Security +

Question 1

Information Security

Answer 1

Act of protecting data and information from unauthorized access, unlawful modification and disruption, disclosure, corruption, and destruction

Question 2

Information Systems Security

Answer 2

Act of protecting the systems that hold and process the critical data

Question 3

C.I.A. Triad

Answer 3

Confidentiality, Integrity, Availability

Question 4

Confidentiality

Answer 4

Ensures that information is only accessible to those with the appropriate authorization

Question 5

Integrity

Answer 5

Ensure that the data remains accurate, unaltered, and trustworthy unless modifications required

Question 6

Availability

Answer 6

Ensures that information and resources are accessible and functional when needed by authorized users

Question 7

Non-repudiation

Answer 7

Guaranteeing that a specific action or event has taken place and cannot be denied by the parties involved

Question 8

AAA Security

Answer 8

Authorization, Authentication, Accounting

Question 9

Control Plane

Answer 9

The overarching framework and set of components are responsible for defining, managing, and enforcing the policies related to user and system access within an organization.
Consists of adaptive identity, threat scope reduction, policy-driven access control, and secured zones.

Question 10

Data Plane

Answer 10

Ensures that the policies and procedures are properly executed.
Focused on the subject/system, policy engine, policy administrator, and establishing policy enforcement points

Question 11

Hashing

Answer 11

Process of converting data into a fixed-size value

Question 12

Checksum

Answer 12

Method to verify the integrity of the data during transmission

Question 13

Regular Audits

Answer 13

Involve reviewing logs and operations to ensure that only authorized changes have been made and any discrepancies are addressed

Question 14

Digital Signature

Answer 14

Created first by hashing a particular message or communication to be digitally signed and encrypting the hash digest with the user’s private key using asymmetric encryption

Question 15

Managerial Controls

Answer 15

Involve the strategic planning and governance side of security

Question 16

Operational Controls

Answer 16

Procedures and measures that are designed to protect data on a day-to-day basis and are mainly governed by internal processes and human actions

Question 17

Physical Controls

Answer 17

Tangible real-world measures taken to protect assets

Question 18

Preventative Controls

Answer 18

Proactive measures implemented to thwart potential security threats or breaches

Question 19

Deterrent Controls

Answer 19

Aim to discourage potential attackers by making the effort seem less appealing or more challenging

Question 20

Detective Controls

Answer 20

Monitor and alert organizations to malicious activities as the occur or shortly thereafter

Question 21

IDS

Answer 21

Intrusion Detection System

Question 22

Corrective Controls

Answer 22

Mitigate any potential damage and restore the systems to their normal state

Question 23

Compensating Controls

Answer 23

Alternative measures that are implemented when primary security controls are not feasible or effective

Question 24

Directive Controls

Answer 24

Policies or procedures that dictate specific actions or behaviors by users or systems.
Often rooted in policy or documentation and set the standards for behavior within an organization

Question 25

Gap Analysis

Answer 25

Process of evaluating the differences between an organization’s current performance and its desired performance

Question 26

Technical Gap Analysis

Answer 26

Involves evaluating an organization’s current technical infrastructure and identifying any areas where it falls short of the technical capabilities required to fully utilize their security solutions

Question 27

Business Gap Analysis

Answer 27

Involves evaluating an organization’s current business processes and identifying any areas where they fall short of the capabilities required to fully utilize cloud-based solutions

Question 28

POA&M- Plan of Action and Milestones

Answer 28

Outlines the specific measures to address each vulnerability, allocate resources, and set up timelines for each remediation task that is needed

Question 29

Control Plane

Question 30

Adaptive Identity

Answer 30

Use adaptive identities that rely on real-time validation that takes into account the user’s behavior, device, location, and other factors like that

Question 31

Threat Scope Reduction

Answer 31

Limit the users’ access to only what they need for their work tasks because this drastically reduces the network potential attack surface

Question 32

Policy-Driven Access Controls

Answer 32

This entails developing, managing, and enforcing user access policies based on their roles and responsibilities

Question 33

Secured Zones

Answer 33

Isolated environments within a network that are designed to house sensitive data

Question 34

Subject/System

Answer 34

Refers to the individual or entity attempting to gain access

Question 35

Policy Engine

Answer 35

Cross-references the access request with its pre-defined policies

Question 36

Policy Administrator

Answer 36

Used to establish and manage the access policies

Question 37

Policy Enforcement Point

Answer 37

Allow or restrict access, and it will effectively act as a gatekeeper to the sensitive areas of the systems or networks

Question 38

Threat Actor

Answer 38

An individual or entity responsible for incidents that impact security and data protection

Question 39

Unskilled Attackers

Answer 39

Individuals with limited technical expertise who use readily available tools like downloaded scripts or exploits to carry out attacks

Question 40

Hacktivists

Answer 40

Cyber attackers who carry out their activities are driven by political. social, or environmental ideologies who often want to draw attention to a specific cause

Question 41

Organized Crime

Answer 41

Well-structured groups that execute cyberattacks for financial gain, usually through methods like ransomware, identity theft, or credit card fraud

Question 42

Nation-state Actors

Answer 42

Highly skilled attackers that are sponsored by governments to carry out cyber espionage, sabotage, or cyber warfare against other nation-states or specific targets in a variety of industries

Question 43

Insider Threats

Answer 43

Security threats that originate from within the organization

Question 44

Shadow IT

Answer 44

IT systems, devices, software, applications, and services that are managed and utilized without explicit organizational approval

Question 45

Honeypots

Answer 45

Decoy systems or servers designed to attract and deceive potential attackers, simulating real-world IT assets to study their techniques

Question 46

Honeynets

Answer 46

Network of Honeypots to create a more complex system that is designed to mimic an entire network of systems, including servers, routers and switches
Creates an entire network of decoy systems to observe complex, multi-stage attacks

Question 47

Honeyfiles

Answer 47

Decoy files placed within systems to detect unauthorized access or data breaches

Question 48

Honey Tokens

Answer 48

Fake pieces of data, like a fabricated user credential, are inserted into databases or systems to alert administrators when they are accessed or used

Question 49

National-State Actors

Answer 49

Groups that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals

Question 50

False Flag Attack

Answer 50

Attack that is orchestrated in such a way that it appears to originate from a different source or group to mislead organizations or groups

Question 51

Attack Surface

Answer 51

Encompasses all the various points where an unauthorized user can try to enter data or extract data from an environment

Question 52

Images- Threat Vectors

Answer 52

Image-based threat vectors involve the embedding of the malicious code inside of an image file by the threat actor

Question 53

Files- Threat Vectors

Answer 53

File-based threat vectors involve the use of malicious files to deliver a cyber attack

Question 54

Voice Calls- Threat Vectors

Answer 54

Voice call-based threat vectors involve the use of voice calls to trick victims into revealing their sensitive information

Question 55

BlueBorne

Answer 55

Set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices or spread malware

Question 56

Blue Smack

Answer 56

Type of Denial of service attack that targets Blue-tooth-enabled devices by sending a specially crafted Logical Link Control and Adaptation Protocol packet to a target device

Question 57

Tactics, Techniques, and Procedures (TTPs)

Answer 57

Specific methods and patterns of activities or behaviors associated with a particular threat actor or group of threat actors

Question 58

Port Triggering

Answer 58

Security mechanism where specific services or ports on a network device remain closed until a specific outbound traffic pattern is detected

Question 59

FAR- False Acceptance Rate

Answer 59

The rate that the system authenticates a user as valid, even though that person should not have been granted access to the system

Question 60

FRR- False Rejection Rate

Answer 60

Occurs when biometrics denies a user who should have access

Question 61

EER- Equal Error Rate

Answer 61

More commonly called Crossover Error Rate (CER), it uses a measure of the effectiveness of a given biometrics system to achieve a balance

Question 62

Typosquatting

Answer 62

A form of cyber attack where an attacker registers a domain name that is similar to a popular website but contains some kind of typographical error

Question 63

Water Hole Attacks

Answer 63

Targeted form of cyber attack where attackers compromise a specific website or service that their target is known to use

Question 64

Threat Vector

Answer 64

Specific method used by an attacker to infiltrate a victims machine

Question 65

Attack Vector

Answer 65

A means by which an attacker gains access to a computer to infect the system with malware

Question 66

Macro Virus

Answer 66

A form of code that allows a virus to be embedded inside another document so that when that document is opened by the user, the virus is executed

Question 67

Program Virus

Answer 67

Tries to find executables or application files to infect their malicious code

Question 68

Multipartite Virus

Answer 68

A combination of a boot sector type virus and a program virus

Question 69

Polymorphic Virus

Answer 69

Advanced version of an encrypted virus, but instead of just encrypting the contents, it will change the virus’s code each time it is executed by altering the decryption module for it to evade detection

Question 70

Metamorphic Virus

Answer 70

Able to rewrite itself entirely before it attempts to infect a given file

Question 71

Stealth Virus

Answer 71

A technique used to prevent the virus from being detected by the anti-virus software

Question 72

Armored Virus

Answer 72

Have a layer of protection to confuse a program or person who’s trying to analyze it

Question 73

Remote Access Trojan (RAT)

Answer 73

This type of Trojan is widely used by modern attackers because it provides the attacker with remote control of the victims machine

Question 74

DLL Injection

Answer 74

A technique used to run arbitrary code within the address space of another process by forcing it to load a dynamic-link library

Question 75

Logic Bomb

Answer 75

Malicious code that’s inserted into a program, and will only execute when certain conditions have been met