Terms To Know

Question 1

Process that can be used to create a specific set of instructions for a computer to execute tasks

Answer 1

Programming

Question 2

The interface between computer hardware and the user.

Answer 2

Operating system

Question 3

Operating system that is open-source and can use the command line

Answer 3

Linux

Question 4

A unique flaw in a web application that a threat actor could exploit by using malicious code or behavior that allows unauthorized access, data theft and malware deployment

Answer 4

Web Vulnerability

Question 5

Software program used to prevent, detect and eliminate malware and viruses

Answer 5

Antivirus software

Question 6

Application that monitors system activity and alerts to possible intrusions and analyzes network packets

Answer 6

Intrusion detection system IDS

Question 7

Makes data unreadable and difficult to decode for an unauthorized user and ensures confidentially of private data

Answer 7

Encryption

Question 8

The act of participating in a simulated attack that helps identify vulnerabilities in systems, networks, websites, applications and processes.

Answer 8

Penetration Testing

Question 9

SIEM

Answer 9

Security Information and Event Management

Question 10

An application that collects and analyses log data to monitor critical activities in an organization.

Answer 10

SIEM tool

Question 11

It reduces the amount of an analyst must review by providing alerts for specific threats, risks and vulnerabilities.

Answer 11

SIEM tool

Question 12

Provides a series of dashboards that visually organize data into categories, allowing users to select the data they wish to analyze.

Answer 12

SIEM tool

Question 13

A tool designed to capture and analyze data traffic in a network. It keeps a record of all data that a computer encounters.

Answer 13

Network protocol analyzer (packet sniffer)

Question 14

Manual that provides details about operational actions, like how to respond to a security incident.

Answer 14

Playbook

Question 15

The process of documenting evidence possession and control during an incident lifecycle. Document who, what, when and where of an incident.

Answer 15

Chain of Custody Playbook

Question 16

The process of properly working with fragile or volatile digital evidence by consulting the order of volatility

Answer 16

Protecting and preserving evidence playbook

Question 17

A sequence outlining the order of data that must be preserved from first to last

Answer 17

Order of Volatility

Question 18

First Domain of Security

Answer 18

Security and Risk Management

Question 19

An organization’s ability to manage its defense of critical assets and data, and react to change.

Answer 19

Posture

Question 20

Security Goals and Objectives
Risk Mitigation Processes
Compliance
Business Continuity Plans
Legal Regulations
Professional/organizational ethics

Answer 20

Elements of — Security and Risk Management

Question 21

Second Domain of Security

Answer 21

Asset Security

Question 22

Focuses on securing digital and physical assets and their storage, maintenance, retention and destruction of data.

Answer 22

Asset Security

Question 23

Third Domain of Security

Answer 23

Security Architecture and Engineering

Question 24

Focuses on managing data security by ensuring effective tools, systems, and processes are in place to help protect the organization’s assets and data.

Answer 24

Security architecture and engineering

Question 25

All individuals involved take an active role in lowering risk during the design of a security system.

Answer 25

Shared Responsibility

Question 26

Fourth Domain of Security

Answer 26

Communication and network security

Question 27

Focuses on managing and securing physical networks and wireless communications whether they are onsite, remote or cloud.

Answer 27

Communication and network security

Question 28

Fifth Domain of Security

Answer 28

Identity and access management

Question 29

Focuses on keeping data secure by ensuring identities are trusted and authenticated and that users follow established policies to control and manage digital assets and physical spaces and devices.

Answer 29

Identity and access management

Question 30

Sixth Domain of Security

Answer 30

Security Assessment and testing

Question 31

Focuses on conducting security control testing, collecting data and conducting audits to monitor risks, threats and vulnerabilities. May audit user permissions and ensure users have the correct level of access to information.

Answer 31

Security Assessment and Testing

Question 32

Internal users that are employed to find vulnerabilities that could be exploited by a threat actor

Answer 32

Penetration Testers

Question 33

Seventh Domain of Security

Answer 33

Security Operations

Question 34

Focuses on investigation of a potential data breach and the implementation of preventative measure after a security incident has occurred

Answer 34

Security Operations

Question 35

Training and awareness
Reporting and documentation
intrusion detection/prevention
SIEM tools
Log management
Incident management
Playbooks
Post breach forensics
Reflecting on lessons learned

Answer 35

Strategies of Security Operations

Question 36

Eighth Domain of Security

Answer 36

Software Development Security

Question 37

Focused on using secure programming practices and guidelines to create secure applications. Secure applications deliver reliable services and help protect organizations and their customers.

Answer 37

Software Development Security

Question 38

An item perceived as having value to an organization

Answer 38

Asset

Question 39

Personal information of customers, Computers, Office spaces, people

Answer 39

Assets

Question 40

Acceptance, Avoidance, Transference, Mitigation

Answer 40

Common Strategies used to manage risks

Question 41

Accepting a risk to avoid disrupting business continuity

Answer 41

Acceptance risk strategy

Question 42

Creating a plan to avoid the risk altogether

Answer 42

Avoidance risk strategy

Question 43

Transferring risk to a third party to manage

Answer 43

Transference risk strategy

Question 44

Lessening the impact of a known risk

Answer 44

Mitigation risk strategy

Question 45

Any circumstance or event that can negatively impact assets

Answer 45

Threat

Question 46

Anything that can impact the confidentiality, integrity or availability of an asset.

Answer 46

Risk

Question 47

A weakness that can be exploited by a threat. Must be monitored regularly to mitigate risk.

Answer 47

Vulnerability

Question 48

NIST

Answer 48

National Institute of Standards and Technology

Question 49

RMF

Answer 49

Risk Management Framework

Question 50

Prepare, categorize, select, implement, assess, authorize and monitor

Answer 50

Seven steps of the RMF

Question 51

The activities that are necessary to manage security and privacy risks before a breach occurs

Answer 51

Prepare

Question 52

Used to develop risk management processes and tasks by thinking about how confidentiality, integrity and availability of systems and information can be impacted by risk

Answer 52

Categorize

Question 53

Choose, customized and capture documentation of the controls that protect an organization

Answer 53

Select

Question 54

Having good plans in place to minimize the impact of ongoing security risks

Answer 54

Implement

Question 55

Determine if the established controls are implemented correctly.

Answer 55

Assess

Question 56

Being accountable for the security and privacy risks that may exist in an organization.

Answer 56

Authorize

Question 57

Being aware of how systems are operating.

Answer 57

Monitor

Question 58

A technique that manipulates artificial intelligence (AI) and machine learning technology to conduct attacks more efficiently.

Answer 58

Adversarial artificial intelligence

Question 59

the process of verifying who someone is

Answer 59

authentication

Question 60

The idea that data is accessible to those who are authorized to access it.

Answer 60

Availability

Question 61

A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage.

Answer 61

business email compromise (BEC)

Question 62

the process of ensuring assets stored in the cloud are properly configured and access to those assets are limited to authorized users

Answer 62

Cloud security

Question 63

The process of adhering to internal standards and external regulations

Answer 63

Compliance

Question 64

Malicious code written to interfere with computer operations and cause damage to data and software.

Answer 64

computer virus

Question 65

only authorized users can access specific assets or data

Answer 65

Confidentiality

Question 66

A model that helps inform how organizations consider risk when setting up systems and security policies.

Answer 66

Confidentiality, Integrity, Availability (CIA) triad

Question 67

An attack that affects secure forms of communication between a sender and intended recipient.

Answer 67

Cryptographic attack

Question 68

An organized collection of information or data

Answer 68

Database

Question 69

A specific piece of information

Answer 69

Data Point

Question 70

any person or group who uses computers to gain unauthorized access to data

Answer 70

hacker

Question 71

A person who uses hacking to achieve political goals

Answer 71

Hacktivist

Question 72

A US federal law established to protect patients’ health information

Answer 72

Health Insurance Portability and Accountability Act (HIPAA)

Question 73

The idea that data is correct, authentic and reliable

Answer 73

Integrity

Question 74

A current or former employee, external vendor or trusted partner who poses a security risk.

Answer 74

Internal threat

Question 75

A record of events that occur within an organization systems.

Answer 75

Log

Question 76

Software designed to harm devices or networks

Answer 76

Malware

Question 77

The practice of keeping an organization’s network infrastructure secure from unauthorized access

Answer 77

network security

Question 78

A nonprofit organization focused on improving software security.

Answer 78

Open Web Application Security Project (OWASP)

Question 79

Any information used to reveal an individual’s identity

Answer 79

Personally identifiable information (PII)

Question 80

The use of digital communication to trick people into revealing sensitive data or deploying malicious software.

Answer 80

Phishing

Question 81

A security incident that affects physical environments where an incident is deployed.

Answer 81

Physical attack

Question 82

An attack where a threat actor impersonates someone to obtain unauthorized access to a physical location.

Answer 82

Physical social engineering

Question 83

The act of safeguarding personal information from unauthorized use

Answer 83

privacy protection

Question 84

information that relates to the past, present or future physical or mental health or condition of an individual

Answer 84

Protected health information (PHI)

Question 85

Safeguards designed to reduce specific security risks

Answer 85

Security controls

Question 86

Guidelines for making appropriate decisions as a security professional

Answer 86

Security ethics

Question 87

Guidelines used for building plans to help mitigate risk and threats to data and privacy

Answer 87

Security Frameworks

Question 88

P ractices that help support, define and direct security efforts of an organization

Answer 88

Security governance

Question 89

A specific type of PII that falls under stricter handling guidelines

Answer 89

Sensitive personally identifiable information (SPII)

Question 90

A manipulation technique that exploits human error to gain private information, access or valuables

Answer 90

Social engineering

Question 91

A type of attack where a threat actor collects detailed information about their target on social media before initiating attacks

Answer 91

Social media phishing

Question 92

a malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source

Answer 92

Spear phishing

Question 93

A programming leagues used to create, interact with or request information from a database

Answer 93

SQL (Structured Query Language)

Question 94

An attack that targets systems, applications, hardware, or software to locate a vulnerability where malware can be deployed

Answer 94

Supply-chain attack

Question 95

Skills that require knowledge of specific tools, procedures and policies

Answer 95

Technical skills

Question 96

An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network.

Answer 96

USB Baiting

Question 97

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a know source

Answer 97

Vishing

Question 98

A type of attack when a threat actor compromises a website frequently visited by a specific group of users

Answer 98

Watering hole attack