Other Concepts

Question 1

Concept

Answer 1

Description

Question 2

Honeypot

Answer 2

A decoy system or network set up to attract potential attackers.

Question 3

Honeynet

Answer 3

A network of honeypots designed to simulate an entire network environment.

Question 4

Honeyfile

Answer 4

A bait file used to attract and monitor malicious activity.

Question 5

Honeytoken

Answer 5

A fake data entry used to detect unauthorized access.

Question 6

Zero Trust

Answer 6

A security model that assumes no implicit trust and requires continuous verification.

Question 7

Control Plane

Answer 7

Manages network traffic control, including routing, topology, and policies.

Question 8

Data Plane

Answer 8

Handles the actual movement and processing of data packets.

Question 9

Non-repudiation

Answer 9

Assurance that someone cannot deny the validity of something.

Question 10

Anomalous behavior recognition

Answer 10

Detecting unusual behavior patterns that could indicate a security threat.

Question 11

Attestation

Answer 11

A declaration that verifies a system’s integrity or security state.

Question 12

Evidence of internal audits

Answer 12

Documentation proving that internal audits have been conducted.

Question 13

Risk assessment

Answer 13

The process of identifying and evaluating risks to an organization.

Question 14

Risk analysis

Answer 14

A detailed examination of risks to determine their impact and likelihood.

Question 15

Risk register

Answer 15

A log of identified risks, their severity, and mitigation measures.

Question 16

Risk tolerance

Answer 16

The amount of risk an organization is willing to accept.

Question 17

Risk management strategies

Answer 17

Strategies to manage and mitigate identified risks.

Question 18

Risk reporting

Answer 18

The process of communicating information about risks.

Question 19

Change management

Answer 19

Managing changes in a controlled and systematic way.

Question 20

Owner Role

Answer 20

The individual responsible for the security of a specific asset.

Question 21

Controller Role

Answer 21

Entity responsible for determining purposes and means of data processing.

Question 22

Processor Role

Answer 22

Entity that processes data on behalf of the controller.

Question 23

Custodians/stewards

Answer 23

Individuals responsible for managing and protecting data.

Question 24

Open public ledger

Answer 24

A publicly accessible ledger used to record transactions.

Question 25

Key stretching

Answer 25

Techniques used to increase the time required to crack passwords.

Question 26

Root of trust

Answer 26

A hardware or software component that is inherently trusted.

Question 27

Obfuscation

Answer 27

The deliberate confusion of data to obscure its meaning.

Question 28

Data masking

Answer 28

Techniques used to hide or obscure sensitive data.

Question 29

Tokenization

Answer 29

Replacing sensitive data with a non-sensitive equivalent.

Question 30

Steganography

Answer 30

Concealing a message within another message or file.

Question 31

Key management system

Answer 31

A system used for the management of cryptographic keys.

Question 32

Key exchange

Answer 32

The process of securely exchanging cryptographic keys.

Question 33

Key escrow

Answer 33

Storing encryption keys with a third party for safekeeping.

Question 34

Data exfiltration

Answer 34

The unauthorized transfer of data from a computer.

Question 35

Race conditions

Answer 35

Software bugs that occur due to the timing of actions.

Question 36

Side loading

Answer 36

Installing applications from unofficial sources.

Question 37

Zero Day

Answer 37

A vulnerability that is unknown to those who should be interested in its mitigation.

Question 38

Brute force

Answer 38

An attack where every possible combination of passwords is tried.

Question 39

RFID cloning

Answer 39

Copying the data from an RFID chip to another device.

Question 40

Smurf Attack

Answer 40

A type of attack where a network is flooded with spoofed requests.

Question 41

Trojan

Answer 41

Malicious software disguised as legitimate software.

Question 42

Logic Bomb

Answer 42

Malware that triggers a malicious action when certain conditions are met.

Question 43

Rootkit

Answer 43

A set of software tools used to gain unauthorized access.

Question 44

Credential replay

Answer 44

Reusing captured authentication credentials to gain access.

Question 45

On-path

Answer 45

Intercepting and potentially altering communication between two parties.

Question 46

Spraying

Answer 46

An attack where many password attempts are made using common passwords.

Question 47

Birthday Attack

Answer 47

An attack that exploits the mathematics behind hash functions.

Question 48

Segmentation

Answer 48

Dividing a network into segments to enhance security.

Question 49

Isolation

Answer 49

Separating systems to prevent them from interacting directly.

Question 50

Security zones

Answer 50

Different areas within a network with varying levels of security.

Question 51

Attack Surface

Answer 51

The total number of points where an unauthorized user can try to enter data to or extract data from an environment.

Question 52

Failure modes

Answer 52

The different ways in which a system can fail.

Question 53

Port security

Answer 53

A security feature to restrict unauthorized network access.

Question 54

Jump server

Answer 54

A server that acts as an intermediary between a secure network and external networks.

Question 55

Inline vs. tap/monitor

Answer 55

Monitoring traffic inline vs. passive monitoring via tap.

Question 56

Tunneling

Answer 56

Encapsulating one network protocol within another.

Question 57

Layer 4

Answer 57

Layer 4 of the OSI model, responsible for transport.

Question 58

Layer 7

Answer 58

Layer 7 of the OSI model, responsible for application services.

Question 59

RAID 0

Answer 59

A type of RAID that stripes data across multiple disks for performance but offers no redundancy.

Question 60

RAID 5

Answer 60

A type of RAID that offers a good balance of performance and redundancy.

Question 61

802.1X

Answer 61

A network access control protocol for securing access to a network.

Question 62

Data sovereignty

Answer 62

The concept that data is subject to the laws and regulations of the country in which it is located.

Question 63

Clustering

Answer 63

Linking multiple servers together to work as a single system.

Question 64

Warm Site

Answer 64

A backup site that is not fully equipped but can be operational within a reasonable time.

Question 65

Multi-cloud systems

Answer 65

Using multiple cloud services to prevent reliance on a single provider.

Question 66

Tabletop exercises

Answer 66

Simulated exercises to test the preparedness for emergency situations.

Question 67

Simulation

Answer 67

A simulated environment to test responses to hypothetical scenarios.

Question 68

Parallel Processing

Answer 68

Simultaneous processing by multiple processors to complete a task.

Question 69

Snapshots

Answer 69

Capturing the state of a system at a specific point in time.

Question 70

Secure Baselines

Answer 70

Defined configurations that are known to be secure.

Question 71

Static Code Analysis

Answer 71

Analyzing source code to identify potential vulnerabilities.

Question 72

Data Certification

Answer 72

The process of validating that data meets the necessary standards.

Question 73

Enumeration

Answer 73

Discovering and listing network resources and their services.

Question 74

Classification

Answer 74

Categorizing data based on its sensitivity and importance.

Question 75

NetFlow

Answer 75

NetFlow is a network protocol developed by Cisco for collecting IP traffic information and monitoring network flow.

Question 76

IPFIX

Answer 76

IPFIX is an enhanced version of NetFlow v9, and is sometimes called “NetFlow v10”

Question 77

Screened Subnets

Answer 77

Subnets that are separated from the rest of the network for security purposes.

Question 78

Hard Authentication Token

Answer 78

A physical device used to provide secure authentication.

Question 79

Soft Authentication Token

Answer 79

A software-based method of providing secure authentication.

Question 80

Just-in-time Permissions

Answer 80

Granting permissions only when they are needed.

Question 81

Password Vaulting

Answer 81

A secure storage solution for managing passwords.

Question 82

Ephemeral credentials

Answer 82

Credentials that are temporary and expire after use.

Question 83

Passwordless

Answer 83

Authentication without the use of passwords.

Question 84

Root Cause Analysis

Answer 84

Investigating the root cause of security incidents.

Question 85

Legal Hold

Answer 85

A process that ensures the preservation of relevant data for legal proceedings.

Question 86

E-Discovery

Answer 86

The process of identifying and retrieving electronic information.

Question 87

Threat Hunting

Answer 87

Proactively searching for cyber threats within a network.

Question 88

Guard Rails

Answer 88

Pre-defined security policies and procedures to follow.

Question 89

File Integrity Monitoring

Answer 89

Monitoring files to ensure they have not been altered or compromised.