Information
Confidentiality, Integrity, and Availability.
What are the three pillars of cybersecurity?
Malicious software designated to damage, disrupt, or gain unauthorized access to systems.
What is malware?
The practice of keeping systems updated to fix vulnerabilities.
What is patch management?
Report immediatly using the designated button; report it to GSOC or your local Security team.
What should you do if you receive a phishing email?
The 2017 global ransomware attack that affected hospitals and companies via a Windows vulnerability.
What was WannaCry?
A type of attack that tricks users into revealing credentials via fake emails or messages.
What is phishing?
An attack where an attacker gains higher access rights than originally granted.
What is privilege escalation?
The plans to maintain (or recover) the service online in case of disaster, interruption, or malfunction.
What are Service Continuity Plan (SCP) & Disaster Recovery Plan (DRP)?
A document outlining what to do when a security incident occurs.
What is an Incident Response Plan?
The formal process of ensuring that employees follow security policies and regulatory requirements.
What is compliance?
An authentication method requiring two or more different verification factors.
What is Multi-Factor Authentication (MFA)?
An attack where an adversary secretly intercepts communication between two parties.
What is a Man-in-the-Middle (MitM) attack?
A copy of data used to restore information after loss or attack.
What is a backup?
Regular training to help recognize phishing emails and social engineering attempts.
What is security awareness training?
Simulating controlled attacks to identify vulnerabilities before real attackers do.
What is penetration testing (pentesting)?
The process of converting information into an unreadable format to protect it.
What is encryption?
A method of systematically trying many password combinations until the correct one is found.
What is a brute-force attack?
This tool securely stores passwords so users don't have to writte them down in plain text files.
What is password manager?
The process of identifying, evaluating, and prioritizing security risks.
What is risk management?
A widely used framework to improve organizational cybersecurity posture.
What is the NIST Cybersecurity Framework?
In risk management, it describes potential damage or loss to the organization if a threat exploits a vulnerability.
What is risk impact?
An attack that injects malicious code into a web application's input fields to manipulate a database.
What is SQL injection?
A set of policies, controls, and guidelines designed to protect organizational information.
What is an Information Security Management System (ISMS)? / What is Security posture?
Dividing a network to limit lateral movement of attackers.
What is network segmentation?
End users.
What is the first line of defense in a cyber attack?