Common Cybersecurity Terminology Glossary

Questions and Answers

What is the primary objective of an advanced persistent threat?

• To exfiltrate information and undermine critical aspects. (correct)
• To create blacklists for compromised systems.
• To conduct random attacks on systems.
• To perform security audits on organizations.

Which statement best describes an attacker?

• An individual analyzing system vulnerabilities without malicious intent.
• An organization conducting compliance audits.
• A party who conducts detrimental activities with malicious intent. (correct)
• A government entity enforcing cybersecurity policies.

What is a common purpose of an audit in cybersecurity?

• To create blacklists of malicious entities.
• To review and assess system controls for compliance. (correct)
• To deploy advanced persistent threats.
• To conduct unauthorized access attempts.

How does an advanced persistent threat typically behave?

It adapts to defenders’ efforts over time. (B)

What defines an attack signature?

A specific sequence indicative of unauthorized access attempts. (D)

What characterizes a blacklist in cybersecurity?

A list of entities that are blocked from access. (A)

Which of the following best describes an adversary in cybersecurity?

A group or individual conducting harmful activities. (C)

What is the main focus of an audit within the context of cybersecurity?

To review compliance with security policies and policies. (D)

What is the purpose of access control in cybersecurity?

To grant or deny requests for information and services (A)

What distinguishes an air gap in cybersecurity?

Physical disconnection with no automated logical connection (D)

What is the main purpose of digital forensics?

To collect and analyze data while preserving its integrity (B)

What characterizes an Advanced Persistent Threat (APT)?

Multiple attack vectors and significant resources (B)

What is the main function of antivirus software?

To monitor and prevent malware incidents (A)

Which of the following best describes an exploit?

A method to breach the security of a network (B)

How are access control mechanisms primarily utilized?

They detect and deny unauthorized access (B)

What does an indicator in cybersecurity represent?

A sign that an incident may have occurred or is occurring (D)

What does the term 'alert' refer to in a cybersecurity context?

A notification of a specific attack aimed at the organization (D)

Which of the following defines hacking?

An attempt to disrupt or manipulate information systems without authorization (A)

Which of the following best defines an asset in cybersecurity?

Any high impact program or critical system (A)

Which term refers to the integrated employment of information-related capabilities during military operations?

Information Operations (I/O) (B)

What is one of the roles of access control mechanisms?

To permit authorized user access only (A)

What does an information security policy encompass?

An aggregate of directives, regulations, and rules concerning information management (D)

What is the function of a firewall?

To detect and prevent unauthorized access to a secure computer (D)

Which of the following best describes a hash function?

A technique for preserving the integrity of data through encryption (C)

What is the primary purpose of a hash function?

To compute a numerical value representing the file or message (C)

What does information system resilience primarily refer to?

The ability to operate under adverse conditions and recover effectively (B)

What defines an incident in the context of information technology?

An occurrence jeopardizing the integrity or availability of a system (C)

Which of the following best describes an insider threat?

Authorized individuals posing a risk to the information system (A)

What is the primary focus of an incident response plan?

To provide documentation for managing security incidents (C)

Which component is NOT typically included in an information technology system?

Recreational devices (D)

What is a characteristic of hash values in data files?

They are unique identifiers for each file (D)

Which of the following best exemplifies an incident affecting information security?

A system experiencing a denial of service attack (D)

What is the primary intent of a program inserted covertly into a system?

To compromise the confidentiality, integrity, or availability of data (A)

What does multifactor authentication utilize to achieve authentication?

Two or more different factors (A)

Which of the following describes the purpose of port scanning?

To determine which ports on a system are open (B)

What does non-repudiation provide assurance of?

That both sender and recipient cannot deny having processed the data (C)

What is defined as an unauthorized entity from outside the domain perimeter?

Outside threat (D)

What is a private key used for in asymmetric cryptography?

To compute a digital signature (B)

Which of the following is a deceptive method to acquire sensitive personal information?

Phishing (C)

What are the three factors that can be used in multifactor authentication?

Something you know, something you have, something you are (A)

Flashcards are hidden until you start studying

Study Notes

Common Cybersecurity Terminology

• Access: Refers to the ability to utilize information system resources effectively.
• Access Control: Mechanism that grants or denies requests for information resources and entry to physical facilities.
• Access Control Mechanism: Security safeguards created to detect unauthorized access and allow authorized access to information systems.
• Advanced Persistent Threat (APT): Sophisticated adversaries using multiple attack vectors to infiltrate IT infrastructures for long-term objectives.
• Adversary: Any individual, group, or organization intending to conduct harmful activities against information systems.
• Alert: Notification that indicates a specific attack has been made against an organization’s information systems.
• Antivirus Software: Programs designed to monitor systems for malware, detecting and preventing breaches.
• Asset: Includes applications, systems, personnel, and other resources critical to operational function or impact.
• Attack: An unauthorized attempt to access systems, seeking to compromise integrity, availability, or confidentiality.
• Attack Signature: Unique sequence of events that signify an unauthorized access attempt.
• Audit: Independent examination of records to evaluate and improve system controls and compliance.
• Blacklist: A list of entities denied access or privileges based on established security policies.
• Digital Forensics: Process of collecting and analyzing data while ensuring information integrity, crucial in investigations.
• Firewall: Integrated systems that prevent unauthorized operations and access from external sources.
• Hack: Unauthorized attempts to access and disrupt information systems.
• Hacker: An individual who illegally accesses computer systems.
• Hash Function: Algorithm that produces a unique numerical value, representing the content of a file or message for verification.
• Incident: Any event that potentially harms the confidentiality, integrity, or availability of an information system.
• Incident Handling: Strategies to mitigate violations of security policies effectively.
• Incident Response Plan: Documentation outlining procedures for managing security incidents.
• Insider Threat: A risk from authorized users that can cause harm to information systems.
• Phishing: Deceptive techniques used to acquire sensitive information from individuals online.
• Multifactor Authentication: Security process requiring two or more authentication factors to verify user identity.
• Port: Interface on a computer that allows communications with external devices or networks.
• Port Scanning: Technique to identify open ports and available services on a system.
• Private Key: Cryptographic key used in asymmetric cryptography, essential for generating digital signatures.
• Outside Threat: External unauthorized entities that pose a risk to information systems through various harmful actions.
• Non-repudiation: Assurance that the sender and the recipient cannot deny processing data, ensuring accountability in communications.