Security Concepts
What is the primary goal of computer security?
What is protection?
What does the 'C' in the CIA Triad stand for?
What is confidentiality?
What is the main purpose of authentication?
What is to prove who you are?
What is a dictionary attack?
What is an attack that tests many potential passwords from a list of common words?
What is a smart card?
What is a card embedded with a chip used for authentication?
Name the three components of the security equation.
What are prevention, detection, and response?
What does integrity in cybersecurity mean?
What is protection against unauthorized modification of data?
Name one method used for authentication.
What is a password?
What does the term 'credential stuffing' mean?
What is using stolen username/password pairs to try to access multiple accounts?
Describe what biometrics are in authentication.
What are measurable physical characteristics used to verify identity?
What does NIST stand for in the context of cybersecurity?
What is the National Institute of Standards and Technology?
Explain the term 'availability' in the CIA Triad.
What is ensuring data is accessible to authorized users when needed?
What does access control refer to?
What is what you are allowed to see or access?
Define what a hybrid attack is.
What is a combination of dictionary and brute force attacks?
What does Single Sign-On (SSO) allow?
What is access to multiple resources with one authentication?
What is the purpose of continuous monitoring in cybersecurity?
What is to ensure ongoing security and identify vulnerabilities?
Give an example of a breach of confidentiality.
What is the NSA leaks by Edward Snowden?
Explain the difference between authentication and identity proofing.
What is authentication verifies identity while identity proofing establishes trust?
What is the purpose of a password spray attack?
What is to test a common password against many accounts to avoid lockouts?
How does multi-factor authentication enhance security?
What is by requiring more than one method to verify identity?
Describe the role of asset management in the NIST Cybersecurity Framework.
What is managing and protecting organizational assets to support security?
Describe a scenario that demonstrates a loss of availability.
What is a DDoS attack preventing access to a website?
Describe an example of a multi-factor authentication method.
What is using a password along with a one-time code sent to your phone?
Explain what a rainbow table is in the context of password attacks.
What is a pre-computed table of hash values used to crack passwords?
What is a token in the context of authentication?
What is a hardware device that generates a one-time password?