Cybersecurity Fundamentals

Question 1

Encryption

Accepted Answer

Converting data into coded form to prevent unauthorized access; reversible with a key

Question 2

Symmetric Encryption

Accepted Answer

Same key for encryption and decryption (e.g., AES); fast but requires secure key exchange

Question 3

Asymmetric Encryption

Accepted Answer

Public key encrypts, private key decrypts (e.g., RSA); enables secure key exchange

Question 4

Hashing

Accepted Answer

One-way function producing fixed-size output from any input; SHA-256, bcrypt; not reversible

Question 5

Phishing

Accepted Answer

Social engineering attack using fraudulent emails/sites to steal credentials or data

Question 6

Malware

Accepted Answer

Malicious software: viruses, worms, trojans, ransomware, spyware

Question 7

Ransomware

Accepted Answer

Malware that encrypts victim's files and demands payment for decryption key

Question 8

Firewall

Accepted Answer

Network security system that monitors and filters traffic based on security rules

Question 9

Two-Factor Authentication (2FA)

Accepted Answer

Requires two different forms of verification: something you know, have, or are

Question 10

SQL Injection

Accepted Answer

Attack inserting malicious SQL into input fields to manipulate databases

Question 11

XSS (Cross-Site Scripting)

Accepted Answer

Attack injecting malicious scripts into web pages viewed by other users

Question 12

DDoS Attack

Accepted Answer

Distributed Denial of Service; overwhelming a server with traffic from multiple sources

Question 13

Zero-Day Vulnerability

Accepted Answer

Security flaw unknown to the vendor with no available patch

Question 14

VPN

Accepted Answer

Virtual Private Network; encrypts internet traffic through a secure tunnel

Question 15

Social Engineering

Accepted Answer

Manipulating people into divulging confidential information or performing actions

Question 16

CIA Triad

Accepted Answer

Confidentiality, Integrity, Availability — three core principles of information security

Question 17

Penetration Testing

Accepted Answer

Authorized simulated attack to identify security vulnerabilities

Question 18

Brute Force Attack

Accepted Answer

Trying all possible combinations to crack passwords or encryption

Question 19

Man-in-the-Middle Attack

Accepted Answer

Attacker secretly intercepts and possibly alters communication between two parties

Question 20

Digital Certificate

Accepted Answer

Electronic document verifying the identity of a website or entity; issued by Certificate Authority

Question 21

Least Privilege Principle

Accepted Answer

Users should have only the minimum access necessary to perform their duties

Question 22

Patch Management

Accepted Answer

Process of applying software updates to fix vulnerabilities and improve security

Question 23

Incident Response

Accepted Answer

Planned approach to detecting, containing, and recovering from security breaches

Question 24

OWASP Top 10

Accepted Answer

List of the 10 most critical web application security risks, updated regularly

Cybersecurity Fundamentals

Card Preview

Preview Complete!