Security Analyst Questions Flashcards
Interview
Black Hat
hackers are criminals who break into computer networks with malicious intent.
Also known as Ethical Hackers. They are certified hackers who learn hacking from courses. These are good hackers who try to secure our data, websites.
White Hat Hacker
A mix of both Black-Hat and White-Hat hackers. These types of hackers find vulnerabilities in systems without the permission of owners. They don’t have any malicious intent. However, this type of hacking is still considered illegal.
Grey Hat Hacker
A method of determining which ports on a network are open and could be receiving or sending data.
Port Scanning
A group that pretends to be an enemy, attempts a physical or digital intrusion against an organization at the direction of that organization, then reports back so that the organization can improve their defenses.
Red Team
A group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and make certain all security measures will continue to be effective after implementation.
Blue Team
A device that allows or blocks the network traffic according to the rules.
Firewall
A security vulnerability caused by incomplete or incorrect misconfiguration.
Security Misconfiguration
Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.
Vulnerability
The level of impact on agency operations (including mission functions, image, or reputation), agency assets, or individuals resulting from the operation of an information system given the potential impact of a threat and the likelihood of that threat occurring.
Risk
Any circumstance or event with the potential to adversely impact organizational operations, organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service.
Threat
Following the set of standards authorized by an organization, independent part, or government.
Compliance
A globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
MITRE ATTACK
An extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. First, a user will enter their username and password. Then, instead of immediately gaining access, they will be required to provide another piece of information.
2FA
Share some general endpoint security product categories
Antivirus
EDR (Endpoint Detection and Response)
XDR (Extended Detection and Response)
DLP (Data Loss Prevention)
What is HIDS?
HIDS means Host Intrusion Detection System. HIDS is located on each host.
What is NIDS?
NIDS means Network Intrusion Detection System. NIDS is located in the network.
A common model that forms the basis for the development of security systems.
CIA Triad
Involves the efforts of an organization to make sure data is kept secret or private.
Confidentiality
Involves making sure your data is trustworthy and free from tampering.
Integrity
Systems, networks, and applications must be functioning as they should and when they should.
Availability
What is AAA?
Authentication
Authorization
Accounting
Involves a user providing information about who they are. Users present login credentials that affirm they are who they claim.
Authentication
A user can be granted privileges to access certain areas of a network or system.
Authorization