Cybersecurity 101
What is the CIA Triad?
Confidentiality, Integrity, and Availability.
What is phishing?
An attack that uses a fraudulent email, often disguised as coming from a legitimate source, to trick a person into revealing sensitive information.
What is Nmap?
This command-line tool is used for network discovery and security auditing, often called the "Swiss Army knife" of network scanning.
What is symmetric encryption?
This type of encryption uses a single, shared secret key for both encrypting and decrypting data.
What is an Acceptable Use Policy (AUP)?
A policy that defines what employees are and are not allowed to do with company IT assets.
What is a firewall?
A network security device that monitors and filters incoming and outgoing network traffic based on a set of security rules.
What is malware?
The umbrella term for any malicious software, including viruses, worms, spyware, and ransomware.
What is Burp Suite?
A graphical tool used by penetration testers to intercept and manipulate web traffic between a browser and a server.
What is asymmetric encryption?
This type of encryption uses a pair of keys: one public that can be shared with anyone, and one private that must be kept secret.
What is Incident Response (IR)?
The six-phase process (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned) for handling a security breach.
What is the Principle of Least Privilege?
The security principle of giving a user account or process only those privileges which are essential to perform its intended function.
What is an SQL Injection (SQLi)?
This attack injects malicious code into a website's database query, famously illustrated by the "Little Bobby Tables" comic.
What is the Metasploit Framework?
A popular framework used for developing and executing exploit code against a remote target machine.
What is RSA?
A widely used asymmetric algorithm whose security is based on the practical difficulty of factoring the product of two large prime numbers.
What is authorization (or permission)?
The key factor that legally separates a white hat hacker from a criminal.
What is a vulnerability?
A weakness in a system, process, or control that can be exploited by an attacker.
What is a Man-in-the-Middle (MITM) attack?
An attack where the perpetrator secretly intercepts and relays communication between two parties who believe they are directly communicating with each other.
What is Mimikatz?
This post-exploitation tool is famous for its ability to extract plaintext passwords, hashes, and Kerberos tickets from a computer's memory.
What is the Diffie-Hellman key exchange?
This key exchange protocol allows two parties to establish a shared secret over an insecure channel, often explained with a color-mixing analogy.
Who was HBGary Federal?
This security firm was famously hacked by Anonymous in 2011 due to a combination of SQLi, weak passwords, password reuse, and social engineering.
What is an attack surface?
The sum of the different points where an unauthorized user can try to enter or extract data from an environment.
What is a zero-day exploit?
An exploit that targets a vulnerability unknown to the software vendor, meaning no patch is available to fix it.
What is the Volatility Framework?
An open-source memory forensics framework for incident response and malware analysis, used to analyze RAM dumps.
What is salting?
The process of adding random data to a password before hashing it, in order to protect against rainbow table attacks.
What is Return on Investment (ROI)?
The business metric a CISO uses to justify security spending by showing that the cost of prevention is less than the cost of a breach.