CyberSecurity Fundamentals
What is social engineering?
Manipulating people into giving up information
What does IP stand for?
Internet Protocol
Why are system updates important?
They close security holes and improve protection
What is ransomware?
Malware that locks data for payment
A system slows down and shows pop-ups. What is likely happening?
Malware infection (adware or spyware)
What is spear phishing?
Targeted phishing aimed at a specific individual or group
What is NAT? (name and what it does)
Network Address Translation translates private IP addresses to public ones
What is an account lockout?
Locking an account after too many failed attempts
What is keylogging?
Recording keystrokes to steal data
Why should backups be stored offline?
To protect from ransomware
What does the CIA Triad stand for?
Confidentiality, Integrity, and Availability
What port is commonly used for FTP?
Port 21
What is an operating system?
Software that manages hardware and software resources
What is a DDos attack?
An attack that overwhelms a system with traffic using multiple machines
What should be done before installing unknown software?
Verify the source and scan it
What is the purpose of CyberSecurity policies?
To define rules and standards for protecting systems and data
What does DNS stand for?
Domain Name System
What is the principle of least privilege?
Users should have only the access they need
What is a zero-day vulnerability?
A vulnerability unknown to the vendor
Why is user training important for CyberSecurity?
Humans are a major security weakness
What is a Trojan Horse?
Malware disguised as Legitimate software
What is the difference between IPv4 and IPv6?
IPv6 has more addresses and better security
A Linux system hosts a shared service used by multiple users. During a security audit, you discover that several user accounts belong to groups granting write access to system-level configuration files. Describe two specific actions an administrator should take to correct this issue.
1. Remove users from privileged groups that allow system-level write access.
2. Restrict permissions on configuration files using proper ownership and file permissions
What is C2?
Communication between malware and attacker
What is the most important habit an entry-level cyber defender should have?
Staying cautious and security-aware