WK 4 Common Cybersecurity tools Flashcards
SIEM tools
An application that collects and analyzes log data to monitor critical activities in an organisation.
SIEM tools reduce the amount of data an analyst must review by providing alerts for specific types of threats, risks, and vulnerabilities.
SIEM tools provide a series of dashboards that visually organise data into categories.
Logs
A log is a record of events that occur within an organisation’s systems
Network protocol analyzers (packet sniffers)
A tool designed to capture and analyze data traffic in a network.
Playbooks
A playbook is a manual that provides details about any operational action, such as how to respond to a security incident.
Playbooks vary from one organisation to the next, but they all have a similar purpose: To guide analysts through a series of steps to complete specific security-related tasks
Chain of custody playbook
Chain of custody is the process of documenting evidence possession and control during an incident lifecycle
Protecting and preserving evidence playbook
Protecting and preserving evidence is the process of properly working with fragile and volatile digital evidence
Programming
process that can be used to create a specific set of instructions for a computer to execute tasks
Programming
process that can be used to create a specific set of instructions for a computer to execute tasks
Automation
The use of technology to reduce human and manual effort in performing common and repetitive tasks.
Reduce the risk of human error
Structured Query Language (SQL)
SQL is used to create, interact with, and request information from a database.
Database
A database is an organized collection of information or data.
Data point
Specific piece of information.
Operating system
An operating system is the interface between computer hardware and the user. Linux®, macOS®, and Windows are operating systems. They each offer different functionality and user experiences.
Linux
An Open-source operating system
Open source means that the code is available to the public and allows people to make contributions to improve the software
Command
An instruction telling the computer to do something