What is physical security in IT?
Protecting physical devices and infrastructure from theft or damage.
Definition: Physical security includes locked server rooms, ID badges, cameras, and controlled access.
Boot Story: In an IT office, only authorized employees can access the server room using a keycard and badge system. Cameras monitor entries to prevent theft and tampering.
*
What are examples of physical security controls?
Locks, ID badges, security guards, cameras, and biometric access.
Definition: These measures prevent unauthorized access to restricted areas.
Boot Story: At a data center, employees swipe ID badges and scan fingerprints before entering server zones, ensuring sensitive hardware stays protected.
What is multifactor authentication (MFA)?
A security method requiring two or more forms of verification to access an account.
Definition: MFA combines something you know (password), something you have (phone), and something you are (fingerprint).
Boot Story: An employee logs into the company portal using a password, then confirms a push notification on their phone — blocking anyone without both factors.
What is the purpose of a strong password policy?
To protect accounts from unauthorized access and brute force attacks.
Definition: Strong passwords use a mix of letters, numbers, and symbols, and are changed regularly.
Boot Story: The IT team requires all employees to update passwords every 90 days and use passphrases, reducing the risk of credential leaks after a phishing incident.
What is encryption?
The process of converting readable data into a coded format to protect it.
Definition: Encryption ensures that only users with the decryption key can read the information.
Boot Story: A company laptop is stolen, but because the hard drive is encrypted, the thief cannot access the financial reports stored on it.
What is symmetric encryption?
Encryption that uses the same key for both encrypting and decrypting data.
Definition: Symmetric encryption is fast but less secure if the key is compromised.
Boot Story: A company encrypts archived payroll files with one key shared between HR and accounting. When the key is leaked, IT switches to asymmetric methods.
What is a VPN (Virtual Private Network)?
A secure tunnel between a user’s device and the internet or private network.
Definition: VPNs encrypt traffic, protecting data from interception.
Boot Story: A remote employee logs into the office network via VPN, safely accessing company files even while working from a coffee shop Wi-Fi.
What is asymmetric encryption?
Encryption that uses a public key to encrypt and a private key to decrypt data.
Definition: It’s more secure and widely used in emails and SSL/TLS connections.
Boot Story: A manager sends a confidential report using asymmetric encryption. The recipient’s private key ensures only they can unlock it.
What are the benefits of using a VPN?
Privacy, data encryption, and secure remote access.
Definition: VPNs shield sensitive information from hackers and eavesdroppers.
Boot Story: During a client call over public Wi-Fi, an IT consultant uses a VPN, ensuring that project details stay private despite the open network.
What is antimalware software?
Software that detects, prevents, and removes malicious software from systems.
Definition: Antimalware programs scan for threats like viruses, ransomware, and spyware.
Boot Story: After a user downloads a suspicious file, the company’s antimalware quarantines it immediately, preventing a ransomware infection from spreading across the network.
What is malware?
Malicious software designed to damage or gain unauthorized access to systems.
Definition: Common types include viruses, worms, spyware, and ransomware.
Boot Story: An employee clicks a fake invoice link, unknowingly installing malware that encrypts files. IT isolates the machine and restores data from backups.
What is a virus?
A program that attaches to legitimate files and spreads when those files are shared.
Definition: Viruses often require user interaction to activate.
Boot Story: A USB drive infected with a virus was plugged into multiple workstations, spreading the malicious code through shared company documents.
What is a worm?
A self-replicating program that spreads through networks without human interaction.
Definition: Worms exploit system vulnerabilities to infect multiple machines.
Boot Story: After a patch was delayed, a worm quickly infected every unprotected PC on the office network, overwhelming bandwidth until IT intervened.
What is ransomware?
Malware that encrypts files and demands payment to restore access.
Definition: It locks users out of their data until a ransom is paid, often in cryptocurrency.
Boot Story: The accounting department finds all files locked with a ransom note on screen. IT wipes infected systems and restores clean backups instead of paying the attackers.
What is spyware?
Software that secretly monitors user activity and steals personal or business information.
Definition: Spyware runs silently, gathering data without user consent.
Boot Story: An employee’s laptop slows down, and IT discovers spyware logging keystrokes and sending confidential data to an unknown IP.
What is adware?
Software that automatically displays or downloads unwanted advertisements.
Definition: Adware is often bundled with free programs and slows performance.
Boot Story: A user downloads a “free” photo editor, then starts seeing pop-up ads everywhere. IT removes the adware using a cleanup tool.
What is the first step in malware removal?
Isolating the infected system from the network.
Definition: Disconnecting prevents malware from spreading to other systems.
Boot Story: After detecting ransomware on one workstation, the IT technician unplugs it from the network before running cleanup tools, containing the outbreak.
What is the purpose of a system restore point?
To revert a computer’s settings and files to a previous stable state.
Definition: Restore points help recover from malware or faulty updates.
Boot Story: After a malware attack corrupts startup files, IT rolls back the system to a restore point created during last week’s maintenance, bringing it back online quickly.
Why are regular backups important in cybersecurity?
They allow recovery of data after loss, corruption, or ransomware attacks.
Definition: Backups provide copies of files stored safely offsite or in the cloud.
Boot Story: When a server crashed during a power surge, IT restored operations within hours thanks to scheduled nightly backups.
What is data wiping?
Securely erasing data so it cannot be recovered.
Definition: Data wiping overwrites existing information to prevent retrieval.
Boot Story: Before recycling old laptops, IT uses a data wiping tool to permanently erase hard drives, ensuring no customer data can be recovered later.
What is patch management?
Regularly updating software to fix vulnerabilities and improve security.
Definition: Patch management prevents known exploits from being used by attackers.
Boot Story: A recent security bulletin warned of a browser exploit, and IT immediately rolled out a patch to all systems before attackers could take advantage.
What is non-repudiation?
Ensuring that actions or transactions cannot be denied later.
Definition: Non-repudiation provides proof of identity and integrity for data exchanges.
Boot Story: In an e-signature platform, each signature is timestamped and verified, so users can’t deny approving a contract later.
What is authentication?
The process of verifying a user’s identity before granting access.
Definition: Authentication confirms that users are who they claim to be.
Boot Story: Before accessing payroll systems, employees enter their credentials and verify through a secure code on their phones to confirm identity.
What is authorization?
Granting a user specific permissions after authentication.
Definition: Authorization determines what actions or data a user can access.
Boot Story: After logging in, a manager can view all team schedules, but regular staff can only see their own — that’s authorization control in action.
-
PCEP Module 1: Introduction to Programming With Python61
-
Chapter 1: Drivers License3
-
PCEP Module 2: Introduction to Python and Computer Programming20
-
Understanding Core Hardware Components78
-
Beyond The Computer23
-
Computing and IoT Devices23
-
Introduction to Operating System Fundamentals21
-
Software Application Types22
-
Software Development Foundations26
-
Data and Database Concepts23
-
Introduction to Networking Concepts29
-
Cloud Computing and A.I16
-
Data and Network Security Threats22
-
Limiting Vulnerabilities25
-
Protecting the Business and their Assets16
-
Commands13
-
brush up17
-
Revisiting Hardware Components39
-
Further Understanding of Hardware18
