is designed to securely generate, store, distribute, and rotate encryption keys. It can automatically rotate keys based on a defined schedule or policy
Key Management System (KMS)
is a small security chip built into a computer or server that helps protect sensitive information.
TPM (Trusted Platform Module)
tool that collects and analyzes data from multiple sources—like endpoints, networks, servers, and cloud systems—to detect and respond to threats faster.
Think of it like a central security command center that gathers information from all parts of your digital environment and helps spot attacks faster and respond automatically.
XDR (Extended Detection and Response)
A web application is vulnerable because users can enter SQL commands into a search box and access unauthorized data. What security practice would prevent this issue?
Input validation
will execute when a certain event occurs, such as a specific
date and time
Logic Bomb
replaces sensitive data (like credit card numbers or personal information) with a non-sensitive placeholder, that can still be used by systems for processing but has no exploitable value if stolen.
Tokenization
Web traffic over port ___ uses HTTPS (Hypertext Transfer Protocol Secure), which encrypts communication between clients and the web server using TLS/SSL.
443
is a physical device (something you have) that stores a digital certificate for authentication. When paired with a PIN (something you know) or a biometric (something you are), it enables multifactor authentication.
Smart card
A company connects its network to an external organization to share data. If that organization is compromised, attackers could use the connection to access the company’s network. What type of security risk does this represent?
Supply chain attack
is responsible for the accuracy, privacy, and security of
the data. Many organizations will hire data __ to ensure all data is
properly protected and maintained.
Custodian
A company’s HR department decides which employee information to collect and how it will be used for payroll and benefits. What role is the HR department fulfilling in data management?
Controller
systems that control and monitor industrial operations.
ICS
describes the process of automation, and is commonly
associated with large scale automation or automating processes between
different systems
Orchestration
is a networking approach that separates the control plane from the data plane.
Key points:
Control plane: Makes decisions about where traffic should go.
Data plane: Forwards traffic based on those decisions.
SDN (Software-Defined Networking)
involves reducing its attack surface by eliminating unneeded services, applications, and components. This minimizes the number of potential vulnerabilities that an attacker could exploit.
Hardening an operating system
During a cybersecurity incident, an analyst collects server log files after a denial-of-service attack. A month later, another analyst needs to verify that the logs have not been tampered with since they were collected. What technique should be used to confirm the integrity of the log files?
Data Hashing
In a Discretionary Access Control (DAC) environment, the __ of a file or directory has the ability to set and manage permissions and access rights for other users.
Owner
is a way to check if an SSL/TLS certificate has been revoked without making the client contact the certificate authority (CA) directly.
OCSP Stapling (Online Certificate Status Protocol Stapling)
modifies operating system files to become part of the core OS.
The kernel, user, and networking libraries in Windows are core operating
system files.
a thief who not only breaks into a house but also hides behind the walls, so you can’t see them, while secretly controlling things inside.
Rootkit
clearly defines who is responsible, accountable, consulted, and informed for specific tasks or controls.
Responsibility Matrix
is a protocol used to store and validate usernames and passwords within a centralized directory (like Microsoft Active Directory
LDAP
is a trusted service for certificate creation and management
CA
involves directly interacting with a target system to gather information — such as performing port scans, ping sweeps, or service enumeration.
It’s like knocking on doors and asking questions to learn about a building, rather than just looking from outside.
Active reconnaissance
Packet captures let an attacker capture valid requests, session tokens, or authentication messages and then resend those captured packets to the application to impersonate a legitimate user - This is a ___
Replay Attack
