Foundations of cybersecurity
Business email compromise (BEC) (phishing ex.)
An attack in which a threat actor impersonates a known source to obtain a financial advantage
Physical social engineering (social eng. ex.)
An attack in which a threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location
USB baiting (social eng. ex.)
An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and unknowingly infect a network
Security posture
An organization's ability to manage its defense of critical assets and data and react to change
Fill in the blank: Performing _____ enables security professionals to review an organization's security records, activities, and related documents.
security audits (official inspection)
Which proficiencies are transferable skills, likely to be applicable in almost any field? Select three answers.
written & verbal communication problem solving analysis
whaling (phishing ex.)
A form of spear phishing during which threat actors target executives in order to gain access to sensitive data
ransomware (malware ex.)
A malicious attack during which threat actors encrypt an organization's data and demand payment to restore access
spear phishing (phishing ex.)
A malicious email attack targeting a specific user or group of users that appears to originate from a trusted source
Virus (malware ex.)
A malware program that modifies other computer programs by inserting its own code to damage and/or destroy data
Social engineering
A manipulation technique that exploits human error to gain unauthorized access to sensitive, private, and/or valuable data
Malware
A software designed to harm devices or networks
Social media phishing (social eng. ex.)
An attack in which a threat actor collects detailed information about their target on social media sites before initiating an attack
Watering hole attack (social eng. ex.)
An attack in which a threat actor compromises a website frequently visited by a specific group of users
spyware (malware ex.)
Malicious software installed on a user's computer without their permission, which is used to spy on and steal user data
worm (malware ex.)
Malware that self-replicates, spreading across the network and infecting computers
What occurs during a security audit?
Review of an organization's security records, activities, and other related documents
vishing
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source
Network security
The practice of keeping an organization's network infrastructure secure from unauthorized
phishing
The use of digital communications to trick people into revealing sensitive data or deploying malicious software
smishing
The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.
physical attack
a security incident that affects not only digital but also physical environments where the incident is deployed. Some forms of physical attacks are: Malicious USB cable Malicious flash drive Card cloning and skimming Physical attacks fall under the asset security domain.
Security frameworks
are guidelines used for building plans to help mitigate risks and threats to data and privacy
Security controls
are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture
A security professional is asked to destroy and dispose of old hard drives that include confidential customer information. Which security domain is this task related to?
asset security
Fill in the blank: A computer virus is malicious _____ that interferes with computer operations and causes damage.
code
Fill in the blank: Cybersecurity is the practice of ensuring _____ by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
confidentiality, integrity, and availability of information
Fill in the blank: Cybersecurity aims to protect networks, devices, people, and data from _____ or unauthorized access.
criminal exploitation
Fill in the blank: _____ identify, analyze, and preserve criminal evidence within networks, computers, and electronic devices.
digital forensic investigators
Programming
is a process that can be used to create a specific set of instructions for a computer to execute tasks. These tasks can include: Automation of repetitive tasks (e.g., searching a list of malicious domains) Reviewing web traffic Alerting suspicious activity
Adversarial artificial intelligence
is a technique that manipulates artificial intelligence and machine learning technology to conduct attacks more efficiently. Adversarial artificial intelligence falls under both the communication and network security and the identity and access management domains.
Security posture
is an organization's ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization
Compliance
is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches
What is one way that the Morris worm helped shape the security industry?
it led to development of computer response teams
What are the primary responsibilities of an entry-level security analyst? Select three answers.
monitor systems search for weaknesses protect information
Which proficiencies are technical skills that are needed to become an entry-level security analyst? Select two answers.
programming data analysis
In what ways do security teams bring value to an organization? Select two answers
protection against external & internal threats achieving regulatory compliance
Your supervisor asks you to audit user permissions for payroll data to ensure no unauthorized employees have access to it. Which security domain is this audit related to?
security assessment and testing
You are asked to investigate an alert related to an unknown device that is connected to the company's internal network. After you complete your investigation, you follow company policies and procedures to implement preventative measures that will stop the potential threat posed by the device. Which security domain is this scenario related to?
security operations
