Module 4 - 01-2 Flashcards

Core Cybersecurity Knowledge and Skills

1
Q

What are two commonly used types of Programming Languages?

A

1) Python
2) SQL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does OS stand for?

A

Operating System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define operating system (OS)

A

The interface between computer hardware and the user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are three examples of an Operating System?

A

1) Linux
2) MacOS
3) Windows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define Programming

A

Used to create a specific set of instructions for a computer to execute tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How does programming benefit security analysts?

A

Programming allows analysts to complete repetitive tasks and processes with a high degree of accuracy and efficiency.
It also helps reduce the risk of human error, and can save hours or days compared to performing the work manually.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define Linux

A

An open-source, or publicly available, operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Define Open Source

A

The code is available to the public and allows people to make contributions to improve the software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does Linux rely on as the primary user interface?

A

Linux relies on a command line as the primary user interface.
Linux itself is not a programming language, but it does allow for the use of text-based commands between the user and the operating system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Define Command

A

An instruction telling the computer to do something

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What doe CLI stand for?

A

Command Line Interface (CLI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Define Command-Line Interface

A

A text-based user interface that uses commands to interact with the computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does GUI stand for?

A

Graphical User Interface (GUI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Explain how Linux, in the past and now, interacts with common computer systems?

A

Linux traditionally relied on the CLI, but modern distributions typically come with a graphical user interface (GUI), which allows users to interact with the system using windows, icons, and menus, similar to Windows or macOS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does SQL stand for?

A

Structured Query Language (SQL)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Define SQL

A

A programming language used to create, interact with, and request information from a database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Define Database

A

An organized collection of information or data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Define Data Point

A

A specific piece of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Define Python

A

Used to perform tasks that are repetitive and time-consuming and that require a high level of detail and accuracy

20
Q

Which of the following can be used to perform repetitive, time-consuming tasks and/or request information from a database? Select two answers.

  • SQL
  • Python
  • Linux
  • CIA
A
  • SQL
  • Python

Python and SQL can be used to perform repetitive, time-consuming tasks and/or request information from a database.

21
Q

Define Automation

A

The use of technology to reduce human and manual effort in performing common and repetitive tasks.
Automation also helps reduce the risk of human error.

22
Q

Define Web Vulnerability

A

A unique flaw in a web application that a threat actor could exploit by using malicious code or behavior, to allow unauthorized access, data theft, and malware deployment

23
Q

What does OWASP stand for?

A

Open Web Application Security Project (OWASP)

24
Q

Define OWASP

A

A non-profit organization focused on improving software security

25
Q

What is another name for Antivirus Software?

A

Anti-Malware

26
Q

Define Antivirus Software (Anti-Malware)

A

A software program used to prevent, detect, and eliminate malware and viruses

27
Q

What does IDS stand for?

A

Intrusion Detection System (IDS)

28
Q

Define IDS

A

An application that monitors system activity and alerts on possible intrusions

29
Q

Explain how an IDS works

A

The system scans and analyzes network packets, which carry small amounts of data through a network. The small amount of data makes the detection process easier for an IDS to identify potential threats to sensitive data. Other occurrences an IDS might detect can include theft and unauthorized access.

30
Q

Define Encryption

A

The process of converting data from a readable format to a cryptographically encoded format

31
Q

Define Cryptographic Encoding

A

Converting plaintext into secure ciphertext

32
Q

Define Plaintext

A

Unencrypted information

33
Q

Define Secure Ciphertext

A

The result of encryption

34
Q

Define Encoding

A

The use of a public conversion algorithm to enable systems that use different data representations to share information

35
Q

What is another name for Penetration Testing?

A

Pen Testing

36
Q

Define Penetration Testing (Pen Testing)

A

The act of participating in a simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes

It is a thorough risk assessment that can evaluate and identify external and internal threats as well as weaknesses

37
Q

What do security professionals use to interact with and request information from a database?

  • Linux
  • Confidentiality, integrity, availability (CIA) triad
  • Python
  • Structured Query Language (SQL)
A

Structured Query Language (SQL)

Security professionals use Structured Query Language (SQL) to interact with and request information from a database.

38
Q

What is programming typically used for? Select two answers.

  • Record events that occur within an organization’s systems
  • Complete repetitive tasks and processes
  • Enable open-source operations
  • Create a specific set of instructions for a computer to execute tasks
A
  • Complete repetitive tasks and processes
  • Create a specific set of instructions for a computer to execute tasks

Programming is typically used to complete repetitive tasks and processes and create a specific set of instructions for a computer to execute tasks.

39
Q

Linux is an open-source _____ that can be used to examine logs.

  • algorithm
  • database
  • programming language
  • operating system
A

operating system

Linux is an open-source operating system that can be used to examine logs.

40
Q

True or False?
A playbook is a manual that only provides details about how to respond to an incident.

A

False

A playbook is a manual that provides details about any operational action, including incident response, security or compliance reviews, access management, and many other organizational tasks that require a documented process from beginning to end.

41
Q

What is a portfolio?

A

Cybersecurity professionals use portfolios to demonstrate their security education, skills, and knowledge.

42
Q

Why is a portfolio necessary?

A

Professionals typically use portfolios when they apply for jobs to show potential employers that they are passionate about their work and can do the job they are applying for. Portfolios are more in depth than a resume, which is typically a one-to-two page summary of relevant education, work experience, and accomplishments.

43
Q

What may be included but not limited in a portfolio?

A
  • Drafting a professional statement
  • Conducting a security audit
  • Analyzing network structure and security
  • Using Linux commands to manage file permissions
  • Applying filters to SQL queries
  • Identifying vulnerabilities for a small business
  • Documenting incidents with an incident handler’s journal
  • Importing and parsing a text file in a security-related scenario
  • Creating or revising a resume
44
Q

Define Professional Statement

A

An introduction to prospective employers that briefly describes who you are as a person and potential employee, and it allows them to understand what you care about and the value you can bring to the organization.

45
Q

Example 1 of a Professional Statement

A

My name is Daniel. I am driven and passionate about safeguarding people’s security, including their financial well being. I enjoy working with technology and analyzing and solving complex problems.

46
Q

Example 2 of a Professional Statement

A

I am a highly motivated and detail-oriented cybersecurity analyst. I actively work to identify and analyze potential risks, threats, and vulnerabilities to security and ensure the confidentiality, integrity, and availability of assets, to help safeguard organizations and people alike.

47
Q

Example 3 of a Professional Statement

A

I am enthusiastic about information security and enjoy finding solutions that can positively impact an organization and the people it serves. I place a high value on maintaining a strong security posture to help protect sensitive information and mitigate risk.