Security Concepts 2 Flashcards
What is (PII)?
Personally Identifiable Information (PII), it is stored on computer systems by all of the services and institutions you interact with.
What is the GDPR?
General Data Protection Regulation, a well-known legal framework around Information and Data Privacy which is the law of the land in terms of data privacy in the EU (European Union).
What are Honeypots?
Decoy systems or resources designed to attract and detect attackers
What is the purpose of Honeypots?
They serve as a trap, diverting and engaging malicious actors, allowing security professionals to study their methods and tactics. Honeypots can be categorized as low-interaction (emulating services to deceive attackers) or high-interaction (fully functional systems that provide a more realistic target).
What are Honeynets?
Networks of honeypots designed to lure and analyze sophisticated attacks
What is the purpose of Honeynets?
Provide a more comprehensive view of an attacker’s behavior across multiple systems. Mimic a real network environment, aiding in the detection and understanding of coordinated attacks.
What are Honeyfiles?
Fake or decoy files that are strategically placed to attract attackers.
What is the purpose of Honeyfiles?
They serve as breadcrumbs, leading attackers away from valuable data and towards false information. By interacting with these files, security teams can gather insights into an attacker’s motives and techniques.
What are Honeytokens?
Pieces of fake data or credentials intentionally placed within a system.
What is a security breach?
A broader term that considers any incident where the system of a system, network, or organization is compromised. This includes unauthorized access, data breaches, malware infections, physical security breaches, and many more.
What is a data breach?
A data breach is any security incident in which unauthorized parties gain access to sensitive data or confidential information, including personal data (Social Security numbers, bank account numbers, healthcare data) or corporate data (customer data records, intellectual property, financial information).