Core Security Concepts
A security weakness like a bug, misconfiguration, or process gap that an attacker can exploit.
What is a vulnerability
This is how you prove who you are—using something like a password, token, or fingerprint.
What is authentication
Copy of data used to restore after loss or corruption.
What is a Backup
Filters traffic to allow or block connections based on rules.
What is a firewall
Malicious software (ransomware, viruses, worms, trojans, etc.)
What is Malware
Anything that could cause harm (attacker, malware, insider, natural event)
What is a threat
After you log in, this determines what you’re allowed to do or see.
What is authorization
Point‑in‑time copy of data or a volume, often used for fast restores.
What is a snapshot
Tools that detect (and sometimes block) suspicious network activity.
Risk from internal users either malicious or careless.
What is Insider Threat
The likelihood a threat will exploit a vulnerability, and the impact if it does.
What is risk
Two or more methods to prove identity (password + code + biometric).
What is MFA - Multi‑Factor Authentication
Malware that encrypts data and demands payment
What is ransomware
Encrypted tunnel between a user/site and the network.
What is VPN
Team and tools that monitor and respond to security events 24x7.
What is Security Operations Center (SOC)
Keeping data secret from unauthorized people.
What is confidentiality
This approach to security is summarized as “never trust, always verify,” even inside the network.
What is Zero Trust
Highly isolated backup environment (often with immutable copies) designed to survive cyberattacks and support clean recovery.
What is Cyber Recovery Vault/ Isolated Recovery Environment
Any device on the network (server, laptop, VM, container, IoT).
What is Endpoint
The process and playbooks to detect, contain, eradicate, and recover from security incidents.
What is Incident Response
All the ways an attacker could get in (ports, apps, users, APIs, etc.)
What is attack surface
This type of security helps protect powerful admin accounts with extra controls and monitoring.
What is Privileged Access Management (PAM)
Backup that cannot be changed or deleted during a set retention period.
What is a Immutable Backup
Advanced endpoint protection that detects and responds to attacks on devices/servers.
What is Endpoint detection & response
Central platform that collects and correlates logs/events from many systems for alerting, investigation, and compliance.
What is SIEM - Security Information and Event Management