WK 4 Common Cybersecurity tools Flashcards

1
Q

SIEM tools

A

An application that collects and analyzes log data to monitor critical activities in an organisation.

SIEM tools reduce the amount of data an analyst must review by providing alerts for specific types of threats, risks, and vulnerabilities.

SIEM tools provide a series of dashboards that visually organise data into categories.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Logs

A

A log is a record of events that occur within an organisation’s systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Network protocol analyzers (packet sniffers)

A

A tool designed to capture and analyze data traffic in a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Playbooks

A

A playbook is a manual that provides details about any operational action, such as how to respond to a security incident.

Playbooks vary from one organisation to the next, but they all have a similar purpose: To guide analysts through a series of steps to complete specific security-related tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Chain of custody playbook

A

Chain of custody is the process of documenting evidence possession and control during an incident lifecycle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Protecting and preserving evidence playbook

A

Protecting and preserving evidence is the process of properly working with fragile and volatile digital evidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Programming

A

process that can be used to create a specific set of instructions for a computer to execute tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Programming

A

process that can be used to create a specific set of instructions for a computer to execute tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Automation

A

The use of technology to reduce human and manual effort in performing common and repetitive tasks.

Reduce the risk of human error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Structured Query Language (SQL)

A

SQL is used to create, interact with, and request information from a database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Database

A

A database is an organized collection of information or data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Data point

A

Specific piece of information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Operating system

A

An operating system is the interface between computer hardware and the user. Linux®, macOS®, and Windows are operating systems. They each offer different functionality and user experiences.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Linux

A

An Open-source operating system
Open source means that the code is available to the public and allows people to make contributions to improve the software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Command

A

An instruction telling the computer to do something

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Command-line

A

A command-line interface is a text-based user interface that uses commands to interact with the computer

16
Q

Web vulnerability

A

A unique flaw in a web application that a threat actor could exploit by using malicious code or behavior, to allow unauthorized access, data theft, and malware deployment.

17
Q

Antivirus software

A

Antivirus software is a software program used to prevent, detect, and eliminate malware and viruses. It is also called anti-malware. Depending on the type of antivirus software, it can scan the memory of a device to find patterns that indicate the presence of malware

18
Q

Intrusion detection system

A

An intrusion detection system (IDS) is an application that monitors system activity and alerts on possible intrusions. The system scans and analyzes network packets, which carry small amounts of data through a network. The small amount of data makes the detection process easier for an IDS to identify potential threats to sensitive data. Other occurrences an IDS might detect can include theft and unauthorized access.

19
Q

Encryption

A

Encryption makes data unreadable and difficult to decode for an unauthorized user; its main goal is to ensure confidentiality of private data. Encryption is the process of converting data from a readable format to a cryptographically encoded format.

20
Q

Cryptographic encoding

A

converting plaintext into secure ciphertext.

Plaintext is unencrypted information and secure ciphertext is the result of encryption.

Encoding and encryption serve different purposes. Encoding uses a public conversion algorithm to enable systems that use different data representations to share information.