Module One

Question 1

Cybersecurity

Answer 1

practice of ensuring confidentiality, integrity, and availability of info by protecting networks, devices, people, and data from unauthorized access or criminal exploitation

Question 2

Compliance

Answer 2

adhering to internal standards and external regulations, enables orgs to avoid fines and security breaches

Question 3

Security Frameworks

Answer 3

guidelines for building plans to help mitigate risks and threats to data and privacy

Question 4

Security Controls

Answer 4

safeguards to reduce specific security risks, used with security frameworks to est strong security posture

Question 5

Security Posture

Answer 5

orgs ability to manage defense of critical assets and data and react to change, leads to lower risk for org

Question 6

Threat Actor

Answer 6

malicious attacker, person or group who presents a security risk, can relate to computers, apps, networks, and data

Question 7

Internal threat

Answer 7

current or former employee, external vendor, or trusted partner who poses security risk, which can be accidental

Question 8

Network Security

Answer 8

practice of keeping orgs network infrastructure secure from unauthorized access. Includes data, services, systems, devices that are stored in orgs network

Question 9

cloud security

Answer 9

process of ensuring that assets stored in the cloud are properly configured, and access to those assets is limited to authorized users.

Question 10

The Cloud Network

Answer 10

made up of collection of servers or computers that store resources and data in remote physical locations known as data centers, accessed via the internet

Question 11

Programming

Answer 11

process that can be used to create specific set of instructions for a computer to execute tasks

Question 12

Transferable Skills

Answer 12

communication
problem-solving
time management
growth mindset
diverse perspectives

Question 13

SIEM tools

Answer 13

security info and event management tools
collect and analyze log data (ex: unusual login behavior), support ability to monitor critical activities

Question 14

IDSs

Answer 14

Intrusion detection systems
use to monitor system activity and alerts for possible intrusions
(ex: use to monitor networks for signs of malicious activity, like unauthorized access to a network)

Question 15

Threat landscape knowledge

Answer 15

being aware of current trends related to threat actors, malware, or threat methodologies

Question 16

Incident Response

Answer 16

analysts need to follow est policies and procedures to respond to incidents

Question 17

PII

Answer 17

any info used to infer an individual’s identity (name, DOB, social, address, number, email, IP address)

Question 18

SPII

Answer 18

specific type of PII that falls under stricter handling guidelines
(ssn, medical/financial info, biometric data)