Cybersecurity Comprehensive Study Guide

Comprehensive vocabulary flashcards covering information security concepts, network attacks, cryptography, wireless security, and enterprise device management.

Information Security

The practice of protecting information systems, data, and resources from unauthorized access, use, disclosure, disruption, modification, or destruction.

CIA Triad

The core model of information security representing Confidentiality, Integrity, and Availability.

Confidentiality

A property of the CIA Triad that ensures sensitive information is only accessible to authorized users.

Integrity

A property of the CIA Triad that ensures data is accurate and has not been altered.

Availability

A property of the CIA Triad that ensures systems and data are accessible when required.

Virus

A type of malware that attaches itself to legitimate programs and requires user action to execute.

Worm

Self-replicating malware that spreads automatically across networks.

Ransomware

Malware that encrypts victim files and demands payment for decryption.

Launch Action

The execution phase of malware, such as ransomware beginning to encrypt files.

Evade Action

Techniques used by malware to avoid detection, such as polymorphism.

Phishing

Fraudulent communication, often via email, designed to steal credentials by using suspicious URLs or urgent language.

Improper Input Handling

A system vulnerability where the failure to validate user input leads to injection attacks.

Vertical Privilege Escalation

A security breach where a regular user gains administrative or root privileges.

Horizontal Privilege Escalation

A security breach where a user gains access to another user's account at the same level.

BIOS (Basic Input/Output System)

Firmware stored on a chip that performs the Power-On Self-Test (POST) and detects hardware during the boot process.

UEFI (Unified Extensible Firmware Interface)

A modern replacement for BIOS that provides faster startup and enhanced security features.

Secure Boot

A security standard that ensures only trusted, digitally signed software executes during the computer startup process.

DoS (Denial of Service) Attack

An attack where a single attacker overwhelms a service with fake requests to make it unavailable.

DDoS (Distributed Denial of Service) Attack

An attack where many devices, often a botnet, flood a system simultaneously to cause a service timeout.

Evil Twin

A fake Wi-Fi hotspot that mimics a real network to secretly intercept or alter communication.

IP Spoofing

Faking a source IP address to bypass IP-based controls or hide identity.

DNS Spoofing

Faking DNS records to redirect users to malicious websites.

Sniffing

The act of capturing network traffic to read unencrypted information such as passwords or session cookies.

Replay Attack

An attack where valid messages or authentication tokens are recorded and retransmitted to gain unauthorized access.

Nmap

A network security assessment tool used to find active hosts, open ports, and services.

Nessus

A security tool used to identify missing patches, weak passwords, and misconfigurations.

Wireshark

A tool used to capture and analyze network traffic, such as detecting repeated login attempts.

Proxy Server

An intermediary between users and the internet that hides internal IPs and enforces usage policies.

Load Balancer

A device that distributes traffic across multiple servers to prevent overload and reduce DoS impact.

IDS (Intrusion Detection System)

A security appliance that monitors traffic and alerts administrators of suspicious activity.

IPS (Intrusion Prevention System)

A security appliance that detects and actively blocks malicious traffic.

NGFW (Next-Generation Firewall)

A firewall that includes Deep Packet Inspection, application filtering, and threat intelligence integration.

Stateful Inspection

A traffic filtering method that tracks the state of active connections to prevent spoofing.

DPI (Deep Packet Inspection)

A filtering method that analyzes the actual content or payload of a packet at the application layer.

Defence in Depth

A layered security approach ensuring that if one defensive layer fails, others still protect the system.

EDR (Endpoint Detection and Response)

A tool that continuously monitors endpoint devices for suspicious activity and responds to threats.

Symmetric Encryption

An encryption method that uses the same key for both encryption and decryption, such as AES.

Asymmetric Encryption

An encryption method where a public key encrypts data and a private key decrypts it, such as RSA.

Hashing

A one-way function that converts plaintext into a fixed-length value, commonly used for integrity checks and password storage.

Data at Rest

Data stored on a disk or database, typically protected by methods like BitLocker.

Data in Transit

Data moving across a network, typically protected by TLS/SSL or VPNs.

Data in Use

Data being actively processed, protected by secure enclaves or homomorphic encryption.

Collision Attack

A cryptographic attack where two different inputs produce the same hash value.

PKI (Public Key Infrastructure)

A framework for managing digital certificates and public-key encryption.

802.1X Authentication

A wireless security control where devices must verify identity through a RADIUS server before gaining network access.

WPA3

The strongest wireless security standard, featuring SAE authentication and forward secrecy.

Principle of Least Privilege

The practice of providing users only the access they actually need to perform their jobs.

Supply Chain Attack

An attack where an attacker targets a smaller vendor to reach a larger organization.

Password Spraying

A password attack where one common password is tested against many different accounts to avoid account lockout.

Pass-the-Hash

A technique where an attacker steals a hashed password from memory and reuses it without needing to crack it.

MDM (Mobile Device Management)

A centralized tool used to manage configuration, policy enforcement, and remote wipes for organizational mobile devices.

BYOD (Bring Your Own Device)

A deployment model where employees own their devices, offering high flexibility but low corporate security control.

Shadow IoT

Unauthorized IoT devices connected to a network without the knowledge of the IT department.