Omega 11 PLus

What are the four types of security controls?

Physical, Managerial, Technical, Operational.

What does Physical Control include?

Alarms, gateways, locks, lighting, and security cameras.

What is the primary function of a CISO?

Managing security-related incident response.

What is a Corrective Control?

Eliminates or reduces the impact of a security policy violation after an attack.

What is the difference between CISO and CIO?

CISO manages security teams; CIO oversees equipment and infrastructure.

What approaches can a CISO take to assess security posture?

Implement a gap analysis report.

What is non-repudiation?

Ensures that individuals cannot deny their actions, such as modifications or data access.

What are the functions of the NIST Cybersecurity Framework?

Identify, Protect, Detect, Respond.

What does IAM stand for?

Identity and Access Management.

Explain Multi-factor Authentication (MFA).

Requires users to provide two or more verification factors.

What is a Data Loss Prevention (DLP) solution?

Monitors and controls sensitive information across networks.

What is the CIA Triad?

Confidentiality, Integrity, and Availability.

What is the purpose of a vulnerability scan?

Identify weaknesses in the information systems.

Define Zero-Day Vulnerability.

A previously unknown vulnerability that has not yet been fixed.

What is the role of a Security Operations Center (SOC)?

Monitor and protect against security threats in an organization.

What does the acronym SSL stand for?

Secure Sockets Layer.

What is the function of an Intrusion Prevention System (IPS)?

Detect and prevent identified threats actively.

What is a firewall's role in network security?

Control incoming and outgoing network traffic based on predetermined security rules.

Describe a DDoS attack.

A Distributed Denial of Service attack aims to make a service unavailable by overwhelming it with traffic.

Explain Role-Based Access Control (RBAC).

Allows access based on a user's role within an organization.

What is the primary goal of penetration testing?

Identify vulnerabilities and suggest improvements.

PuTTY

A secure client program used for command line access in Windows.

FTP

File Transfer Protocol, a standard for transferring files, but not secure unless using secure versions.

SFTP

Secure File Transfer Protocol, uses the secure shell protocol for file transfer.

HTTP

Hypertext Transfer Protocol, operates over port 80 and does not use encryption.

HTTPS

Hypertext Transfer Protocol Secure, operates over port 443 and uses encryption for secure communication.

Transport Layer Security (TLS)

A protocol that provides privacy and data integrity between two communicating applications.

Digital Certificates

Used to verify the identity of websites and facilitate secure communications.

Advanced Encryption Standard (AES)

A symmetric encryption algorithm widely used for securing data.

Secure Socket Layer (SSL)

A standard technology for keeping an internet connection secure and safeguarding any sensitive data.

Lightweight Directory Access Protocol (LDAP)

An application protocol for accessing and maintaining distributed directory information services.

Simple Network Management Protocol (SNMP)

A protocol for managing devices on IP networks, with a version that supports encryption.

Data Loss Prevention (DLP)

A strategy to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.

Sender Policy Framework (SPF)

An email validation system that helps to prevent spam by verifying sender IP addresses.

Domain-Based Message Authentication, Reporting, and Conformance (DMARC)

An email-authentication protocol that helps protect domains from being used in email spoofing.

Uniform Resource Locator (URL) Encoding

A way to encode characters in a URL to ensure they are transmitted correctly.

Sandboxing

Running code in a controlled environment to test its behavior and detect malicious actions.

Code Signing

The process of digitally signing to verify the authenticity and integrity of software.

Input Validation

The practice of checking data inputs to ensure they are appropriate and safe before processing.

Encryption Algorithms

Mathematical procedures for encrypting data to ensure privacy and security in communication.

Quantum Computing

A type of computing that promises to solve problems beyond the reach of classical computers, posing threats to current encryption methods.

Endpoint

A component or device capable of sending, receiving, storing, or processing information.

Hardening

The process of changing default configurations to enhance security on endpoint devices.

Principle of Least Privilege

A security principle stating that users, systems, or services should have only the minimum level of access necessary to perform their tasks.

Zero Trust

A security model that requires verification of every request, regardless of whether the request originates from inside or outside the network.

EDR (Endpoint Detection and Response)

A cybersecurity technology designed to detect, investigate, and respond to threats on endpoint devices.

HIDS

Host-based Intrusion Detection System; a security solution that monitors and analyzes the internals of a computing system for suspicious activities.

NIDS

Network-based Intrusion Detection System; a security solution that monitors network traffic for malicious activities.

Access Control Lists (ACLs)

A set of rules that are used to determine who can access or use resources in a computing environment.

Encryption

The process of converting information or data into a code to prevent unauthorized access.

VPN (Virtual Private Network)

A technology that creates a secure connection over a less secure network, such as the internet.

BYOD (Bring Your Own Device)

A policy allowing employees to use their personal devices for work purposes.

COBO (Corporate Owned Business Only)

A model where an enterprise provides employees with devices that are strictly for business use.

Mobile Device Management (MDM)

A software solution used to track, manage, and secure mobile devices used in business environments.

Wi-Fi Direct

A feature that allows devices to connect to each other without using a wireless access point.

SE Linux

Security-Enhanced Linux; a set of kernel modifications and user-space tools that enhance the security of the operating system.

Firmware

The permanent software programmed into a read-only memory, which provides low-level control for the device's specific hardware.

Time Lag

The delay experienced in data transmission, often unnoticed due to high-speed networks.

Principle of Least Privilege

A security concept where users are given the minimum levels of access necessary to perform their tasks.

Zero Trust

A security model that requires verification of every user and device regardless of whether they are inside or outside the network.

Network Perimeter

The boundary of a network, often secured by various defenses to prevent unauthorized access.

Wi-Fi Protected Access (WPA)

A security protocol designed to create secure wireless networks, noted for its versions WPA2 and WPA3.

Heat Map (in Wi-Fi networks)

A visual representation of signal strength and coverage area for wireless networks.

Alien Crosstalk

Interference that occurs between non-adjacent channels in a wireless environment.

Extensible Authentication Protocol (EAP)

An authentication framework used in wireless networks for secure credentials exchange.

RADIUS (Remote Authentication Dial-In User Service)

A networking protocol that provides centralized authentication, authorization, and accounting.

Multifactor Authentication (MFA)

A security system that requires more than one method of verification from independent categories of credentials.

Vulnerability Management

The process of identifying, classifying, remediating, and mitigating vulnerabilities in software and hardware.

Risk Assessment

The process of analyzing and evaluating the risk associated with vulnerabilities to determine the potential impact of a threat.

OpenVAS

An open source vulnerability assessment tool used to scan for and identify vulnerabilities in networked systems.

CVE

Common Vulnerabilities and Exposures, a list of publicly known cybersecurity vulnerabilities.

NVD

National Vulnerability Database, a comprehensive database of vulnerabilities maintained by NIST.

Zero-Day Attack

An exploit that takes advantage of a security vulnerability on the same day that the vulnerability becomes widely known.

SQL Injection

A code injection technique that exploits a vulnerability in an application's software, allowing an attacker to interfere with the queries that an application makes to its database.

Cross Site Scripting (XSS)

A security vulnerability that allows attackers to inject malicious scripts into webpages viewed by other users.

Penetration Testing

An authorized simulated attack on a computer system, performed to evaluate the security of the system.

Misconfiguration

Incorrect or inadequate setup of a system or application that exposes it to potential vulnerabilities.

VCEs

Valuable practice exams that are important for exam preparation.

PBQs

Part B Questions that allow for partial credit if answered partially correct.

Partial credit

Credit awarded for a partially correct answer, contributing towards the final score.

Inline lesson quizzes

Quizzes associated with lessons that are valuable for exam prep but less important than VCEs.

Example exam

A practice exam that can be taken multiple times to aid preparation.

Attack Surface

The total sum of all points (attack vectors) that can be exploited to gain unauthorized access to a system.

Attack Vector

Any method or pathway employed by a threat actor to gain access to a computer system.

Internal Threats

Risks originating within the organization, such as uneducated users or disgruntled employees.

External Threats

Risks posed by outside entities, including cybercriminals and natural events.

CIA Triad

A model for information security, focusing on the principles of Confidentiality, Integrity, and Availability.

Gap Analysis

A method to determine the differences between the current security posture and the desired state.

Traffic Light Protocol

A system used to categorize and prioritize information based on its sensitivity, represented by colors: red, yellow, green.

Access Control

Measures or policies that restrict or allow users to access certain information or functions.

AAA Compliance

Refers to Access Control services that consist of Authentication, Authorization, and Accounting.

IAM Services

Identity and Access Management services that verify and manage user identities and permissions.

Vulnerability Assessment

A process of identifying, quantifying, and prioritizing vulnerabilities in a system.

Threat Intelligence

Information that helps organizations understand their vulnerability to potential threats and risks.

Security Controls Pyramid

A framework representing different layers of security controls: managerial, operational, and technical.

Preventative Controls

Security measures put in place to prevent incidents before they occur.

Detective Controls

Security mechanisms that identify and alert on incidents in progress.

Corrective Controls

Measures implemented to repair or restore systems after an incident has occurred.

Social Engineering

Manipulative techniques used by attackers to deceive individuals into divulging sensitive information.

Phishing

A cyber-attack method where attackers send fraudulent communications that appear to come from a reputable source.