Google Cyber Security Certificate
CyberSecurity
(Also known as security) is the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
Health Insurance Portability and Accountability Act (HIPAA)
A U.S. Federal Law established to protect patient's health information
Chronicle
A cloud native SIEM tool that stores security data for search and analysis.
Whaling
A form of spear phishing that attempts to target high-ievei executives. When successful. attackers gain confidential company information that they might not be able to get anywhere else.
C.I.A. Triad
A foundational model that helps inform how organizations consider risk when setting up systems and security policies
Watering Hole Attack
A malicious attack that is directed toward a small group of specific individuals who visit the same website.
Ransomware
A malicious attack where threat actors encrypt an organization's data and demand payment to restore access.
Spear Phishing
A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source
Social Engineering
A manipulation technique that exploits human error to gain private information, access, or valuables
Playbook
A manual that provides details about any operational action. Clarifies what tools should be used in response to security event.
Open Web Application Security Project (OWASP)
A non-profit organization focused on improving software security
Programming
A process that can be used to create a specific set of instructions for a computer to execute tasks. Including: Automation of tasks, Reviewing web traffic, and altering suspicious activity
Structured Query Language (SQL)
A programming language used to create, interact with, and request information from a database
Log
A record of events that occur within an organization's systems
Physical Attack
A security incident that affects not only digital but also physical environments where the incident is deployed
Order of Volatility
A sequence outlining the order of data that must be preserved from first to last
Antivirus Software
A software program used to prevent, detect, and eliminate malware and viruses
Data Point
A specific piece of information
Sensitive personally identifiable information (SPII)
A specific type of PII that falls under stricter handling guidelines, such as Social Security Numbers, Medical or Financial Information and Biometric Data.
Adversarial artificial intelligence (AI)
A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently
Command-Line
A text-based user interface that uses commands to interact with the computer.
Social Media Phishing
A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.
Physical Social Engineering
A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.
Business Email Compromise (BEC)
A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.
USB Baiting
A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network.
Network protocol analyzer (packet sniffer)
A tool designed to capture and analyze data traffic within a network
Security Architecture
A type of security design composed of multiple components, such as tools and processes, that are used to protect an organization from risks and external threats
NIST Cybersecurity Framework (NIST CSF)
A voluntary framework that consist of standards guidelines and best practices to manage cybersecurity risks.
shared responsibility
All individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security
Security Information and Event Management (SIEM)
An application that collects and analyzes log data to monitor critical activities in an organization
Intrusion Detection System (IDS)
An application that monitors system activity and alerts on possible intrusions
Cryptographic Attack
An attack that affects and tries to exploit secure forms of communication in use between a sender and intended recipient.
Supply Chain Attack
An attack that targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed
Password Attack
An attempt to access password-secured, devices, systems, networks, or data
Command
An instruction telling the computer to do something
Asset
An item that is perceived as having value to the organization.
Linux
An open source operating system.
Business Continuity
An organization's ability to maintain their everyday productivity by establishing risk disaster recovery plans
Security Posture
An organization's ability to manage its defense of critical assets and data and react to change
Database
An organized collection of information or data
Threat
Any circumstance or event that can negatively impact assets
Personally Identifiable Information (PII)
Any information used to infer an individual's identity
Hacker
Any person who uses computers to gain access to computer systems, networks, or data
Security Operations
Conducting investigations and implementing preventative measures
Security Assessment and Testing
Conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats, and vulnerabilities
Availability
Data is obtainable regardless of how information is stored, accessed, or protected. Accessible to this who are authorized to access it.
Security and Risk Management
Defines security goals and objectives, risk mitigation, compliance, business continuity, and the law
Security Ethics
Guidelines for making appropriate decisions as a security professional
Security Frameworks
Guidelines used for building plans to help mitigate risk and threats to data and privacy.
1st Core Component of Frameworks
Identifying and documenting security goals
3rd Core Component of Frameworks
Implementing Strong Security Processes
Protected Health Information (PHI)
Information that relates to the past, present, or future physical or mental health or condition of an individual
Identity and Access Management (IAM)
Keeps data secure, by ensuring users follow established policies to control and manage physical assets, like office spaces, and logical assets, such as networks and applications
Computer Virus
Malicious code written to interfere with computer operations and cause damage to data and software, need to be initiated by the user.
Spyware
Malware that secretly gathers information about the user without their consent
Communication and Network Security
Manage and secure physical networks and wireless communications
4th Core Component of Frameworks
Monitoring and Communicating results
Splunk
One of the market-leading "big data" information gathering and analysis tools.
Confidentiality
Only authorized users can access specific assets or data
Security Architecture and Engineering
Optimizes data security by ensuring effective tools, systems, and processes are in place
Security Governance
Practices that help support, define, and direct security efforts of an organization
Purpose of Frameworks
Protecting PII, Securing Financial Information, Identifying security Weaknesses, Managing organizational Risks, Aligning Security with Business Goals
Security Controls
Safeguards or countermeasures to avoid, counteract, or minimize security risks.
Asset Security
Secures digital and physical assets. It's also related to the storage, maintenance, retention, and destruction of data
SEIM Tools
Security Information and Event Management Tools
CISSP (Certified Information Systems Security Professional) Eight Security Domains
Security and Risk Management, Asset Security, Security Architecture and Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security
2nd Core Component of Frameworks
Setting guidelines to achieve security goals
Transferable Skills
Skills from other areas that can apply to different careers
Technical Skills
Skills that require knowledge of specific tools, procedures, and policies
Penetration Testing
The act of participating in simulated attack that help identify vulnerabilities in systems, networks, websites, applications, and processes.
Privacy Protection
The act of safeguarding personal information from unauthorized use
Identity Theft
The act of stealing personal information to commit fraud while impersonating a victim
Authorization
The concept of granting access to specific resources in a system
Integrity
The data is correct, authentic, and reliable. The ensure integrity , can use encryption to make sure data isn't messed
Vishing
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source
Operating System
The interface between computer hardware and the User
Network Security
The practice of keeping an organization's network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organizations network.
Encryption
The process converting data from a readable format to a cryptographically encoded format
Compliance
The process of adhering to internal standards and external regulations.
Chain Of Custody Playbook
The process of documenting evidence possession and control during an incident lifecycle
Cloud Security
The process of ensuring that assets stored in the cloud are properly configured and access to those assets is limited to authorized users
Risk Mitigation
The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach
Protecting and Preserving Evidence Playbook
The process of properly working with fragile and volatile digital evidence
Authentication
The process of verifying who someone is
Secure Ciphertext
The result of encryption
Phishing
The use of digital communications to trick people into revealing sensitive data or deploying malicious software. Types Include: Business email compromise (BEC) , Spear Phishing, Whaling, Vishing, Smishing
Automation
The use of technology to reduce human and manual effort in performing common and repetitive tasks. Automation also helps reduce the risk of human error.
Smishing
The use of text messages to trick users, in order to obtain sensitive information or impersonate a known source.
Python
Used to perform tasks that are repetitive and time-consuming, and that require a high level of detail and accuracy
Software Development Security
Uses secure coding practices, which are a set of recommended guidelines that are used to create secure applications and services.
Session
When a connection is established between two devices
Identification
When a user verifies who they are by providing a username, a access card, or biometric data such as a fingerprint
Hacktivist
a computer hacker whose activity is aimed at promoting a social or political cause.
Internal threat
a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access.
Web vulnerability
a unique flaw in a web application that a threat actor could exploit by using malicious code or behavior, to allow unauthorized access, data theft, and malware deployment.
Cryptographic Encoding
converting plaintext into secure ciphertext
Threat Actor
malicious attacker, is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.
Worms
malware in the form of malicious code that replicates itself independently by exploiting vulnerabilities in networks. They spread very rapidly over a network because they run by themselves. All share similar patterns including an enabling vulnerability, a way to propagate themselves, and a payload.
Malware
software designed to infiltrate or damage a computer system without the user's informed consent
Plaintext
unencrypted, readable data
