CyberSecurity Basics
This term refers to the practice of protecting computer systems, networks, and data from digital attacks, theft, and damage.
What is cybersecurity?
An operative on the blue team does this.
What is defend?
An operative on the red team does this.
What is attack?
A type of cybersecurity tool that is designed to detect and remove malicious software (malware) from computer systems.
What is antivirus software?
A type of cyber attack that involves trying every possible password combination until the correct one is found.
What is a brute force attack?
This is a secret code that is used to protect access to a computer, account, or other digital resource.
What is a password?
This security principle is based on the idea of providing users with the minimum amount of access necessary to perform their job functions.
What is the principle of least privilege?
A type of security assessment that involves identifying potential vulnerabilities in computer systems and networks.
What is a vulnerability assessment?
A type of cybersecurity tool that is designed to monitor and control incoming and outgoing network traffic.
What is a firewall?
A type of cyber attack that involves manipulating people into performing certain actions or divulging sensitive information.
What is social engineering?
A form of authentication using two devices.
What is two-factor authentication?
This type of cybersecurity defense strategy involves regularly testing the security of computer systems and networks to identify vulnerabilities and potential weaknesses before they can be exploited by attackers.
What is vulnerability scanning and testing?
A practice where companies offer rewards to ethical hackers who find and report security vulnerabilities in their software or systems.
What is bug bounty hunting?
A type of cybersecurity tool that is designed to securely store and manage passwords.
What is a password manager?
a type of cyber attack that involves overwhelming a computer system or network with a flood of traffic from multiple sources, making it unavailable to users.
What is a DDos Attack?
This type of cyber attack is designed to prevent users from accessing their own computer systems or files until a ransom is paid.
What is a ransomware attack?
This process involves creating a detailed plan of action that outlines how a business or organization will respond to a cybersecurity incident, such as a data breach or cyber attack.
What is an incident response plan?
The name of the document that outlines the rules and procedures for conducting cybersecurity operations within an organization.
What is a cybersecurity policy?
This popular network protocol analyzer is used to capture and analyze network traffic for troubleshooting, security analysis, and network optimization purposes.
What is Wireshark?
A type of cyber attack that involves gaining unauthorized access to a computer system or network by exploiting a vulnerability or installing a hidden means of access.
What is a backdoor?
A type of scam email that is designed to trick the recipient into giving up sensitive information, such as login credentials or financial information.
What is a phishing email?
A computer system or network that is designed to look vulnerable and attract attackers, in order to gather information about their methods and motives.
What is a honeypot?
A type of security assessment that involves simulating a real-world cyber attack, in order to identify vulnerabilities and weaknesses in computer systems and networks.
What is penetration testing?
This security tool is designed to detect and prevent unauthorized access to computer systems and networks by monitoring network traffic and blocking suspicious or malicious traffic.
What is an intrusion prevention system (IPS)?
A type of cyber attack where the attacker intercepts communication between two parties to eavesdrop, steal information, or manipulate the conversation.
What is a "man-in-the-middle" attack?