1/48
Vocabulary flashcards covering the fundamentals of security, including controls, threat actors, motivations, and network protocols based on the lecture notes.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
Technical Controls
Technologies, hardware, and software mechanisms implemented to manage and reduce risks, such as anti-virus software, firewalls, and encryption.
Managerial Controls
Also known as administrative controls, these involve strategic planning and governance, including risk assessments and security policies.
Operational Controls
Procedures and measures designed to protect data on a day-to-day basis, governed by internal processes and human actions like backup procedures and user training.
Physical Controls
Tangible, real-world measures taken to protect assets, such as surveillance cameras, biometrics, and security guards.
Preventive Controls
Proactive measures implemented to thwart potential security threats or breaches, such as a firewall.
Deterrent Controls
Controls intended to discourage potential attackers by making the effort seem less appealing, such as a warning sign or banner on a website.
Detective Controls
Measures that monitor and alert organizations to malicious activities as they occur, such as an Intrusion Detection System or the detection part of anti-virus software.
Corrective Controls
Measures designed to mitigate damage and restore systems to their normal state, such as the quarantine and removal functions of anti-virus software.
Compensating Controls
Alternative measures implemented when primary security controls are not feasible, such as using a VPN for WPA2 when WPA3 is unavailable.
Directive Controls
Controls that guide, inform, or mandate actions, often rooted in policy or documentation like an Acceptable Use Policy.
CIA Triad
The three pillars of security: Confidentiality, Integrity, and Availability.
Confidentiality
Ensures that information is only accessible to those with appropriate authorization; it should always be linked with encryption.
Integrity
Ensures that data remains accurate and unaltered unless modification is required; it should always be linked with hashing.
Availability
Ensures that information and resources are accessible and functional when needed by authorized users.
Non-repudiation
Guaranteeing that a specific action or event has taken place and cannot be denied by the parties involved, such as an e-sign on an email.
Authentication
The process of verifying the identity of a user or system.
Authorization
The process that defines what actions or resources a user can access.
Accounting
The act of tracking user activities and resource usage, typically for audit or billing purposes.
Risk Management
The process of controlling known vulnerabilities by mitigating, transferring, avoiding, or accepting the risk.
Zero Trust
A security model operating on the principle that no one inside or outside the organization should be trusted by default.
Control Plane
A component of Zero Trust that dictates policies and procedures, featuring adaptive identity, threat scope reduction, and policy-driven access control.
Data Plane
A component of Zero Trust focused on executing policies, involving the subject/system, policy engine, and policy enforcement points.
Information Security
The act of protecting data and information itself from unauthorized access or disruption, rather than the device holding it.
Information Systems Security
The act of protecting the devices and systems that hold and process critical data, such as computers or network devices.
Misinformation
Inaccurate information shared unintentionally.
Disinformation
The intentional spread of false information to deceive or mislead.
Unskilled Attackers
Individuals with limited technical expertise who use scripts or exploits to perform attacks.
Hacktivists
Cyber attackers who perform attacks to draw attention to a cause or promote a political agenda.
Organized Crime
Groups that execute cyberattacks primarily for financial gain using methods like ransomware and identity theft.
Nation-state Actors
Highly skilled, government-sponsored attackers who engage in cyber espionage, sabotage, or warfare.
Insider Threats
Security threats that originate from individuals within the organization.
Shadow IT
IT systems, software, or services used within an organization without official organizational approval.
Honeypots
Decoy systems designed to attract and deceive attackers to study their methods.
Honeytokens
Fake data, such as fake user credentials, used to alert administrators when accessed or used.
Data Exfiltration
The unauthorized transfer of data from a computer, often involving PII or trade secrets.
False Flag Attack
An attack orchestrated to appear as if it originated from a different source to mislead investigators.
Identity Fraud
Using a person's personal information without authorization to commit a crime or deceive others, such as using a victim's credit card number.
Identity Theft
Using someone else's identity as one's own, such as using another person's Social Security number to apply for a job.
DNS Cache Poisoning
Also known as DNS Spoofing, it corrupts a resolver's cache with false information to redirect users to malicious websites.
Port 20/21
FTP (File Transfer Protocol)
Port 22
SSH (Secure Shell)
Port 23
Telnet (not secure)
Port 25
SMTP (Simple Mail Transfer Protocol)
Port 53
DNS (Domain Name System)
Port 80
HTTP (Hypertext Transfer Protocol)
Port 443
HTTPS (HTTP Secure)
Port 110
POP3 (Post Office Protocol)
Port 143
IMAP (Internet Message Access Protocol)
Port 3389
RDP (Remote Desktop Protocol)