1
Q
Technical controls
A
Controls implemented using systems
Operating system controls
Firewalls, anti-virus
2
Q
Management controls
A
Administrative controls associated with security design and implementation
Security policies, standard operating procedures
3
Q
Influence campaign
A
A significant initiative launched by entities like nation-states to sway public opinion on specific topics, often utilizing various techniques including disinformation.
4
Q
Digital espionage
A
The use of cyber tools and techniques to secretly access, steal, or monitor sensitive information from computers or networks.
5
Q
Soft power
A
The ability of a country or organization to influence others through culture, values, diplomacy, or attraction rather than force or coercion.
6
Q
reflected DDoS attack
A
A type of cyberattack where the attacker sends requests to a third-party server that then unwittingly sends large responses to the victim, overwhelming their network.
7
Q
SQL injection
A
A cyberattack that inserts malicious SQL code into a website’s input fields to manipulate or access a database without authorization.
8
Q
amplified DDoS attack
A
A cyberattack that increases the volume of traffic sent to a victim by exploiting vulnerable servers, making a small request generate a much larger response to overwhelm the target.
9
Q
Netflow
A
A network monitoring and analysis tool that provides visibility into network traffic, allowing administrators to understand and analyze the flow of data across the network.
10
Q
key escrow
A
A security method where encryption keys are stored by a trusted third party, allowing authorized access to encrypted data if needed.
11
Q
key exchange
A
A process in cryptography where two parties securely share encryption keys to enable confidential communication.
12
Q
Public key infrastructure (PKI)
A
A system that manages digital certificates and public-private key pairs to secure communication, verify identities, and enable encryption.
13
Q
Key generation
A
The process of creating cryptographic keys used for encrypting, decrypting, or signing data in secure communications.
14
Q
Ticket creation
A
The automatic generation of a support or service request in a tracking system when a specific event or issue occurs, streamlining workflow and incident management.
15
Q
Cryptographic collision
A
When two different inputs produce the same output (hash) in a cryptographic function, potentially compromising data integrity.
16
Q
Time memory trade-off
A
A technique in computing or cryptography where increased memory usage reduces processing time, or vice versa, to optimize performance.
17
Q
Brute force attack
A
A method of breaking passwords or encryption by systematically trying every possible combination until the correct one is found.
18
Q
Hash extension attack
A
A cryptographic attack where an attacker uses a known hash to append data and create a valid hash for the extended message without knowing the original input.
19
Q
WEP (Wired Equivalent Privacy)
A
An outdated Wi-Fi security protocol designed to protect wireless networks, now considered insecure due to vulnerabilities in its encryption.
20
Q
TKIP (Temporal Key Integrity Protocol)
A
A Wi-Fi security protocol designed to improve WEP by dynamically changing encryption keys, though now considered less secure than modern standards like WPA2.
21
Q
WPA (Wi-Fi Protected Access)
A
A Wi-Fi security protocol that improves upon WEP by using stronger encryption and authentication methods to protect wireless networks.
22
Q
AES (Advanced Encryption Standard)
A
A widely used symmetric encryption algorithm that secures data with fast, strong, and reliable encryption.
23
Q
Sanitization
A
The process of removing or cleaning sensitive data from a system or document to prevent unauthorized access or disclosure.
24
Q
Enumeration
A
In cybersecurity, the process of actively gathering detailed information about a system, network, or user accounts to identify potential attack points.
25
Data Processor
An entity or system that collects, stores, or processes personal or sensitive data on behalf of a data controller.
26
Data Controller
The person or organization that determines the purposes and methods for collecting and managing personal data.
27
Data Custodian
The individual or team responsible for the safe storage, maintenance, and protection of data on behalf of the data controller.
28
Data Owner
The person or entity with ultimate authority over specific data, responsible for its classification, access permissions, and overall protection.
29
Role-Based Access Control (RBAC)
A security method that grants system access based on a user’s role, ensuring users can only perform actions relevant to their responsibilities.
30
Discretionary Access Control (DAC)
A security model where the data owner decides who can access or modify their resources, giving users control over permissions.
31
ABAC (Attribute-Based Access Control)
A security model that grants access based on user, resource, and environment attributes rather than fixed roles, allowing fine-grained control.
32
Rule-Based Access Control (RBAC)
A security model that grants or denies access based on a set of predefined rules, such as time of day, location, or system conditions.
33
Cloning
The process of creating an exact copy of a system, device, or data, often used in computing for backup, testing, or unauthorized replication.
34
Pretexting
A social engineering technique where an attacker invents a false scenario to trick someone into revealing confidential information.
35
Whaling
A type of phishing attack that targets high-profile individuals, like executives, to steal sensitive information or gain access to critical systems.
36
Memory leaks
A software issue where a program fails to release unused memory, causing reduced performance or system crashes over time.
37
Time-of-use (TOU)
Arises when there's an opportunity for an attacker to manipulate a resource after its creation but before its use by an application.
38
Race conditions
A software flaw that occurs when the outcome of a process depends on the timing or sequence of events, potentially causing unexpected behavior or security vulnerabilities.
39
Memory injection
A cyberattack technique where malicious code is inserted directly into a program’s memory to manipulate its behavior or gain unauthorized access.
40
Ease of Recovery
A measure of how quickly and effectively data, systems, or operations can be restored after a failure, attack, or disaster.
41
Ease of Deployment
A measure of how quickly and efficiently a system, software, or solution can be installed, configured, and made operational.
42
User Behavior Analytics (UBA)
The process of monitoring and analyzing user activities to detect unusual patterns that may indicate security threats or insider attacks.
43
AML/KYC Regulations
Legal requirements for financial institutions to prevent money laundering and fraud by verifying customer identities (KYC) and monitoring suspicious transactions (AML).
44
Risk transference
A risk management strategy where the responsibility or impact of a risk is shifted to another party, often through insurance or outsourcing.
45
NGFW (Next-Generation Firewall)
An advanced firewall that combines traditional network filtering with features like intrusion prevention, application awareness, and threat intelligence.
46
Stateful firewall
A network security device that monitors the state of active connections and makes filtering decisions based on the context of traffic, not just individual packets.
47
Proxy firewall
A firewall that acts as an intermediary between users and the internet, filtering requests and hiding internal network details to enhance security.
48
Packet-filtering firewall
A firewall that inspects individual data packets and allows or blocks them based on predefined rules like IP addresses, ports, or protocols.
49
Pharming
A cyberattack that redirects users from legitimate websites to fraudulent ones to steal sensitive information, often by corrupting DNS settings.
50
Least Privilege
A security principle that gives users or systems only the minimum access necessary to perform their tasks, reducing the risk of misuse or breaches.
51
Intrusion Detection System (IDS)
A security tool that monitors network or system activity for suspicious behavior or policy violations and alerts administrators.
52
Network Segmentation
The practice of dividing a network into separate zones or segments to improve security, performance, and containment of potential threats.
53
Host-Based Firewall
A firewall installed on an individual device that monitors and controls incoming and outgoing network traffic for that specific host.
54
Data Loss Prevention (DLP)
A set of tools and strategies designed to detect, prevent, and protect sensitive data from unauthorized access, leakage, or loss.
55
SPF (Sender Policy Framework)
An email authentication protocol that verifies whether incoming messages come from authorized servers to prevent email spoofing.
56
DKIM (DomainKeys Identified Mail)
An email authentication method that uses digital signatures to verify that a message was sent and authorized by the domain owner.
57
MTA (Mail Transfer Agent)
A server or software that routes and delivers email messages between senders and recipients across networks.
58
DMARC (Domain-based Message Authentication, Reporting & Conformance)
An email security protocol that uses SPF and DKIM to verify messages and provides instructions on how to handle unauthenticated emails.
59
Likelihood
The probability that a specific event, threat, or risk will occur within a given timeframe.
60
Probability
A numerical measure of how likely it is that a specific event or outcome will occur.
61
Exposure Factor (EF)
The percentage of asset value that is lost if a specific threat successfully exploits a vulnerability.
62
Exceptions
Authorized deviations from standard security policies where certain vulnerabilities are temporarily accepted, often with risk mitigation or compensating controls in place.
63
Exemptions
Officially approved cases where certain systems, applications, or devices are excluded from standard vulnerability management requirements, usually due to operational constraints or compatibility issues.
64
SMTP (Simple Mail Transfer Protocol)
A protocol used to send and relay email messages between servers over the Internet.
65
Hashing
The process of converting data into a fixed-size string (hash) using a mathematical function, typically for integrity verification or secure storage.
66
Salting
The practice of adding random data to passwords before hashing to make them more resistant to attacks like rainbow table lookups.
67
Digital Signatures
Cryptographic mechanisms that verify the authenticity and integrity of digital messages or documents, ensuring they come from the claimed sender.
68
Key Stretching
a method used that repeatedly hashing the password to make it more random and longer than it originally appeared.
69
Session hijacking
A cyberattack where an attacker takes over a user’s active session to gain unauthorized access to systems or data.
70
Privilege escalation
A cyberattack where a user or program gains higher access rights than intended, allowing unauthorized actions or control over a system.
71
Certificate Authority (CA)
A trusted organization that issues digital certificates to verify the identity of entities and enable secure encrypted communications.
72
Blockchain
A decentralized, distributed ledger that records transactions securely and transparently across multiple computers, making data tamper-resistant.
73
Federation
A system where multiple organizations or domains share authentication and identity information, allowing users to access resources across them without separate logins.
74
EAP (Extensible Authentication Protocol)
A flexible framework for network authentication that supports multiple methods, such as passwords, certificates, or tokens.
75
SD-WAN (Software-Defined Wide Area Network)
A network technology that uses software to intelligently manage and optimize wide-area network connections, improving performance, security, and flexibility.
76
IPSec (Internet Protocol Security)
A suite of protocols that encrypts and authenticates IP packets to secure communications over networks, often used in VPNs.
77
ICMP (Internet Control Message Protocol)
A network protocol used to send error messages and operational information, such as “ping” requests, between devices on IP networks.
78
False Positive
An alert or detection that incorrectly signals the presence of a threat or issue when none actually exists.
79
MFA (Multi-Factor Authentication)
A security method requiring users to provide two or more verification factors—such as a password, token, or biometric—to access a system.
80
Due Diligence
The process of thoroughly investigating and evaluating a business, system, or individual to identify risks and ensure informed decision-making.
81
Service-Level Agreement (SLA)
A formal contract that defines the expected performance, responsibilities, and quality of service between a provider and a customer.
82
Mandatory access control (MAC)
A security model where access to resources is strictly controlled by the system based on security labels, and users cannot change permissions.
83
Layer 7
deals with end-user services, and appliances at this layer can make filtering decisions based on specifics like URLs, HTTP headers, and specific application functions.
84
Layer 6
This layer is responsible for data formatting and translation. It ensures that the data sent by the Application Layer of one system is readable by the Application Layer of another.
85
Layer 5
This layer is responsible for establishing, managing, and terminating the sessions or connections between applications. It controls the "dialogue" or communication between two systems, making sure that it's coordinated and synchronized.
86
Layer 4
Ensures end-to-end data delivery, handling segmentation, sequencing, and error checking.
87
Layer 3
Handles logical addressing and routing of data packets across networks.
88
Layer 2
Manages physical addressing (MAC addresses) and provides error-free data transmission between nodes.
89
Layer 1
The lowest layer, dealing with the physical transmission of raw data bits over a medium (e.g., cables, wireless signals)
90
White hat
an ethical cybersecurity professional who uses their hacking skills to find and fix security vulnerabilities in a system or network.
91
Acceptable Use Policy (AUP)
a document that outlines a set of rules and guidelines for the proper use of a computer network, system, or internet service.
92
Wi-Fi Protected Access 3 (WPA3)
The latest security standard for wireless networks. It provides stronger encryption and better protection against password-guessing attacks.
93
Extensible Authentication Protocol (EAP)
A framework for authentication often used in wireless networks and point-to-point connections. It provides a way for a client and an authentication server to negotiate a specific authentication method, such as a username and password, digital certificates, or tokens.
94
Remote Authentication Dial-In User Service (RADIUS)
Remote Authentication Dial-In User Service (RADIUS)
A networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users connecting to a network. It verifies a user's identity, controls their access to resources, and tracks their activity.
95
Lightweight Directory Access Protocol (LDAP)
A networking protocol for accessing and managing directory services over an IP network. It's used to store, organize, and provide access to information like user accounts, passwords, and computer details in a centralized database.
96
Fail-closed
A security posture or state in which a system or component, when it fails, denies all access until it is manually reset or fixed.
97
Fail-open
A security posture where a system or component, when it fails, allows all access to continue.
98
Mean Time Between Failures (MTBF)
A reliability metric that represents the average time a device or system is expected to operate without failure. A higher MTBF value indicates a more reliable product.
99
Recovery Time Objective (RTO)
The maximum amount of time that a business process or system can be down after a disaster or failure before the downtime causes unacceptable damage. It measures how quickly you must restore operations.
100
Recovery Point Objective (RPO)
The maximum amount of data an organization is willing to lose after a disaster. It is a time-based metric that determines how much data loss is acceptable, typically measured from the point of failure back in time.
101
Simple Network Management Protocol (SNMP)
A networking protocol used to manage and monitor devices on an IP network, such as routers, servers, and printers. It allows administrators to collect data about device performance, track network usage, and receive alerts about issues.
102
Virtual Local Area Network (VLAN)
A VLAN is a way to logically segment a network into smaller broadcast domains, even if the devices are physically connected to the same switch. This improves performance and security by preventing traffic from one VLAN from being seen by devices on another.
103
Single Loss Expectancy (SLE)
The monetary value of a single loss event from a specific threat.
104
Annual Rate of Occurrence (ARO)
The ARO is an estimate of how many times a specific threat or security event is expected to happen in a single year. It's a key metric in quantitative risk analysis. An ARO of 1 means the event is expected to occur once per year, while an ARO of 0.5 means it's expected to occur once every two years.
105
Annual Loss Expectancy (ALE)
The ALE is the estimated total financial loss from a specific threat in one year. It is a key metric in quantitative risk assessment and is calculated by multiplying the Single Loss Expectancy (SLE) by the Annual Rate of Occurrence (ARO).
106
Statement of Work (SOW)
A formal document that outlines the scope of a project, including all deliverables, timelines, and agreed-upon tasks and activities.
107
Memorandum of Agreement (MOA)
A formal document that outlines the terms of a cooperative agreement between two or more parties. An MOA is often legally binding and specifies the roles, responsibilities, and financial obligations of each party to ensure a clear and mutual understanding of a shared objective.
108
Master Service Agreement (MSA)
A foundational contract between two parties that establishes the general terms for an ongoing business relationship. It acts as a framework, saving time and legal costs by avoiding the need to renegotiate standard clauses (like payment and liability) for every new project.
109
Certificate Signing Request (CSR)
CSR is a file containing a server's public key and other information, which is sent to a Certificate Authority to request a digital SSL/TLS certificate.
110
Wildcard certificate
A type of SSL/TLS certificate that secures a domain and an unlimited number of its subdomains with a single certificate.
111
Self-signed certificate
a digital certificate that is signed by the same entity that it identifies, rather than by a trusted Certificate Authority (CA).
112
Third-party certificate
recognized and trusted by web browsers and operating systems, which allows for secure and authenticated communication without security warnings.
113
Version control
It allows you to revert files to a previous state, compare different versions, and see who made specific changes.
114
Continuous integration
a software development practice where developers merge their code changes into a central repository frequently and automatically.
115
Block cipher
an encryption algorithm that processes data in fixed-size blocks (e.g., 128 bits) rather than one bit at a time. It uses a symmetric key to transform a plaintext block into a ciphertext block of the same size.
116
Stream cipher
an encryption algorithm that processes data one bit or byte at a time.
117
Control Plane
Its primary job is to build and manage the routing tables and forwarding information that tell the device where to send network traffic.
118
Unified Threat Management (UTM)
It combines multiple security features, such as a firewall, antivirus, intrusion prevention systems (IPS), and content filtering, to simplify management and protect a network from various threats.
119
Intrusion Prevention System (IPS)
a network security device that actively monitors and analyzes network traffic for malicious activity. When it detects a threat, it automatically takes action to block it.
120
Snapshots
a read-only copy of a file system, virtual machine, or other data at a specific point in time. It is not a full backup but rather a "point-in-time" image that records the state of the data.
121
Differential backups
A backup method that saves all data that has changed since the last full backup
122
Incremental backups
a backup method that saves only the data that has changed since the last backup of any type (full or incremental).
123
Full backups
he most basic backup method, saving an entire copy of all data, regardless of whether it has changed since the last backup.
124
Data masking
used to obscure or obfuscate sensitive data, making it unreadable or unusable to unauthorized users, while still maintaining its realistic structure.
125
Tokenization
Tokenization is the process of substituting a sensitive data element with a non-sensitive equivalent, referred to as a token. The token and the data it substitutes are stored in a secure database. If the original data is needed, it can be accessed using the token and querying the database.
126
Steganography
hiding the existence of a message, file, or other data within another, seemingly harmless file.
127
Proxy server
acts as a gateway or intermediary between a user's computer and the internet. Instead of connecting directly to a website, a user sends their request to the proxy server, which then forwards the request to the website.
128
Jump server
a hardened and tightly controlled computer on a network that serves as an intermediary to access other devices in a separate security zone, such as a private server or a restricted network.
129
Side loading
Installing an application onto a mobile device from an unofficial or alternative source rather than through a recognized app store.
130
Ad hoc risk assessment
performed as necessary, often triggered by specific events or detected threats, providing flexibility in the risk management process.
Security +
flashcards
Decks in class (3)
# Cards
