Cyber Security Basics
What does the CIA stand for in cybersecurity?
Confidentiality, Integrity, and Availability.
What is the difference between phishing and spear phishing?
Phishing is broad and generic; spear phishing targets specific individuals or organizations.
What does a VPN do?
Encrypts internet traffic and hides your IP address
What does GDPR stand for?
General Data Protection Regulation
What was the first computer virus called?
Creeper
What is the process of converting data into a coded form?
Encryption
What kind of attack floods a system with traffic to crash it?
DDoS (Distributed Denial of Service)
What is SIEM used for / stand for?
Security Information and Event Management – collects and analyzes security data
What is the difference between a policy and a procedure?
A policy is a rule; a procedure is how to follow the rule
What is the name of the cybersecurity conference held annually in Las Vegas?
DEF CON
What is the term for verifying a user's identity?
Authentication
What is the term for malware that encrypts files and demands payment for decryption
Ransomware
What is the primary function of a honeypot in cybersecurity?
To lure attackers into a decoy system to study their behavior and protect real assets.
What is the difference between SOX and HIPAA compliance?
SOX relates to financial data integrity; HIPAA pertains to protecting health information.
Which cybersecurity-themed TV show features a hacker named Elliot Alderson?
Mr. Robot.
What is the difference between symmetric and asymmetric encryption?
Symmetric uses one key for encryption and decryption; asymmetric uses a public and private key pair.
What is a zero-day exploit?
An attack that occurs on the same day a vulnerability is discovered
What is the difference between IDS and IPS?
IDS (Intrusion Detection System) monitors and alerts; IPS (Intrusion Prevention System) actively blocks threats.
Which regulation mandates breach notification within 72 hours in the EU?
GDPR
Which U.S. president signed the first executive order on cybersecurity?
President Barack Obama.
What is a rainbow table attack and how can it be mitigated?
It's a precomputed table for reversing cryptographic hash functions; mitigated by using salted hashes.
What is a logic bomb in the context of malware?
Malicious code triggered by specific conditions or actions, often hidden within legitimate software.
What is the difference between black-box, white-box, and gray-box testing?
Black-box has no internal knowledge, white-box has full access, and gray-box has partial knowledge of the system.
Which ISO standard focuses specifically on risk management?
ISO 31000
Which U.S. state was the first to enact a data breach notification law?
California