1. Whatis a firewall? firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules, 2.Whatis phishing? Phishing isa tyoe of cyber attack where attackers pose as trusted entities to trick victims into revealing sensitive information such as usernames, oasswords, or credit card details. 3, Whatis a VPN and why is it used? AVPN, or Virtual Private Network, is a service that creates 2 secure, encrypted connection over a less secure network, such as the internet. It is used to protect user privacy and data integrity. 4, Whatis a DDoS attack? Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal functioning of a network. service, or website by overwhelming it with 2 flood of internet traffic. 5, What is ransomware? Ransomwareis a type of malware that encryptsa victim's files. The attacker then demandsa ransom from the victim to restore access tothe data upon payment. 6, What is two-factor authentication (2FA)? 2FAisa security measure that requires two types of identification before granting access to an account. This could be something you know (ikea password), something you have (ikea smartphone), or something you are likea fingerprint). 7.What is a honeypot? Ahoneypot is a computer system used as 2 decoy to lure cyber attackers and to detect. deflect, or study hacking attempts to gain unauthorized access to information systems. 8, What is encryption? Encryption is a process that converts readable data into an unreadable format to prevent unauthorized access. 9, What is an Intrusion Detection System (IDS)? IDSs a device or software application that monitors a network or systems for malicious activity or policy violations. 10. What is the difference between IDS and IPS? IDSis a passive system that scans network traffic and alerts youit it detects 2 threat, whereas an Intrusion Prevention System (IPS) is active and can block potential threats,Social engineering is 2 method of tricking people into givingup confidential information. The types of information these criminals sek can vary, but often, attackers are looking for login credentials ‘or personal information that they can use for identity theft. 12. What is a Zero-Day vulnerability? zero-day vulnerability isa software flaw that has been, discovered but has not yet been patched by the vendor. Attackers ‘can exploit these vulnerabilities to compromise systems or data. 13, What is a botnet? A botnets a network of private computers infected with malicious software and controlled as a group without the owners’ knowledge often used for DDoS attacks. 414, What is a Trojan? A Trojanis a type of malware that s disguised as legitimate software. Once activated, it can give cybercriminals remote access, tothe victim's system. 15, What is Patch Management? Patch management is the process of distributing and applying, updates to software. These patches can improve security or enhance functionality. 16. What is the principle of least privilege (POLF)? The principle of least privilege is a computer security concept in Which a user is given the minimum levels of access necessary to ‘complete his/her job functions. 17. What is endpoint security? Endpoint security is the practice of securing endpoints or entry points of end-user devices such as computers and mobile devices from being exploited by malicious actors and campaigns. 18,Whatis multi-factor authentication (MFA)? MFAis a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.19. What is Public Key Infrastructure (PKI)? P&I sa set of roles, policies, hardware, sofware, and procedures needed to create, manage. distribute, use, store, and revoke digital certificates and manage public-key encryption. 20. What is a brute force attack? Abrute force attacks a triakanc-error method used to obtain information such as a user password or personal identification number (PIN). 21. What is an SSL Certificate? ‘SSL certificate is a digital certificate that provides authentication for a website and enables an encrypted connection. 22. What are the three main types of cybersecurity controls? The three main types of cybersecurity controls are physical, technical, and acminsstrative controls. 23, What is Cross-Site Scripting (XSS)? XSS isa type of security vulnerability typically found inweb applications that enables attackers to inject malicious scriptsinto web pages viewed by other users. Aigital signature is a mathematical technique used to validate the authenticity and integrity of a message, software, or digital document.25, What is the CIA triad in cybersecurity? CIA stands for Confidentiality, Integrity, and Availability- the three main objectives of information security. 26, What are some common cybersecurity frameworks? ‘Common cybersecurity frameworks include the NIST Cybersecurity Framework, 150 27001/27002, CIS Critical Securty Controls, and PCI DSS. 27. What is DNS Spoofing? DNS spoofing is @ type of cyber attackwhere an attacker redirects ‘the website traffic from legitimate servers to fake ones. 28, What is the difference between threat, vulnerability, and risk? Threat is anything thet can exploit a vulnerabilty to breach security and cause harm. Vulnerability isa weakness in a system that can be exploited, Risk is the potential for loss, damage or destruction as a result ofa threat exploiting a vulnerability. 29, What is Secure Socket Layer (SSL) and how does it work? SSL is a standard security technology for establishing an encrypted link between server and a client. It works by using two keys to encrypt data, a public key known to everyone and a private orsectet key exclusive to the recipient of the message, 30, What are some best practices for password security? Use complexand unique passwords. change them regularly. do. ot reuse passwords, and use a password manager to store them securely.31, What is a Man-in-the-Middle (MitM) attack? MitM is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. 32, What is a cybersecurity risk assessment? A cybersecurity risk assessment identifies the various information assets that could be affected by a cyber attack, measures the risk, and provies recommendations for management. 33, What is a white hat hacker? [Awhite hat hacker is an ethical computer hacker who specializes in penetration testing and other testing methodologes to ensure the security of an organization's information systems. 34, What is SQL injection? 5QL injection is a code injection technique that might destroy your database. It is one of the most common web hacking techniques. 35, What is a Cyber Threat intelligence? Cyber Threat Intelligence involves the collection and analysis of information about potential attacks currently threatening the safety of an organization's information infrastructure. 36, What is a data breach? A data breach Is an incident where information is stolen or taken from a system without the knowledge or authorization of the system's owner. 37. What are the key elements of an incident response plan? kay elements include preparation, identification, containment, eradication, recovery, andlessonslearned. © 47 4,38, What is the purpose of a risk assessment in cybersecurity? ‘The purposeis to identity, assess, and prioritize risks to ‘organizational operations and assets resulting from the operation and use ofinformation systems, 39, What is symmetric and asymmetric encryption? ‘symmetric encryption uses a single key for encryption and decryption, Asymmetric encryption uses different keys for encryption and decryption. 40, What is a cybersecurity audit? A cybersecurty audits a systematic evaluation of an organization's cybersecurity policies, procedures, and their effectiveness. 41, What is a logic bomb? A logic bombis a piece of code intentionally inserted into a software system that will set offa malicious function when specified conditions are met. 42, What are some types of malware? Types of malware include viruses, worms, Trojans, ransomware, adware, and spyware, ‘43, What is the role of a Security Operations Center (SOC)? ‘An SOC within an organization is responsible for continuous surveillance, detection, assessment, and defense against cybersecurity attacks. 44, What is the darknet? The darknet is a part of the internet that isn't indexed by search ‘engines and is accessed using specific software like Tor where users can operate with relative anonymity.45, What is the difference between black box, white box, and gray box testing? Black box testing doesn't require any knowledge of internal workings, structures orimplementation, White box testing, on the other hand, tests internal structures or workings of an application, a5 opposed toits functionality. Grey boxis a combination of both. 46, What is the difference between a virus and a worm? A virus attaches itselfto a program and requires user intervention to spread, while a worm is standalone and cen propagate itself over ‘a network withouthuman intervention. 47.What Cyber resilience is the abiity to prepare for, respond toand recover from cyber attacks. 48, What Is a sandbox in cybersecurity? A sandbox isa security machanism for separating running programs. itis often used to execute untested or untrusted programs or code. 48, What is HTTPs and how does it differ from HTTP? HTTPs stands for HyperText Transfer Protocol Secure. Itis the secure version of HTTP. The'S' at the end of HTTP stands for "Secure' which means that all communications between your browser and the website are encrypted. 50. What is anethical hacker? An ethical hackeris a computer and networking expertwho systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially explot.‘51. What is steganography in cybersecurity? ‘Steganography is the practice of concealing a fle, message, image, or video within ancther file, message, image, or video. 52. What is a packet sniffer? |A packet sniffer is a tool that captures all data packets that pass through a network. '53, What is data loss prevention (DLP)? DLPis a set of tools and processes used to ensure that sensitive data isnot lost misused, or accessed by unauthorized users. 54, What are Advanced Persistent Threats (APT)? APTs are complex, stealthy threats that often go unnoticed for an extended period and are often orchestrated by groups with the resources and skills to target specific information and organizations. '55, What is incident response in cybersecurity? Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack. 36, What is digital forensics? Digital forensics isa branch of forensicscience focused on recovery and investigation of material foundin cigital devices, often related to computer crime. '57.What is a port scan? Aport scan isa method used by attackers to find systems with ‘open ports and services that these ports are associated with,‘58, What is SIEM? SIEM (Security Information anc Event Management) isa set of tools and services offering a holistic view of an organization's information security. 59, What is shoulder surfingin cybersecurity? Shoulder surfing is a type of social engineering technique where the attacker collects information by looking over someone's shoulder, for example, to gather passwords, PINs, security codes, and similar data. ‘60. What are the OSI and TCP/IP models? (OSI (Open Systems Interconnection) model is a conceptual model that characterizes and standardizes the communication functions ofa telecommunication or computing system without regard to its underlying internal structure and technology. The TCP/IP modelis a suite of communication protocols used to interconnect network devices on the intemet. 61. What is network security? Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware. 62, What is cloud security? Cloud security involves the procedures and technology that secure cloud computing environments against both external and insider cybersecurity threats.62, What is an SSLTLS handshake? ‘An SSL/TLS handshake is a series of communications that establish a secure connection between a web server anda browser. 64, What is penetration testing? Penetration testing is a type of security testing used to uncover vulnerabilities, threats, risks in 2 software application, network or web application that an attacker could exploit. 65, What is a computer virus? A computer virus is a type of malicious sofware program (malware’) that, when executed, replicates itself by modifying ‘other computer programs and inserting its own code. ‘06. What is cryptography? Cryptography is the practice and study of techniques for secure ‘communication in the presence of third parties. 67. What is a false positive in cybersecurity? A false positive in cybersecurity is when a security system incorrectly classifies an event of action as suspicious or malicious. 68, What are some indicators of compromise (IOC)? IOCs are pieces of forensic data, such as data found in system log, entries or files, that identify potentially malicious activity on 2 system ornetwork 68, What is a rootkit? A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that isnot otherwise allowed.70. What are some common methods to prevent a data breach? Common methods include encrypting sensitive data, educating ‘employees on security protocols, regularly updating and patching, systems, and implementing strong access control measures. 71. What are some best practices for mobile device security? Best practices include installing security apps, enablingremote wiping, avoiding public Wi-Fi, updating the opersting system regularly, and only downloading apps from trusted sources. 72.What are the common ways to authenticate a user? Common methods include passwords, two-factor authentication, digital certificates, biometrics, and smart cards. 73, What is a cyber kill chain? ‘The cyber kill chain isa series of steps that trace stages of a cyber, attack from the early reconnaissance stage to the ex‘ltration of data, 74, Whatiis a cybersecurity policy? A cybersecurity policy outlines the guidelines and procedures for maintaining cybersecurity within an organization. 75, What are security controls? Security controls are safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets. 76. What isa proxy server? A proxy server is a server that actsas an intermediary for requests from clents seeking resources from other servers.77.What is spear phishing? ‘Spear phishing is an email targeted towards a specificindividual, ‘organization or business. The purpose is to steal sensitive information like crecit card and login information, or to install malware onthe victim's machine. 78, What is the purpose of cybersecurity? ‘The purpose of cybersecurity isto protect internet-connected systems, including hardware, software, and data, from cyber attacks. 79. What is cybersecurity awareness training? Cybersecurity awareness training is ongoing education that provides employees with relevant information and tests of their ‘cyber-awareness by coveringall aspects of data security and regulatory compliance. ‘80. What is full-disk encryption? Full-cisk encryption is a cryptographic method of encrypting all data on a hard drive used to boot a computer, including the system and swap files, 81. What is a backdoor in cybersecurity? Abackdoor isa method, often secret. of bypassing normal authentication or encryptionin a computer system, a product, or an embedded device. ‘82, What are some cybersecurity best practices? Best practicesinclude strong password use, use of multifector authentication, keeping software and systems updated, regular data backups, avoiding phishing scams, and training and awareness programs.‘83, What isan IP address? An IP address is a unique string of numbers and/or letters that identifies each device connected to s network. ‘84, What is a VPN and how does it work? A Virtual Private Network (VPN) extends a private network across ‘a public network, enabling users to send and receive data as iftheir computing devices were directly connected to the privatenetwork. \VPNS encrypt the data that s sent over the internet, providing enhanced security. ‘85, What isa private and public key in cryptography? A public key is freely available and is used to encrypt data, and a private key is kept secret by the user and is used to decrypt the data. ‘86, What are some types of physical security controls? ‘These include barriers, locks, security guards, CCTV systems, lighting, and intrusion detection systems, 87. What is multi-factor authentication? Mult-factor authentication is a method of confirming users’ claimed identities by using a combination of two different factors: 1) something they know, 2) something they have, or 3) something they are. ‘88, What is cyber threat hunting? (Cyber threat hunting involves proactively and iteratively searching through networks or datasets to detect and isolate advanced threats that evade existing security solutions.‘89, What is privilege escalation? Privilege escalation is the act of exploiting a bug, design flaw, or configuration errorin an operating system or software application to gain elevated access to resources that should be unavailable toa user. 190, What are some different types of cyber attacks? Different types include phishing attacks, malware attacks, man-in- the-middle attacks, DoS and DDoS attacks, SQL injection attacks, and zero-day exploits. 91. What is the difference between hashing and encryption? Hashing is used to validate the integrity of content by detecting all modifications, meanwhile, encryption is used to maintain data confidentiality and requires the use of a key to transform the data back into its original form. 92. What is a zombie computer? Azombie computer, or bot, isa computer that has been ‘compromised by a hacker and is used to perform malicious tasks under remote direction. 93, What is two-factor authentication? Two-factor authentication is a security processin which the user provides two different authentication factors to verify themselves. 94, What is a honeypot in cybersecurity? ‘Ahoneypot isa computer or computer system intended to mimic likely targets of cyberattacks to detect. deflect, or study hacking attempts. @ 61 Ln Ott OM95, What is the role of encryption in maintaining data confidentiality? Encryption transforms data into a form that can only be read by ‘someone who possesses the decryption key. Itis akey elementin ensuring data confidentiality. 96, What isa DDoS attack? A Distributed Denial of Service (OD0S) attackis an attempt to make an online service unavailable by overwhelming rtwith traffic from multiple sources. 97.What is firewall? A firewallis a network security device that monitors and controls, incoming and outgoing network traffic based on an organization's previously established security policies. ‘98, What is phishing? Phishing isa type of social engineering attack often used to steal user deta, includinglogin credentials and credit card numbers. 99, What is ransomware? Ransomwareis a type of malicious software designed to block access to a comouter system until a sum of money is paid. 4100. What is the principle of least privilege (POLP)? ‘The principle of least privilege is a computer security concept in which a user is given the minimum levels of access necessary to ‘complete his/her job functions. © 56 Hozv.01:41 PN