Network Security
What device is typically used to filter incoming and outgoing traffic based on a set of security rules?
Firewall
What type of vulnerability occurs when user inputs are not properly sanitized, allowing attackers to inject malicious code into a web application?
SQL Injection
What is the first step in the incident response process? (According to NIST)
Preparation
What does the acronym MFA stand for in cybersecurity?
Multi-Factor Authentication
What common security practice involves regularly updating software on devices to fix vulnerabilities and protect against threats?
Patch Management
What is the process of translating private IP addresses to a public IP address called?
Network Address Translation (NAT)
What security testing method uses automated tools to scan applications for known vulnerabilities?
Input Validation
What is the term for the investigation and analysis of security incidents to understand the extent and impact of the breach?
Forensics
What is the process of determining the allowed actions, resources, or data a user is allowed to access based on their permissions or roles.
Authorization
What is the term for the practice of encrypting the hard drive of a laptop or desktop to protect against data theft?
Full Disk Encryption
What type of attack involves overwhelming a network with traffic from many sources to limit availability of a service?
Distributed Denial-of-Service (DDoS)
Which cloud computing model provides just virtualized computing resources over the internet?
Infrastructure as a Service (IaaS)
What does the acronym IOC stand for in incident detection and response?
Indicator of Compromise
What type of access control grants users permissions based on their role within an organization?
Role-Based Access Control (RBAC)
What is the common term for a technique that isolates running programs to prevent them from affecting other parts of the system?
Sandboxing
In network segmentation, what is a separate, isolated subnetwork within an organization's network that houses externally facing services like web servers, email servers, and FTP servers?
Demilitarized Zone (DMZ)
What is the term for encrypting data before uploading it to the cloud to ensure it is not readable by the cloud provider?
Client-Side Encryption
What is the term for testing an organization's incident response plan through simulated cyberattacks?
Tabletop Exercise
What protocol is used to securely transmit authentication credentials, commonly paired with LDAP to strengthen identity verification in enterprise environments?
Secure Lightweight Directory Access Protocol (LDAPS)
Which type of attack exploits unknown or unreported vulnerabilities in endpoint devices to gain control or extract data?
Zero-Day Exploit
Which protocol suite is typically used to securely transmit information across the internet by encrypting and authenticating traffic between web clients and servers?
TLS/SSL (Transport Layer Security / Secure Sockets Layer)
Which concept in cloud security refers to using multiple layers of security controls to protect data, workloads, and applications across the cloud infrastructure?
Defense in Depth
What advanced incident response technique uses behavioral analytics and machine learning to detect and respond to threats that bypass traditional security measures?
User and Entity Behavior Analytics (UEBA)
What identity federation protocol is commonly used to exchange authentication and authorization data between security domains, typically in cloud environments?
Security Assertion Markup Language (SAML)
What is the name of a security solution that continuously monitors endpoint activity to detect and respond to advanced threats like ransomware?
Endpoint Detection and Response (EDR)