C's get Degrees
Proof that an entity meets a set of cybersecurity and data protection benchmarks defined by a third party.
What are security certifications?
An employee is talking about confidential business on their phone and a co-worker is sitting right next to them is considered this.
What is shoulder surfing?
A team composed of people with varied skills who attempt to penetrate a network.
What is a red team?
This concept describes gathering information by examining the trash that people discard.
What is dumpster diving?
The principle that says there should be no all powerful ids.
What is separate privilege?
According to CompTIA this is the first certification a candidate should earn.
What is security+?
A message tailored based on characteristics, job positions, and contacts belonging to their victims to make their attack less conspicuous.
What is spear phishing?
Check for laws pertaining to your jurisdiction and get permission from the individual youre hacking, specifically in writing.
What is the first thing you should do as a security tester before hacking?
This hacking tool gives domain and IP address information for a company
What is Whois?
The principle that says users should only be given as much access as they need and nothing more.
What is least privilege?
The organization that offers the CEH certification exam.
What is the EC-Council?
The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
What is social engineering?
A penetration testing model in which full network and system information is shared with the tester, including network maps and credentials.
What is a white box model?
This is another word for footprinting.
What is reconnaissance?
The principle that the user should have messages or indicators about what is happening
What is complete mediation?
This certification requires 5 years of experience.
What is Certified Information Systems Security Professional (CISSP)?
*Other acceptable answer
CompTIA Advanced Security Practitioner (CASP+)
Type of attack in which an authorized person allows an unauthorized person access to a restricted area.
What is Piggybacking / Tailgating?
This is a hardware device or software (spyware) that records keystrokes made on a computer and stores the information for later retrieval.
What is Keylogger?
Sam Spade, nslookup, traceroute, Nmap and neotrace.
What are tools used for foot printing?
The principle that says security should not depend on obscurity of how the system works
What is open design?
A four-year program with a focus on Cyber Security
What is a Cyber Security degree
An attack where a message is intercepted by a 3rd party between the intended source and target
What is Man-In-The-Middle?
This is malicious software, such as a virus, worm, or Trojan program, used to interfere with the confidentiality, integrity, or access to data, networks, or computer systems.
What is Malware?
Acquiring a password be observing a person from close by, or looking over their shoulder.
What is shoulder-surfing?
The principle that says a system should work the way the user expects it to work
What is least surprise?