Key Words for Cyber Security

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Spear phishing

A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source

Security Assessment and testing domain

A security professional is auditing user permissions at their organization in order to ensure employees have the correct access levels. Which domain does this scenario describe?

Adversarial artificial intelligence (AI)Adversarial artificial intelligence (AI)

A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently

Watering hole attack

A type of attack when a threat actor compromises a website frequently visited by a specific group of users

Social media phishing

A type of attack where a threat actor collects detailed information about their target on social media sites before initiating the attack

USB baiting

An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network

Cryptographic attack

An attack that affects secure forms of communication between a sender and intended recipient

Supply-chain attack:

An attack that targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed

Hacktivists

Hacktivists are threat actors that are driven by a political agenda. They abuse digital technology to accomplish their goals, which may include: Demonstrations Propaganda Social change campaigns Fame

Insider threats

Insider threats abuse their authorized access to obtain data that may harm an organization. Their intentions and motivations can include: Sabotage Corruption Espionage Unauthorized data access or leaks

Computer virus:

Malicious code written to interfere with computer operations and cause damage to data and software

internal security audit is communication.

Once the internal security audit is complete, results and recommendations need to be communicated to stakeholders. In general, this type of communication summarizes the scope and goals of the audit. Then, it lists existing risks and notes how quickly those risks need to be addressed. Additionally, it identifies compliance regulations the organization needs to adhere to and provides recommendations for improving the organization's security posture.

Malware

Software designed to harm devices or networks

NIST Cybersecurity Framework, or CSF.

The CSF is a voluntary framework that consists of standards, guidelines, and best practices to manage cybersecurity risk

Phishing:

The use of digital communications to trick people into revealing sensitive data or deploying malicious software

common elements of internal audits.

These include establishing the scope and goals of the audit, conducting a risk assessment of the organization's assets, completing a controls assessment, assessing compliance, and communicating results to stakeholders.

Morris Worm

What historical event used a malware attachment to steal user information and passwords?

Social Engineering

a manipulation technique that exploits human error to gain private information, access, or valuables.

NIST special publication, or SP 800-53.

a unified framework for protecting the security of information systems within the federal government, including the systems provided by private companies for federal government use.

cryptographic attack

affects secure forms of communication between a sender and intended recipient. Some forms of cryptographic attacks are: Birthday Collision Downgrade

password attack

an attempt to access password-secured devices, systems, networks, or data.

Goals

are an outline of the organization's security objectives, or what they want to achieve in order to improve their security posture.

Security frameworks

are guidelines used for building plans to help mitigate risks and threats to data and privacy, such as social engineering attacks and ransomware.

Technical controls

are hardware and software solutions used to protect assets, such as the use of intrusion detection systems, or IDS's, and encryption.

compliance regulations

are laws that organizations must follow to ensure private data remains secure

Administrative controls

are related to the human component of cybersecurity. They include policies and procedures that define how an organization manages data, such as the implementation of password policies.

Security controls

are safeguards designed to reduce specific security risks.

frameworks

are used to create plans to address security risks, threats, and vulnerabilities,

Controls

are used to reduce specific risks

controls assessment involves

closely reviewing an organization's existing assets, then evaluating potential risks to those assets, to ensure internal controls and processes are effective. To do this, entry-level analysts might be tasked with classifying controls into the following categories: administrative controls, technical controls, and physical controls.

CIA triad is

essential for establishing an organization's security posture. Knowing what it is and how it's applied can help you better understand how security teams work to protect organizations and the people they serve.

Authorization

fers to the concept of granting access to specific resources within a system

The CSF consists of five important core functions,

identify, protect, detect, respond, and recover,

NIST CSF focuses on five core function

identify, protect, detect, respond, and recover. These core functions help organizations manage cybersecurity risks

A security audit

is a review of an organization's security controls, policies, and procedures against a set of expectations.

physical attack

is a security incident that affects not only digital but also physical environments where the incident is deployed.

Adversarial artificial intelligence

is a technique that manipulates artificial intelligence and machine learning technology to conduct attacks more efficiently.

hacker

is any person who uses computers to gain access to computer systems, networks, or data.

Vishing

is the exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source

Authentication

is the process of verifying who someone or something is. A real-world example of authentication is logging into a website with your username and password.

Encryption

is the process of converting data from a readable format to an encoded format.

Physical controls

refer to measures put in place to prevent physical access to protected assets, such as surveillance cameras and locks.

Scope

requires organizations to identify people, assets, policies, procedures, and technologies that might impact an organization's security posture

Examples of security domains include

security and risk management and security architecture and engineering.

The morris worm

spread globally within a couple of months due to users inserting a disk into their computers that was meant to track illegal copies of medical software. 0 / 1 point

supply-chain attack

targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed.

. Defense in depth means

that an organization should have multiple security controls that address risks and threats in different ways.

Biometrics

the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting

Web Application Security Project, or OWASP,

to minimize the attack surface area. An attack surface refers to all the potential vulnerabilities that a threat actor could exploit, like attack vectors, which are pathways attackers use to penetrate security defenses

Keep security simple

when implementing security controls, unnecessarily complicated solutions should be avoided because they can become unmanageable.

detect

which means identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detections.

separation of duties,

which can be used to prevent individuals from carrying out fraudulent or illegal activities.

security operations domain

which is focused on conducting investigations and implementing preventative measures. In this scenario, following company policies and procedures to stop the potential threat is an example of taking preventative measures.

risk assessment,

which is focused on identifying potential threats, risks, and vulnerabilities.

identify

which is related to the management of cybersecurity risk and its effect on an organization's people and assets

recover,

which is the process of returning affected systems back to normal operation.

protect

which is the strategy used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats.

respond

which means making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process.

Security assessment and testing

which often involves regular audits of user permissions to make sure employees and teams have the correct level of access.


Set pelajaran terkait

PN Pediatric Dehydration Case Study Test

View Set

Python Summary Test 2 (Chapter 4-5)

View Set

Jonathan Edwards's "Sinners in the Hands of an Angry God"

View Set

Chapter 6 - Taxable Income from Business Operations

View Set

PrepU: Chapter 27 - Fundamentals

View Set

Imperialism in Africa, Imperialism in Asia, Unit 4: Imperialism

View Set

Ms Maren's Math words Quarter 1, 2021-22

View Set