PRELIM - IAAS (Formatted).docx

Full Transcript

1\. **Cisco Certified CyberOps Associate** -- validates the skills
required of associate-level cybersecurity analysts within security
operations centers.

2\. **ISC2 Certified Information Systems Security Professional (CISSP)**
-- most recognizable and popular security certification. To take the
exam, you must have at least five years of relevant industry experience.

3\. **EC Council Certified Ethical Hacker (CEH)** -- tests your
understanding and knowledge of looking for weaknesses and
vulnerabilities in target systems using the same knowledge and tools as
a malicious hacker but lawfully and legitimately.

4\. **CompTIA Security+** - entry-level security certification meets the
U.S Department of Defense Directive 8570.01-M requirements, which is an
essential item for anyone looking to work in IT security for the federal
government.

5\. **Microsoft Technology Associate (MTA) Security Fundamentals** --
aims at high school and early college students and those interested in a
career change.

6\. **Palo Alto Networks Certified Cybersecurity Associate** --
entry-level certification for newcomers preparing to start their careers
in the cybersecurity field.

7\. **ISACA CSX Cybersecurity Fundamentals Certificate** -- gears toward
recent post-secondary graduates and those interested in a career change.
This certificate does now expire or require periodic recertification.

8\. **CyberSeek** -- a tool that provides detailed data about supply and
demand in the cybersecurity job market to help close the cybersecurity
skills gap.

9\. **Cybersecurity** -- ongoing effort to protect individuals,
organizations, and governments from digital attacks.

10\. **Hardware vulnerabilities** -- most often the result of hardware
design flaws like the Rowhammer.

11\. **Software vulnerabilities** -- can be errors in the operating
system or application code.

12\. **Amateur hacker** -- script kiddies

13\. **White hat hackers** -- they break into networks or computer
systems to identify any weaknesses so that the security of a system of
network can be improved.

14\. **Black hat hackers** -- take advantage of any vulnerability for
illegal personal, financial, or political gain.

15\. **Gray hat hackers** -- set out to find vulnerabilities in a system,
but they will only report their findings to the owners of a system if
doing so coincides with their agenda.

16\. **Organized hackers** -- organizations of cyber criminals,
hacktivists, terrorists, and state-sponsored hackers.

17\. **State-sponsored attackers** -- they used the Stuxnet malware that
was design not just to hijack targeted computers but to actually cause
physical damage to equipment controlled by computers.

18\. **Cyberwarfare** -- gaining advantage over adversaries, whether they
are nations or competitors.

19\. **McCumber Cube** -- model framework created in 1991 to help
organizations establish and evaluate information security initiatives by
considering all related factors that impact them.

20\. **Security Breach** -- can have a negative long-term impact on an
organization's reputation that has taken years to build.

21\. **Data Breach** -- sensitive personal data has been stolen.

22\. **Cybercriminals** -- can make this information public or exploit it
to steal an individual's money and/or identity.

23\. **Cyberattacks** -- can originate from within an organization as
well as from outside of it.

24\. **Spyware** -- monitors your online activity and can log every key
you press on you keyboard and capture almost any of your data, including
sensitive personal information such as your online banking details.

25\. **Adware** -- installs with some software versions, and its design
is to automatically deliver advertisements to a user, most often on a
web browser.

26\. **Backdoor** -- gains unauthorized access by bypassing the normal
authentication procedures to access a system.

27\. **Scareware** -- consists of operating system-style windows that
warn you that your system is at risk and needs to run a specific program
to return to normal operation.

28\. **Ransomware** -- holds a computer system or the data it contains
captive until it makes a payment.

29\. **Rootkit** -- modify system forensics and monitoring tools, making
them very hard to detect.

30\. **Virus** -- replicates and attaches itself to other executable
files, such as a document, by inserting its code.

31\. **Trojan Horse** -- appears legitimate but is very dangerous.

32\. **Worm** -- replicates itself to spread from one computer to
another.

33\. **Pretexting** -- when an attacker calls an individual and lies to
them to gain access to confidential data.

34\. **Social Engineering** -- manipulating people into performing
actions or divulging confidential information.

35\. **Tailgating** -- when an attacker quickly follows an authorized
person into a secure, physical location.

36\. **Quid pro quo** -- when an attacker requests personal information
from someone in exchange for something, like a gift.

37\. **DoS** -- creates overwhelming quantity of traffic that results in
some interruption of network service to users, devices, or applications.

38\. **DDoS** -- originates from multiple coordinated sources where
botnet of zombies carry out this attack instructed by a hacker through
some handler systems.

39\. **Botnet** -- group of bots connected through the internet that a
malicious individual or group can control.

40\. **MitM** -- when an attacker can intercept and capture user
information before it sends it to its intended destination where often
steals financial information.

41\. **MitMo** -- used to take control over a user's mobile device where
instructions exfiltrates user sensitive information and send it to the
attackers. An example is the **ZeuS** which allows attackers to capture
two-step verification SMS messages sent to users quietly.

42\. **SEO Poisoning** -- increase traffic to malicious sites that may
host malware of attempt social engineering.

43\. **Password Spraying** -- attempts to gain access to a system by
spraying a few commonly used passwords across many accounts.

44\. **Dictionary Attack** -- tries every word in a dictionary or a list
of commonly used words as a password to break into password-protected
account.

45\. **Brute-force attacks** -- the simplest, most commonly used way of
gaining access to a password- protected site using all possible
combinations of letters, numbers, and symbols in the password space
until they get it right.

46\. **Rainbow attacks** -- compares the hash of a password with those
stored in the rainbow table and when an attacker finds a match, they
identify the password used to create the hash.

47\. **APT (Advanced Persistent Threat)** -- multi-phase, long-term,
stealthy, and advanced operation against a specific target where its
primary purpose is to deploy customized malware on one or more of the
target's systems and remain there undetected.

48\. **SYNful Knock** -- to gain control of enterprise-grade routers,
such as the legacy Cisco ISR Routers, from which they could monitor all
network communication and infect other network devices.

49\. **Buffer overflow** -- amount of data in the buffer exceeds its
storage capacity and the extra data overflows into adjacent memory
locations and corrupts or overwrites the data in those locations.

50\. **Non-validated input** -- programs often require input, but this
incoming data could have malicious content that unintentionally forces
the program to behave.

51\. **Race conditions** -- describes a situation where the output of an
event depends on ordered or timed outputs and thus became a source of
exposure when the required ordered or timed events did not occur in the
correct order or at the proper time.

52\. **Organizational level** -- everyone's responsibility to protect the
organization's reputation, data, and customers.

53\. **Government level** -- more digital information is being gathered
and shared hence the protection becomes even more vital where national
security, economic stability, and the safety and wellbeing of citizens
are at stake.

54\. **Personal level** - there is a need to safeguard your identity,
your data, and your computing devices.

55\. **Personal data** - any information that can be used to identify
you, and it can exist both offline and online.

56\. **Medical record** - information regarding the physical and mental
health and well-being of a person.

57\. **Education records** - academic qualifications and achievements of
a person.

58\. **Financial record** - information of your tax records, paychecks,
credit card statements, etc.

59\. **ISP (Internet Service Provider)** - may track your online activity
and may sell the data to advertisers for a profit and they may also
legally share these data with government agencies or authorities.

60\. **Advertisers** - monitor and track your online activities such as
shopping habits and personal preferences and send targeted ads your way.

61\. **Social Media** - platforms that gather information about your
gender, geolocation, phone number, political and religious ideologies
based on your search histories and online identity and then sold to
advertisers for a profit.

62\. **Website visits** - use cookies to track your activities to provide
a more personalized experience but leave data trails linked to your
online identity that can often end up in the hands of advertisers.

63\. **Transactional data** - details relating to buying and selling,
production activities, and basic organizational operations such as any
information used to make employment decisions.

64\. **Intellectual property** - patents, trademarks, and new product
plans, and allow an organization to gain economic advantage over its
competitors where losing its trade secrets could prove disastrous for
the future of a company.

65\. **Financial data** - income statements, balance sheets, and cash
flow statements, provide insight into the health of a company.

66\. **IoT** - a large network of physical objects, such as sensors,
software, and other equipment.

67\. **Confidentiality** - set of rules that prevents sensitive
information from being disclosed to unauthorized people, resources, and
processes.

68\. **Integrity** - Ensures that system information or processes are
protected from intentional or accidental modification.

69\. **Availability** - authorized users are able to access systems and
data when and where needed.

70\. **Big Data** - emergence of IoT has led to exponential growth in
data, creating a new area of interest in technology and business.

71\. **Access Control** - process of controlling who does what and ranges
from managing physical access to equipment to dictating who has access
to a resource, such as a file, and what they can do with it, such as
read or change the file.

72\. **Cryptocurrency** - digital money used to buy goods and services,
using strong encryption techniques to secure online transactions.

73\. **Virtual Wallets** - Cryptocurrency owners keep their money in
encrypted.

74\. **Encryption** - process of converting information into a form in
which unauthorized parties cannot read it.

75\. **SDelete** - Used by Microsoft to remove sensitive files
altogether.

76\. **Secure Empty Trash** - Used by MacOS X to provide a service that
will remove sensitive files.

77\. **Shred** - Used by Linux to remove sensitive files.

78\. **Data use policy** - how the service provider will collect, use and
share your data.

79\. **Security policy** - what the company is doing to secure the data
it obtains from you.

80\. **Terms of service** - some sections, from user rights and
responsibilities to disclaimers and account modification terms.

81\. **Two-factor authentication** - Requires a second token to verify
your identity.

82\. **OAuth** - An open standard protocol that allows you to use your
credentials to access third-party applications without exposing your
password.

83\. **EFS (Encrypting File System)** - A Windows feature that can
encrypt data.

84\. **Routers** - Device where the primary use is to interconnect
various network segments and provide basic traffic filtering
capabilities.

85\. **IPS (Intrusion Prevention System)** - These systems use a set of
traffic signatures that match and block malicious traffic and attacks.

86\. **Firewalls** - These looks deeper into the network traffic to block
malicious behavior and can have sophisticated security policies applied
to the traffic passing through them.

87\. **Virtual Private Network** - let remote employees use a secure
encrypted tunnel from their mobile computer and securely connect to the
organization's network.

88\. **Network layer firewall** - It filters communications based on
source and destination IP addresses.

89\. **Application layer firewall** - Filters communications based on an
application, program, or service.

90\. **Transport layer firewall** - It filters communications based on
source and destination data ports and connection states.

91\. **Host-based firewall** - Filters ports and system service call on a
single computer operating system.

92\. **Perform a risk assessment** - Knowing and understanding the value
of what you are protecting will help to justify security expenditures.

93\. **Physical security measure** - Restrict access to networking
closets and server locations and fire suppression.

94\. **Create a security policy** - Clearly outlines the organization's
rules, job roles, responsibilities, and employee expectations.

95\. **HR Security measures** - Completion of background checks should be
for all employees.

96\. **Perform and test backups** - Back up information regularly and
test data recovery from backups.

97\. **Regularly test incident response** - Employ an incident response
team and test emergency response scenarios.

98\. **Maintain security patches and updates** - Regularly update server,
client, and network device operating systems and programs.

99\. **Employ access controls** - Configure user roles and privilege
levels and strong user authentication.

100\. **Honeypots** - This is a behavior-based detection tool that lures
attackers in by appealing to their predicted pattern of malicious
behavior and once the attacker is inside, the network administrator can
capture, log and analyze their behavior so that they can build a better
defense.

101\. **Netflow** - This is an essential component in behavior-based
detection and analysis that gathers information about data flowing
through a network, including who and what devices are in the network and
when and how users and devices access the network.

102\. **Behavior-based security** - A form of threat detection that
captures and analyzes the flow of communication between a user on the
local network and a local or remote destination and any changes in
normal behavior patterns are regarded as anomalies and may indicate an
attack.

103\. **Penetration testing** - This assesses a computer system, network,
or organization for security vulnerabilities and seeks to breach
systems, people, processes, and code that could exploit vulnerabilities.

104\. **Risk management** - This is a formal process of continuously
identifying and assessing risk to reduce the impact of threats and
vulnerabilities.

105\. **Personal Legal Issues** - You may have the opportunity and skills
to hack another person\'s computer or network at work or home. But there
is an old saying, \'Just because you can does not mean you should.\'
Most hacks leave tracks that can trace back to you.

106\. **Corporate Legal Issues** - Businesses and organizations must
abide by the cybersecurity laws that most countries have.

**International law and cybersecurity** -- is a constantly evolving
field. Cyber attacks occur in cyberspace, an electronic space created,
maintained, and owned by the public and private entities. There are no\
traditional geographic boundaries in cyberspace. To further complicate
issues, it is much easier to\
mask the source of an attack in cyberwarfare than in conventional
warfare.