preventing
security breaches, monitoring potential threats, and researching security technology; typically
responsible for finding and implementing security controls to strengthen the CIA triad.

Question 8

What does the Red team do?

Answer 8

Red team: An organizational security team responsible for providing security assessments
outlining an organization’s system defense efficacy and resilience; uses penetration testing
tools to search for weaknesses and vulnerabilities.

Question 9

What is a Cybersecurity Engineer?

Answer 9

Cybersecurity engineer: Keeps computer information systems secure and controls access
to systems based on user classifications.

Question 10

What is Cyberseek?

Answer 10

Cyberseek: Website that provides details on cybersecurity-related positions in the US job
market.

Question 11

What is a Defensive cybersecurity analyst?

Answer 11

Defensive cybersecurity analyst: Researches and evaluates security threats and
products; recommends improvements to organizational cyber defense.

Question 12

What is a Digital forensic investigator?

Answer 12

Digital forensic investigator: Gathers digital information evidence and trails in the systems
to determine how cybercrimes were committed.

Question 13

What is an Ethical Hacker?

Answer 13

Ethical hacker: Hired by organizations to legally hack into their networks and identify weak
entry points.

Question 14

What is an Incident detection engineer?

Answer 14

Incident detection engineer: Replicates real threats to understand how they operate and how to neutralize them.

Question 15

What is an IT auditor?

Answer 15

IT auditor: Assesses technology for potential security, efficiency, and compliance issues.

Question 16

What is a Network Security Administrator?

Answer 16

Network security administrator: Responsible for the management and monitoring of organizational network security.

Question 17

What is a Security Operations (SOC) analyst?

Answer 17

Security operations center (SOC) analyst: Monitors and manages networks; work with
intrusion detection/prevention systems.

Question 18

What is a Vulnerability assessment analyst?

Answer 18

Vulnerability assessment analyst: Hunts for critical flaws and vulnerabilities in networks,
often as a third-party consultant.

Question 19

What is a Chief Information Security Officer (CISO)?

Answer 19

Chief Information Security Officer (CISO): a senior executive responsible for overseeing
and implementing an organization’s information security strategy to protect against cyber threats and ensure data confidentiality, integrity, and availability.

Question 20

What is NIST?

Answer 20

the National Institute of Standards and Technology (NIST)

Question 21

What are the benefits of cybersecurity?

Answer 21

Business protection against cyberattacks and data breaches.

Protection for data and networks.

Prevention of unauthorized user access.
Improved recovery time after a breach.

Protection for end users and endpoint devices.

Regulatory compliance.

Business continuity.

Improved confidence in the company’s reputation and trust for developers, partners, customers, stakeholders and employees.

Question 22

What are the different types of cybersecurity threats?

Answer 22

Malware, Ransomware, Phishing, Social Engineering, Spear Phishing, Distributed denial of service (DDos), Advanced persistent threats (APTs), Man-in-the-middle (MitM) botnets, drive-by-download attacks, exploit kits, malvertising, vishing, credential stuffing attacks, cross-site scripting (XSS), SQL injections attacks, business email compromise (BEC), and zero day exploits.

Question 23

What is Malware?

Answer 23

Malware is a form of malicious software in which any file or program can be used to harm a computer user. Different types of malware include worms, viruses, Trojans and spyware.

Question 24

What is Ransomeware?

Answer 24

Ransomware is another type of malware that involves an attacker locking the victim’s computer system files – typically through encryption – and demanding a payment to decrypt and unlock them.

Question 25

What is Social Engineering?

Answer 25

Social engineering is an attack that relies on human interaction. It tricks users into breaking security procedures to gain sensitive information that is typically protected.

Question 26

What is phishing?

Answer 26

Phishing is a form of social engineering where fraudulent email or text messages that resemble those from reputable or known sources are sent. Often random attacks, the intent of these messages is to steal sensitive data, such as credit card or login information.

Question 27

What is Spear phishing?

Answer 27

Spear phishing is a type of phishing that has an intended target user, organization or business.

Question 28

What is Insider threats?

Answer 28

Insider threats are security breaches or losses caused by humans – for example, employees, contractors or customers. Insider threats can be malicious or negligent in nature.

Question 29

What is Distributed denial-of-service?

Answer 29

Distributed denial-of-service (DDoS) attacks are those in which multiple systems disrupt the traffic of a targeted system, such as a server, website or other network resource. By flooding the target with messages, connection requests or packets, the attackers can slow the system or crash it, preventing legitimate traffic from using it.

Question 30

What are Advanced persistent threats? (APTs)

Answer 30

Advanced persistent threats (APTs) are prolonged targeted attacks in which an attacker infiltrates a network and remains undetected for long periods of time with the aim to steal data.

Question 31

What is Man-in-the-middle attacks?

Answer 31

Man-in-the-middle (MitM) attacks are eavesdropping attacks that involve an attacker intercepting and relaying messages between two parties who believe they are communicating with each other.

Question 32

What are types of Malware?

Answer 32

Spyware, Ransomware, Trojan horse, Remote access, worm, keylogger, virus, adware, rootkit, spyware

Question 33

What are the top cybersecurity challenges?

Answer 33

Evolving threats- as new tech emerges new attack avenues are developed.

Data Deluge-as businesses collect more and more data the cyber criminals want to steal PII (personally identifiable information)

Cybersecurity awareness training- regular employee training will help employees do their part to keep the company safe

Workforce shortage and skills gap. As data grows the need for cyber professionals does. They need to analyze, manage, and respond.

Supply chain attacks- Companies have to make sure that their partners also have good security or criminals can get to you through them.

Question 34

How is automation used in cybersecurity?

Answer 34

Automation has become an integral component to keep companies protected from the growing number and sophistication of cyberthreats. Using artificial intelligence (AI) and machine learning in areas with high-volume data streams can help improve cybersecurity in three main categories:

Threat detection. AI platforms can analyze data and recognize known threats, as well as predict novel threats.

Threat response. AI platforms also create and automatically enact security protections.

Human augmentation. Security pros are often overloaded with alerts and repetitive tasks. AI can help eliminate alert fatigue by automatically triaging low-risk alarms and automating big data analysis and other repetitive tasks, freeing humans for more sophisticated tasks.

Question 35

What are some Cybersecurity vendors and tools?

Answer 35

Identity and access management (IAM)
Firewalls
Endpoint protection
Antimalware/antivirus
Intrusion prevention/detection systems (IPS/IDS)
Data loss prevention (DLP)
Endpoint detection and response
Security information and event management (SIEM)
Encryption tools
Vulnerability scanners
Virtual private networks (VPNs)
Cloud workload protection platform (CWPP)
Cloud access security broker (CASB)

Question 36

Who are well-known cybersecurity vendors?

Answer 36

Check Point, Cisco, Code42, CrowdStrike, FireEye, Fortinet, IBM, Imperva, KnowBe4, McAfee, Microsoft, Palo Alto Networks, Rapid7, Splunk, Symantec by Broadcom, Trend Micro and Trustwave.

Question 37

What does a Chief information security officer (CISO) do?

Answer 37

Chief information security officer (CISO) is the individual who implements the security program across the organization and oversees the IT security department’s operations.

Question 38

What does the Chief security office (CSO) do?

Answer 38

Chief security office (CSO) is the executive responsible for the physical and/or cybersecurity of a company.

Question 39

What do Security engineers do?

Answer 39

Security engineers protect company assets from threats with a focus on quality control within the IT infrastructure.

Question 40

What does a Security architect do?

Answer 40

Security architects are responsible for planning, analyzing, designing, testing, maintaining and supporting an enterprise’s critical infrastructure.

Question 41

What does a Security analyst do?

Answer 41

Security analysts have several responsibilities that include planning security measures and controls, protecting digital files, and conducting both internal and external security audits.

Question 42

What does a Penetration tester do?

Answer 42

Penetration testers are ethical hackers who test the security of systems, networks and applications, seeking vulnerabilities that could be exploited by malicious actors.

Question 43

What does a Threat hunter do?

Answer 43

Threat hunters are threat analysts who aim to uncover vulnerabilities and attacks and mitigate them before they compromise a business.

Question 44

What is Interview coaching?

Answer 44

Interview coaching: Working with an instructor or a professional trainer to develop various
interview strategies and garner constructive feedback to improve overall interview skills.

Question 45

What is professional networking?

Answer 45

Professional networking: Building and maintaining relationships with other professionals that work directly within one’s field or in other related areas

Question 46

What is LinkedIn?

Answer 46

LinkedIn: professional networking platform that allows individuals in the industry to
connect, share expertise, and seek job opportunities related to Cybersecurity and other fields.

Question 47

What are certifications in Cybersecurity?

Answer 47

Certifications: Industry-recognized credentials earned by professionals to validate their
expertise and knowledge in specific areas of Cybersecurity, enhancing their credibility and
marketability to potential employers.

Question 48

What are Vendor-based Certifications?

Answer 48

Vendor-based Certifications: industry-recognized credentials offered by specific
technology or cybersecurity solution providers, validating a professional’s proficiency in using and implementing their products or services.

Question 49

What are Non-vendor Certifications?

Answer 49

Non-vendor Certifications: industry-recognized credentials that assess a professional’s knowledge, skills, and expertise in cybersecurity principles and best practices without being
tied to any specific technology or solution provider.

Question 50

What is CompTIA?

Answer 50

CompTIA: non-profit trade association that offers vendor-neutral certifications to validate and enhance the skills of IT professionals, including those focused on Cybersecurity.

Question 51

What is Security+?

Answer 51

Security+: CompTIA certification that validates the foundational knowledge and skills required for entry-level cybersecurity roles, demonstrating proficiency in essential security principles and practices.

Question 52

What is ISC2?

Answer 52

ISC2: International Information System Security Certification Consortium, a globally
recognized organization that offers industry-leading certifications such as CISSP (Certified Information Systems Security Professional) to validate professionals’ advanced knowledge
and skills in the field.

Question 53

What is SSCP?

Answer 53

SSCP: Systems Security Certified Practitioner certification, provided by ISC2, which validates professionals’ technical knowledge and expertise in implementing and managing
cybersecurity practices and controls.

Question 54

What is Entry-level certification?

Answer 54

Entry-level certification: A certification that has no prerequisite certificates, education, or experience.

Question 55

What are Next Level Certifications?

Answer 55

Next Level Certifications: advanced credentials beyond foundational certifications, showcasing specialized expertise in specific areas of Cybersecurity and enabling professionals to pursue more challenging and specialized roles in the industry.

Question 56

What is Ec-Council?

Answer 56

Ec-Council: International Council of E-Commerce Consultants, an organization that offers industry-recognized certifications like CEH (Certified Ethical Hacker) to validate professionals’ skills in ethical hacking and penetration testing.

Question 57

What is Business Continuity?

Answer 57

Business continuity: An organizational plan to deal with disasters and other difficult
situations such as cyberattacks, outages, or supply chain failures.

Question 58

What is Data recovery?

Answer 58

Data recovery: A process of retrieving and restoring lost, corrupted, or deleted data from storage devices, ensuring the availability and integrity of critical information.

Question 59

What does financial impact mean?

Answer 59

Financial impact: The overall fiduciary cost of an attack or breach to an organization.

Question 60

What is legal liability for a business?

Answer 60

Legal liability: Once a business becomes responsible for any individual’s data, it becomes subject to privacy laws. The business could face fines or additional legal penalties if it breaches those laws.

Question 61

What is loss of productivity?

Answer 61

Loss of productivity: When employees cannot perform their jobs because of a breach or attack (ransomware being an excellent example).

Question 62

What is Organizational Impact?

Answer 62

Organizational Impact: A cybersecurity attack or breach’s impact on an organization’s profits, productivity, image, etc.

Question 63

What is PII?

Answer 63

Personally identifiable information (PII): Any information that could identify an
individual, including address, date of birth, social security number, etc.

Question 64

What is Reputational loss?

Answer 64

Reputational loss: Losing the trust of business relationships, customers, and partners after a breach or attack.

Question 65

What is a Cyber Weapon?

Answer 65

Cyber Weapon: sophisticated malicious software or code specifically designed to infiltrate and manipulate computer systems, like the Stuxnet worm, which was developed as a targeted attack on industrial control systems to disrupt Iran’s nuclear program.

Question 66

What is Critical Infrastructure?

Answer 66

Critical Infrastructure: essential physical and virtual assets, systems, and networks that are vital for the functioning of a society, economy, and national security, making them prime targets for cyberattacks.