Cyber Security Final MCQ Prep

Confidentiality

Ensuring information is accessible only to those authorized to have access

Integrity

Safeguarding the accuracy and completeness of information; ensuring data has not been altered in an unauthorized manner

Availability

Ensuring authorized users have access to information and associated assets when required

CIA Triad

The three pillars of information security: Confidentiality, Integrity, and Availability

Threat

Anything that can exploit a vulnerability, intentionally or accidentally, to obtain, damage, or destroy an asset

Vulnerability

Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset

Risk

The likelihood that a threat will exploit a vulnerability to cause harm to an asset (Risk = Threat × Vulnerability)

Modification

A threat to integrity — unauthorized alteration of data

Interception

A threat to confidentiality — unauthorized viewing/capture of data

Interruption

A threat to availability — disruption that prevents access to data or services

Fabrication

A threat to integrity/authenticity — creating fake data or messages that appear legitimate

External Threats

Threats from outside an organization (criminals, nation-states, terrorists, business rivals, hackers, script kiddies)

Internal Threats

Threats from inside an organization (employees, contractors, untrained users, malicious insiders)

Hash

A one-way mathematical function that produces a fixed-size output from any input; used to verify integrity

Symmetric Cryptography

Encryption using one key to both encrypt and decrypt; very fast but has the key distribution problem

Asymmetric Cryptography

Encryption using two keys (public to encrypt, private to decrypt); solves key distribution but is slower

Key Distribution Problem

The challenge of safely sharing a secret key with someone over the internet without it being intercepted

PKI (Public Key Infrastructure)

A system using asymmetric cryptography to manage digital certificates and public-key encryption

Security Policy

A formalized statement of rules and practices that prescribe how an organization manages, protects, and distributes sensitive information

Compliance

The act of adhering to mandated legal, regulatory, or organizational requirements

Client

A device that requests services or data from a server

Server

A device that provides services or data to clients

Client-Server Model

A network architecture where clients request services from centralized servers

Protocol

A set of rules governing the exchange or transmission of data

TCP

Transmission Control Protocol — ensures reliable, ordered delivery of data

IP

Internet Protocol — fundamental standard that all internet-connected devices use to identify each other

HTTP

Hypertext Transfer Protocol — used for transferring web pages

IPv4 Address

A digital address (like 132.16.10.1) used to identify devices on the internet

DNS (Domain Name System)

System that translates human-readable names (google.com) into machine-readable IP addresses

Router

A device that forwards data packets between computer networks; directs traffic across the internet

Private IP Address

An address used strictly on a local network, making the device invisible to the outside world

Public IP Address

An address visible to the world that uniquely identifies a device globally; required for direct internet visibility

Logical Port

A number that uniquely identifies a specific application or service on a device

Impact

The magnitude of harm expected from compromise of an asset's Confidentiality, Integrity, or Availability

Ease of Access

A measure of the technical and operational effort required to exploit a specific vulnerability

Probability of Detection

The likelihood that a threat actor's activities will trigger security alarms or forensic response during an attack

Risk Calculus

The factors an attacker considers: Impact, Ease of Access, and Probability of Detection

Passive Information Gathering

Learning about a target using non-intrusive, stealthy methods (e.g., Google searches, dumpster diving)

Active Information Gathering / Probing

Determining what the target system is and what vulnerabilities it has (e.g., NMAP scans, SYN/FIN probes)

Reconnaissance

First phase of cyber attack — passive information gathering about the target

Scanning

Phase where attacker actively probes target to identify vulnerabilities

Gaining Access

Phase where attacker exploits vulnerabilities to enter the system

Maintaining Access

Phase where attacker escalates privileges and establishes backup access (rootkits, backdoors)

Covering Tracks

Final phase where attacker eliminates evidence (clears log files, registry entries)

Malicious Hacking

The illegal attempt to bypass security measures to steal, alter, or destroy data, or make systems unavailable

Computer Fraud and Abuse Act (CFAA)

18 U.S.C. § 1030 — U.S. law criminalizing unauthorized access to a protected computer

Ethical Hacking

Using malicious-hacker techniques with the owner's explicit permission to discover vulnerabilities and provide a remediation roadmap

Rules of Engagement (RoE)

A document governing what an ethical hacker is and isn't authorized to do; legally binding

Crypto-mining Malware

Malware that uses your computer and electricity to mine cryptocurrency

Ransomware

Malware that disrupts your computer/data and demands payment to restore access

Social Engineering

Manipulating people into giving up information or access; "hacking the human"

Phishing

Fraudulent emails that appear to come from a reputable source

Vishing

Voice-call phishing impersonating banks, IT support, or authority figures

Smishing

Phishing via SMS / text messaging, often with urgent links

Baiting

Social engineering using a reward or curiosity hook (free USB drives, fake prizes)

Quid Pro Quo

Social engineering offering a service/benefit (fake IT help) in exchange for access

Malware

Any program or code created with the intent to harm a computer or network

Virus

Malware that attaches to legitimate programs and spreads when executed

Worm

Self-replicating malware that spreads across networks without user action

Trojan

Malware disguised as legitimate software that hides malicious functions

Spyware

Malware that secretly monitors and reports user activity

Rootkit

Malware that hides the attacker's presence and survives reboots

Drive-by Download

Malware infection from visiting a compromised or lookalike website

Malvertising

Ads on legitimate sites that deliver malware, sometimes without a click

Stuxnet

2010 worm that crossed an air gap via USB to destroy ~1,000 centrifuges at Iran's Natanz facility

Air Gap

A security measure of disconnecting a system completely from outside networks

Supply Chain Attack

Compromising trusted software distribution (e.g., SolarWinds 2020 update)

Watering Hole Attack

Compromising a website frequented by the target group (e.g., NotPetya via Ukrainian tax software)

Credential Stuffing

Using stolen username/password pairs from one breach to try logging into other accounts

Password Guessing

Attempting to crack a password through repeated attempts; defended by complexity and lockouts

Password Manager

Software that generates and stores strong unique passwords for each account

Digital Footprint

The trail of data you leave behind online; a distributed puzzle of your behavior assembled by entities you may never interact with

Active Footprint

Data you intentionally share online (social media posts, registrations, emails, reviews)

Passive Footprint

Data collected without your action (cookies, IP/geolocation logging, device fingerprinting, ad profiles)

Something You Know

First authentication factor — knowledge-based (passwords, PINs, security questions); weakest factor

Something You Have

Second authentication factor — physical possession (hardware token, authenticator app, smart card)

Something You Are

Third authentication factor — biometrics (fingerprint, face scan, iris, voice); hardest to forge but cannot be changed if compromised

Multi-Factor Authentication (MFA)

Authentication that combines two or more of the three factors

Defense in Depth

Layered security strategy — if one defense fails, the next layer should stop the attacker

WPA3

Modern Wi-Fi encryption that creates a private encrypted tunnel between device and access point

Open Network

A wireless network with no encryption — packets travel through the air in cleartext, readable by anyone

Monitor Mode

A wireless card mode that captures all packets in range; used to eavesdrop on open networks

HTTPS

Encrypted web traffic that protects data even on open networks (though DNS queries can still be seen)

Asymmetry of Defense

Defenders must protect every entry point 100% of the time; attackers only need to find one mistake once

No Perfect Security

The principle that any usable system has risk; the goal is risk mitigation, not zero risk

Risk Mitigation

Making the cost of an attack higher than the value of the data so attackers move to easier targets

Internet of Things (IoT)

Network of physical devices that connect and exchange data over the internet

Sensing (NIST IoT Model)

A device that measures a physical property (GPS chip, accelerometer, microphone)

Aggregating (NIST IoT Model)

Software that transforms raw sensor data into usable information (app calculating walking speed from GPS)

Communication Channel (NIST IoT Model)

The medium used to move data (Wi-Fi, 5G, Bluetooth, cable)

External Utility (NIST IoT Model)

A service that processes the data, often "the cloud" (Google Maps servers, fitness database)

Decision Trigger (NIST IoT Model)

A conditional if-then statement that creates an outcome (IF near home, THEN unlock smart lock)

Default Settings

Factory-set credentials and configurations on new devices; the most vulnerable time in an IoT device's life

Patch

A software update that fixes security holes over time; critical for ongoing IoT security

Security-Convenience Tradeoff

The principle that increasing convenience in IoT typically decreases security and vice versa

Hallucination

When an LLM generates plausible-sounding but factually false information (e.g., made-up legal cases)

Bias (in AI)

When an LLM's outputs systematically favor certain perspectives, often due to training data

Lack of True Understanding

An LLM's inability to genuinely comprehend context, subtlety, or connect concepts the way humans do

Explainable AI

AI systems designed to show their reasoning ("show thinking") so users can validate outputs

Adversarial Testing

Rigorously testing AI on edge cases and difficult scenarios to improve reliability