Security_Plus_Complete_Guide Flashcards
What is the CIA triad in cybersecurity?
Confidentiality, Integrity, and Availability.
Define ‘Confidentiality’ in the CIA triad.
Limiting information access to authorized users.
Define ‘Integrity’ in the CIA triad.
Ensuring accuracy and reliability of data.
Define ‘Availability’ in the CIA triad.
Ensuring resources are accessible when needed.
What does AAA stand for in cybersecurity?
Authentication, Authorization, and Accounting.
Describe ‘Authentication’ in AAA.
Verifying identity of a user or device.
Describe ‘Authorization’ in AAA.
Granting permissions to authenticated users.
Describe ‘Accounting’ in AAA.
Tracking user actions for audit purposes.
What is the purpose of the CIA triad?
To provide a foundational model for security policies to protect data.
What is ‘Risk Management’ in cybersecurity?
Identifying, assessing, and mitigating risks to information security.
What is a ‘risk assessment’?
Evaluating potential threats to determine their impact and likelihood.
Define ‘least privilege’ in access control.
Restricting user access to only what is necessary for their role.
What is ‘non-repudiation’ in information security?
Ensuring a user cannot deny having performed an action.
What is a ‘security policy’?
A set of rules and practices that dictate how data is protected.
What is ‘multi-factor authentication’?
Using more than one method of verification to authenticate users.
What is a ‘digital signature’?
An electronic method to verify the authenticity of a document or message.
Explain ‘defense in depth’.
Using multiple layers of security to protect resources.
What does ‘risk tolerance’ mean in risk management?
The level of risk an organization is willing to accept.
Define ‘threat’ in risk management.
Any potential event or action that could cause harm to information.
What is a ‘vulnerability’?
A weakness in a system that could be exploited by a threat.
What is malware?
Malicious software designed to harm or exploit devices, networks, or systems.
Define phishing.
Deceptive attempts to steal sensitive information via email or other forms of communication.
What is ransomware?
Malware that encrypts files and demands payment for their release.
What is a Trojan?
Malware disguised as legitimate software.
What is a worm?
Self-replicating malware that spreads across networks without user intervention.
Define a zero-day vulnerability.
A software flaw unknown to the vendor, without a patch, making it susceptible to attacks.
Describe a DDoS attack.
An attack that overwhelms a system with traffic to make it unavailable to legitimate users.
What is SQL injection?
An attack that injects malicious SQL code to manipulate or access a database.
Define an insider threat.
A threat posed by individuals within an organization, such as employees misusing access.
What is cross-site scripting (XSS)?
Injecting malicious scripts into trusted websites to manipulate data or steal information.
What is the purpose of a firewall?
To monitor and control incoming and outgoing network traffic based on security rules.
Describe a brute-force attack.
An attack that systematically tries all possible combinations to crack a password.
What is vulnerability management?
The process of identifying, prioritizing, and resolving vulnerabilities in systems.
What is social engineering?
Manipulating individuals to disclose confidential information or perform actions.
What is pharming?
Redirecting users from legitimate websites to malicious websites.
What is MAC address filtering?
Restricting network access based on device MAC addresses.
Describe a man-in-the-middle attack.
An attack where communication between two parties is intercepted by an unauthorized party.
What is spear phishing?
A targeted phishing attempt to steal sensitive information from specific individuals.
What is an advanced persistent threat (APT)?
A prolonged, targeted attack intended to steal data without detection.
Define privilege escalation.
Gaining elevated access within a system to perform unauthorized actions.
What is a buffer overflow?
An exploit where excess data overflows into adjacent memory locations.
What is encryption?
Encoding data to protect it from unauthorized access.
What does an Intrusion Detection System (IDS) do?
Detects and alerts on suspicious network activities.
What is session hijacking?
Taking control of an active session between a user and a server to gain unauthorized access.
What is banner grabbing?
Collecting information about a server’s software and version by connecting to it.
What is a vulnerability scan?
A scan that identifies security weaknesses in a system.
What is data leakage?
Unintentional transfer of data from within an organization to an external entity.
What is a rogue access point?
An unauthorized Wi-Fi access point set up to intercept traffic on a network.
What is an account lockout policy?
A policy that temporarily disables an account after several failed login attempts to prevent brute-force attacks.
What is whaling?
A phishing attack targeting high-profile individuals within an organization.
What is a botnet?
A network of compromised devices controlled remotely by an attacker.
What is IP spoofing?
Forging the IP address of a device to impersonate another device on the network.
What is a vulnerability assessment?
An assessment to identify and prioritize system weaknesses.
What is port scanning?
Scanning for open ports on a network to identify running services and potential vulnerabilities.
What is password spraying?
Attempting common passwords across many accounts in an organization.
What is a keylogger?
Malware that records keystrokes to capture sensitive information like passwords.
What is DNS poisoning?
Corrupting DNS records to redirect traffic to malicious sites.
What is spimming?
Spam directed at instant messaging users.
What is a SYN flood attack?
A type of DDoS that overwhelms a server by sending multiple SYN requests without completing the handshake.
What is ARP poisoning?
An attack that tricks devices on a network into sending data to an attacker by spoofing MAC addresses.
What is a denial of service (DoS) attack?
An attack that attempts to make a system or network resource unavailable to its users.
What is a drive-by download attack?
Malicious software is downloaded to a user’s device without their knowledge when visiting a compromised website.
What is directory traversal?
An attack that gains unauthorized access to restricted directories on a server.
What is a distributed denial of service (DDoS) attack?
A DoS attack that uses multiple devices to flood a target with traffic.
Define malware.
Software specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
What is an exploit?
Code or techniques used to take advantage of a vulnerability in a system.
What is defense in depth?
A layered security approach where multiple defenses are in place to protect resources.
What is network segmentation?
Dividing a network into smaller segments to limit access and enhance security.
What is the Zero Trust model?
A security model that assumes no network traffic is trusted, regardless of location.
Define microsegmentation in network security.
Dividing a network into very small segments to limit lateral movement of threats.
What is a demilitarized zone (DMZ)?
A network segment that acts as a buffer between internal and external networks.
What is cloud security?
Practices and technologies used to protect cloud-based assets and data.
What does SaaS stand for in cloud computing?
Software as a Service.
What does PaaS stand for in cloud computing?
Platform as a Service.
What does IaaS stand for in cloud computing?
Infrastructure as a Service.
What is virtualization?
Creating virtual versions of resources like servers and storage for efficient use.
What is a hypervisor?
Software that creates and manages virtual machines on a host system.
Define containerization.
A lightweight form of virtualization where applications run in isolated containers.
What is application isolation in cloud environments?
Ensuring that applications run in separate environments to prevent interference.
