Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Cyber Security
Coursera Online Course Foundations of Cyber Security
| Term | Definition |
|---|---|
| Threat Actor | Any person/group who represents a security risk |
| Compliance | Process of adhering to internal standards and external regulations, enables organizatinos to avoid fines and security breaches |
| Security Framework | guidelines for used for building plans to help mitigate risks/threats to data/privacy |
| Security Controls | Safeguards to reduce specific security risks. Used with security framework to make strong security posture |
| Security Posture | An organization ability to manage its defense of critical assets/data + react to change |
| Internal Threat | Can be current/former employee, a vendor, or trusted partner who poses a threat |
| Network Security | the practices of keeping on organizations network infrastructure secure for unauthorized access (data,services,systems) |
| Cloud Security | the process of ensuring that assets stored in the cloud are properly configured and access to them is limited to authorized users |
| Programming | A process that can be used to create a specific set of instructions for a computer to execute tasks |
| Incident Report | Cyber security analysts must follow established policy and procedure to respond to incidents appropriately |
| Identity Theft | The act of stealing personal info to commit fraud while impersonating the victim |
| Malware | Software designed to harm devices or networks. |
| Virus | Malicious code written to interfere with computer operations and damage data/software. |
| Worms | Malware that can duplicate and spread on its own. DO NOT NEED TO BE INITIATED BY THREAT ACTOR |
| Ransomware | malicious attack where threats actors encrypt an organization's data and demand $$ |
| Spyware | Malware used to gather and sell info without consent |
| Advanced Persistent Threats (APT) | have expertise accessing networks without authorization. Research targets and can remain undetected for long periods of time |
| Security Frameworks | guidelines used for building plans to help mitigate risk and threats |
| Security Life Cycle | a constantly evolving set of policies/standards that define how organizations manages risks, follows guidelines, and meets regulatory compliances+laws |
| Security Controls | Safeguards to reduce specific security risks |
| Splunk | A record of events that occur within an organizations systems |
| Security Info + Event Management (SIEM) Tool | An application that collects and analyzes log data to monitor critical activities in an organization |
| Splunk | data analysis platform provides SIEM solutions |
| Chronicle (Google) | A cloud native SIEM tool that stores security data for search+analysis |
| Playbook | Manuel for operational action |
| Protocol Analyzers (Packet Sniffer) | Used to capture/analyze data traffic within network (tcpdump + wireshark) |
| Programming | Used to created a specific set of instructions for a computer to execute tasks |
| Linux | Open source operating system |
| SQL | "Structured Query Language" create, interact with, and requests info from database |
| Python | Performs repetitive tasks |
| Antivirus Software | Program used to prevent, detect, and eliminate malware/virus |
| Intrusion Detection System (IDS) | App monitors system activity, alerts to possible intrusions |
| Encryption | process of converting data from readable format to cryptographically encoded |
| Encoding | Uses public conversion algorithm to enable systems with different data reps. to share inof |
| Penetration Testing | "pen testing" A simulated attack to help identify vulnerabilities |
| Cyber Threat Framework (CTF) | provides common language for describing and communication info about cyber threat activity |
| International Organization for Standardization/ International Electrotechnical commission (ISO/ IEC) 27001 | Allows organizations to manage security assets |
| NIST (National Institute of Standards + Tech) CSF (cybersecurity framework) | A voluntary framework that consists of standards, guidelines and best practices to manage risks |
| OWASP | Open Web Applications Security Principles |
| Common SIEM tools | 1) Self-hosted 2)CLoud-hosted 3)Hybrid Solution 4) Splunk Enterprise 5)Splunk Cloud 6)Google Chronicle |
| Incident Response | An organizations quick attempt to identify an attack, contain damage, correct effect |
| Hub | Network device that broadcasts info into every device on the network |
| Switch | Device that makes connection with specific devices on networks by sending/receiving data between them |
| Router | Network device connects multiple networks together |
| Modem | Device that connects router to internet, brings internet to LAN |
| Virtualization Tools | pieces of software that performs network operations (offered by cloud service providers) |
| Network Devices | Maintain information and services for users of a network |
| Data Packets | Provide information about source and destination of data |
| Firewall | 1st defense. Monitors traffic in/out of your network, can also restrict in/out traffic |
| Servers | Provide info/services |
Created by:
user-1930663
Popular Public Safety sets