Security Concepts Flashcards
Threat types
What is a virus(es)?
Malware that replicates by modifying other programs with its own code. Can harm system functionality or corrupt/delete data.
What is a worm(s)?
Self-replicating malware spreading across networks without human intervention. Exploits vulnerabilities in operating systems.
What are trojans?
Malicious programs disguised as legitimate software. They perform destructive actions or create backdoors for malicious access once executed.
What is spyware?
Software that covertly gathers user information through the user’s Internet connection without their knowledge, often for advertising purposes.
What is ransomware?
Malware that encrypts user data and demands payment for the decryption key. Payment does not guarantee recovery of data.
What is Phishing?
A form of cyberattack where a deceptive email is used to trick the recipient into believing it contains information they want or need, leading to the theft of personal information.
What are rootkits?
A set of software tools that enable unauthorized access to a computer, often hiding the existence of other malware.
What is adware?
Unwanted software designed to show advertisements on your screen, often within a web browser. While not always malicious, it can undermine security.
What are Man-in-the-Middle (MitM) Attacks?
Occurs when attackers intercept communication between two parties to steal data. Common in unsecured Wi-Fi networks.
What are DDoS Attacks?
An attempt to make an online service or network unavailable by overwhelming it with traffic from multiple sources.
What are Zero-Day Exploits?
Attacks that occur when vulnerabilities are targeted before developers have had the chance to address them. “Zero-day” refers to the amount of time developers have known about it.
What is the CIA Triad?
An essential concept in cybersecurity, forms the foundation for designing and implementing security measures. It comprises three core principles: Confidentiality, Integrity, and Availability.
What does confidentiality mean in the CIA Triad?
It is concerned with ensuring that the right people have access to secure information and that the wrong people do not.
What does Integrity mean in the CIA Triad?
Ensuring that information or data has not been changed or corrupted. Maintaining data integrity means that you can rely on the data as a source of truth.
What does availability mean in the CIA Triad?
It is focused on maintaining access to information or data for any user who is authorized to access it. While it may sound basic, ensuring 24/7 availability worldwide for all authorized users can become challenging rapidly.
What does authentication mean in The AAA Model?
It’s the process of requiring you to prove you are who you say you are before allowing you to access some resource.
What does authorization mean in The AAA Model?
It is the provisioning of the correct level of access based on the user requesting access.
What does accounting mean in The AAA Model?
Also sometimes referred to as Auditing, is the third A in the model. As the name implies, accounting in cybersecurity requires keeping track of three things:
1) What the users are accessing.
2) When they are accessing this information.
3) A full accounting of everything the user does.
What is the purpose of a Gap Analysis?
It provides an overview of your current security operations and points out weaknesses when compared to industry standards. A gap analysis serves as a valuable tool in various fields, including business, project management, and cybersecurity.
What is NIST CSF?
“National Institute of Standards and Technology Cybersecurity Framework,” which is a set of voluntary guidelines and best practices created by the U.S. government to help organizations manage and reduce their cybersecurity risks by providing a structured approach to identify, assess, and mitigate cyber threats; essentially acting as a roadmap for improving cybersecurity posture across an organization.
What is ISO 27001?
An international standard intended for an Information Security Management System (ISMS). It provides a framework and guidelines for organizations to establish, implement, maintain, and continually improve their information security practices.
What are the five core NIST CSF functions?
Identify, Protect, Detect, Respond, Recover
