Security Controls and Incident Response - Vocabulary Flashcards

A set of vocabulary flashcards covering key terms and concepts from the lecture notes on security controls and incident response.

Security Controls

Tools to protect computers, networks, and data.

Incident Response

An organized plan to find, stop, and fix security problems.

Firewalls

Devices or software that block unwanted internet traffic.

Encryption

Process of scrambling data so only authorized people can read it.

Access Controls

Mechanisms that limit access to sensitive areas or resources.

Monitoring Tools

Systems that watch for suspicious or anomalous activity.

Authentication

Verifies who you are (e.g., passwords, biometrics).

Authorization

Grants permission to access specific resources.

Backup & Recovery

Processes to restore lost data after an incident.

Security Awareness & Training

Programs to reduce human error and teach safe practices (e.g., phishing awareness).

Phishing

A social engineering attack to trick users into revealing credentials or clicking malicious links.

Prepare

Have a plan and tools ready before an incident occurs.

Detect

Identify unusual or unauthorized activity quickly.

Contain

Stop the attack from spreading to other systems.

Fix

Remove threats and patch weaknesses in the environment.

Recover

Safely restore systems and operations after an incident.

Review

Learn from the incident to improve defenses and responses.

Target Data Breach (2013)

One of the largest retail cyberattacks; attackers used a weak vendor system; 40 million credit cards stolen; lesson: vendor security matters.

Zero Trust Security

Principle of never trusting by default; always verify before granting access.

EDR Tools

Endpoint Detection and Response tools that detect and stop threats on devices.

Bruce Schneier

Security and cryptography expert.

Gene Spafford

Advocate for safe and robust network design.

NIST SP 800-61

Computer Security Incident Handling Guide.