Cybersecurity Basics
Fraudulent attempts to obtain sensitive information by pretending to be a trustworthy entity.
What does "phishing" refer to?
A Distributed Denial of Service attack that attempts to make a machine or network resource unavailable.
What is a DDoS attack?
To protect data by converting it into a coded format that can only be read by those with a key.
What is the main purpose of encryption?
Virtual Private Network, a service that encrypts your internet connection.
What does "VPN" stand for?
A document detailing the processes and procedures for responding to cybersecurity incidents.
What is an incident response plan?
To monitor and control incoming and outgoing network traffic based on security rules.
What is the purpose of a firewall?
It targets databases by injecting malicious SQL code into a query.
What does "SQL Injection" target?
Secure Sockets Layer, a protocol for securing communication over a computer network.
What does the term "SSL" stand for?
To monitor network traffic for suspicious activity and alert administrators.
What is the role of an intrusion detection system (IDS)?
The process of using scientific methods to collect and analyze digital evidence.
What does "forensic analysis" entail?
Malicious software designed to harm or exploit any programmable device or network.
What is "malware"?
Manipulating people into divulging confidential information.
What is Social Engineering?
A framework that manages digital keys and certificates for secure communications.
What is public key infrastructure (PKI)?
A security protocol to protect wireless networks.
What does "Wi-Fi Protected Access" (WPA) provide?
Preparation, ensuring that the team is ready for potential incidents.
What is the first step in the incident response process?
A type of malware that locks or encrypts files and demands payment to restore access.
What is "ransomware"?
A vulnerability that is unknown to the vendor and has not been patched.
What is a zero-day exploit?
An encryption method where the same key is used for both encryption and decryption.
What is "symmetric encryption"?
Dividing a network into smaller parts to improve performance and security.
What is "network segmentation"?
A review conducted after an incident to understand what happened and improve future responses.
What is a "post-mortem" analysis?
A security process that requires multiple different forms of identification to access an account.
What is multi-factor authentication (MFA)?
By using encryption protocols like HTTPS or VPNs.
How can a man-in-the-middle attack be prevented?
An electronic document used to prove the ownership of a public key.
What is a digital certificate?
A decoy system designed to attract attackers and gather information about their tactics.
What is a honeypot in cybersecurity?
It ensures that an organization can restore its data after a loss due to an incident.
Why is data backup important in incident recovery?