This class was created by Brainscape user Spirit Writer. Visit their profile to learn more about the creator.

Decks in this class (89)

(1)CyberSecurity Objectives
What are the three objectives of ...,
In the cia triad describe confide...,
In the cia triad describe integri...
5  cards
(1)Privacy Vs. Security
How does privacy differ from secu...,
Other than protecting the securit...,
There is an important concept to ...
7  cards
(1)Evaluating Security Risks
What is so important about cybers...,
What does a well constructed cybe...,
What are three terms that a risk ...
12  cards
(1)Identify Threats
How do organizations start their ...,
What four categories of threats d...,
What are adversarial threats
13  cards
(1)Identify Vulnerabilities
After threat identification what ...,
After threats and vulnerabilities...,
When factoring in the likelihood ...
7  cards
(1) Controls Review
What do cybersecurity professiona...,
What are technical controls
6  cards
(1)Secure Network Construction
What do network access control na...,
What is the 8021x protocol what a...,
In the 802 1x protocol what is a ...
9  cards
(1) Firewalls and Securing the Outer Edges of the Network
Where do network firewalls reside...,
Where does network access control...,
If a firewall is triple homed wha...
13  cards
(1)Common TCP Ports
What port does file transfer prot...,
What port does secure shell ssh use,
What port does telnet use
17  cards
(1)Segmentation of Networks
Firewalls use network segmentatio...,
When it comes to network segmenta...,
If you had a server that had secu...
6  cards
(1)Defense Through Deception
What are honeypots,
What are honeypots used for,
What are dns sinkholes
5  cards
(1) Secure Endpoint Management
What is a very important way that...,
When a system admin hardens a con...,
What is patch management
8  cards
(1)Penetration Testing
What is penetration testing,
When conducting a penetration tes...,
Who conducts penetration tests
7  cards
(1) Planning a Pentest
What are the three critical compo...,
Within the components of a planne...,
Within the components of a planne...
4  cards
(1) Pentest (Conducting Discovery and execution)
What do pentesters do during the ...,
When conducting discovery what ou...,
What do pentesters do during the ...
9  cards
(1)Pentest Review/Alternatives to Pentests
What happens after a pentest is done,
Why is the pentest report so impo...,
Other than basic information abou...
8  cards
(1)Reverse Engineering
What is reverse engineering,
What do security professionals us...,
What is one of the most dangerous...
8  cards
(1) Software/Hardware of Reverse Engineering
How do analysts that are trying t...,
How does a reverse engineer deter...,
Compared to software engineering ...
3  cards
(1) Reverse Engineering of Hardware
1  cards
(1)Efficiency and the improvement of processes
What do very well run cybersecuri...,
What is the importance of standar...,
Once a standardized process is in...
6  cards
(1)Tools and Tech and their Integrations
What are two ways that companies ...,
How can application programming i...,
What are webhooks
5  cards
(1)Efficiency ideas in Incident Response Processes
What are three normal parts of th...,
Are there possibilities to bring ...,
How can information security team...
5  cards
(2) Concepts of the Design of Infrastructure
What is serverless computing,
What are the advantages of server...,
What is virtualization
12  cards
(2)Concepts of Operating Systems
What is a great way to secure a s...,
How can security practitioners re...,
What do organizations have to rem...
20  cards
(2) Logging, Logs, and Log Ingestion
Why is time synchronization so im...,
In terms of network device log fi...,
Why is the log level that is set ...
3  cards
(2) Network Architecture
What is included in the term on p...,
Since cloud services don t normal...,
Type of security controls do infr...
21  cards
(2) Identity and Access Management
Define an identity,
What do user accounts require,
What are some attributes that are...
27  cards
(2) Federated ID Tech
What is security assertion markup...,
What does security assertion mark...,
What does security assertion mark...
16  cards
(2) Encryption and the Protection of Important Data
Why is it important to know when ...,
What are the major parts of publi...,
What is a certificate revocation ...
8  cards
(3) Analyzing Network Events
What is router based monitoring,
What type of technologies are net...,
How does simple network monitorin...
11  cards
(3) Common Network Issue Detection
What are some tools that can be u...,
What is beaconing,
How difficult is it to identify b...
13  cards
(3) Detecting DoS and DDoS attacks
How can a dos attack from a singl...,
How likely are single system dos ...,
When it comes to ddos attacks wha...
12  cards
(3) Host Related Issue Investigation
Describe a few system resource mo...,
In terms of host related issues w...,
How should memory consumption be ...
16  cards
(3) Malicious processes, malware and software that is not authorized
What important methods are normal...,
In terms of useful tools for dete...,
In terms of useful tools for dete...
4  cards
(3) Operating System Behavior that is not good
What can not normal behavior on a...,
What windows system tools are use...,
When it comes to not normal os pr...
4  cards
(3) Not allowed access, privileges and changes and data theft
In terms of most threats to syste...,
Describe the tug of war between s...,
What types of tools should be inv...
17  cards
(3) Social Engineering Shtuff
What does social engineering dete...,
What is a common social engineeri...
2  cards
(3) Service and App Related Issue Investigations
What common monitoring areas can ...,
Explain where application logs fi...,
What does a security professional...
13  cards
(3) Tools and Techniques that help figure out Malicious Activity
What are the most important point...,
When a security professional need...,
Once a security professional asse...
16  cards
(3) Common Techniques For Analyis And E-mail Research
What is pattern recognition,
What is a common focus for patter...,
What are a few patterns that one ...
14  cards
(3) Attacks On E-mail And E-mail Security Tools
What are the most common e mail a...,
What are the goals of e mails tha...,
What do impersonation e mails oft...
8  cards
(3) File Analysis And Sandboxing
What makes it difficult to analyz...,
Describe how hashing can be used ...,
Describe how manually searching f...
7  cards
(3) Analysis Of User Behavior And Data Formats
What is user behavior analysis,
What is abnormal account activity,
Hhhh
7  cards
(3) Expressions That Are Regular And Grep
What is a frequent task for secur...,
Describe the c i and n flags in grep,
Describe the v r and e flags in grep
11  cards
(4) Proprietary Intelligence and/Accessing Threat Intelligence
Describe closed source intelligence,
Why use closed source intelligenc...,
When considering threat intellige...
9  cards
(4) Intelligence Cycle and Threat Intelligence Community
What is the threat intelligence l...,
Describe what needs to happen dur...,
Describe the data collection proc...
8  cards
(4) Proactive and Focused Threat Hunting
What are the main steps to proact...,
During proactive threat hunting,
During the threat hunting process...
9  cards
(4) Indicators Of Compromise And Tools And Techniques Of Threat Hunting
What are indicators of compromise...,
What are three points that are in...,
In terms of indicators of comprom...
8  cards
(5) Active Reconnaissance, Mapping, And Discovery
What is host enumeration used for,
How is host enumeration completed,
What is used for asset discovery
9  cards
(5) Pings, Port Scans, And Device Fingerprinting
What is the ping command,
What do we need to remember about...,
What is hping
11  cards
(5) Service/Version ID, Common Tools
Why is service identification imp...,
What are the two typical ways tha...,
What is maltego
25  cards
(5) DHCP Logs Server Config Files
How are dhcp logs useful in passi...,
Where are dhcp logs found in linux,
What do router and firewall confi...
7  cards
(5) DND And WhoIs
What is nslookup,
What does the query flag do,
What does tracert allow you to do...
13  cards
(6) Regulations and Corporate Rules
What is the payment card industry...,
What details are including in the...,
What is the federal information s...
9  cards
(6) Scheduling Scans and Scan Types
What do security professionals de...,
What factors influence how often ...,
What considerations must cybersec...
6  cards
(6) Conducting Vulnerability Scans
What questions do orgs ask when t...,
What do admins have to do as they...,
What do vulnerability management ...
13  cards
(6) Remediation Flow
What is the remediation workflow,
How should the remediation workfl...,
What options do network admins ha...
15  cards
(6) Tools Of Vulnerability Assessments
What are the two most important s...,
What is scout suite,
What is pacu
11  cards
(7) CVSS Common Vulnerability Scoring System
What is the common vulnerability ...,
What do the first four measures o...,
In the common vulnerability scori...
20  cards
(7) Scan Result Validity
What is it when a scanner reports...,
What is it called when a vulnerab...,
When a vulnerability reports an a...
10  cards
(7) Vulnerabilities, Overflows, Escalation
Describe security patches what sh...,
What is a buffer overflow attack,
What is an integer overflow
13  cards
(7) Infrastructure and Op Tech
What are examples of operational ...,
What are injection flaws,
What is a sql injection attack
19  cards
(7) Authentication Failures
What is password spraying,
What is credential stuffing,
What are impersonation attacks
7  cards
(8) Risk and Risk Assessments
What is the formula for risk seve...,
What is risk avoidance,
What is risk transferrence
8  cards
(8) Threats and the Compute Environment
What is adversary capability,
What is an attack vector,
What is threat modeling based off of
9  cards
(8) Phases in the Dev of Software
During the sdlc what is the feasi...,
During the sdlc what is the analy...,
During the sdlc what is the desig...
18  cards
(8) DevOPS/SecOps
What is devops,
How is devops conducted,
What is devsecops
8  cards
(8) Securely Coding
When it comes to secure coding is...,
When it comes to secure coding is...,
When it comes to secure coding is...
10  cards
(8) Best Practices For Coding
In terms of secure coding best pr...,
In terms of secure coding practic...,
In terms of secure coding practic...
6  cards
(8) Secure Software Testing
What is static code analysis,
What is dynamic code analysis,
What is fuzzing
16  cards
(8) Policies
What are policies,
What is an information security p...,
What is an acceptable use policy aup
10  cards
(8) Standards And Procedures
What are technology standards wit...,
What are the three things that po...,
We know what procedures are but w...
6  cards
(8) Guidelines And Exceptions
In terms of an information securi...,
What else should orgs include in ...,
What should compensating control ...
3  cards
(9) Security Incident Definitions
What is an event,
What is an adverse event,
What is a security incident
12  cards
(9) Detection And Analysis
According to nist 800 61 describe...,
According to nist 800 61 describe...,
According to nist 800 61 describe...
9  cards
(9) Contain, Eradicate, Recover
What does the computer security i...,
What is the high level goal of th...,
Once the incident is resolved nam...
9  cards
(9) Incident Response Building
When building an incident respons...,
What should the incident response...,
Summarize the key elements that n...
11  cards
(9) Incident Threat Classification
Describe the attrition attack vector,
Describe the web attack vector,
Describe the impersonation attack...
6  cards
(9) Impact Scope
Describe the scope of impact and ...,
What is functional impact,
What are the nist functional impa...
8  cards
(9) Frameworks Of Attack
What is the mitre att ck framework,
What do the att ck matrices include,
What is the diamond model of intr...
16  cards
(10) Indicators Of Compromise Definitions_Concepts
In terms of indicators of comprom...,
What are common outbound traffic ...,
How can resource utilization be a...
10  cards
(10) Unusual DNS, IoCs, And Evidence
Considering unusual dns traffic w...,
Describe how indicators of compro...,
When it comes to forensic evidenc...
4  cards
(11) Isolation, Removal, Identifying Attackers
What does it mean to isolate a sy...,
What is removal as a response str...,
Why is removal of a system not fo...
8  cards
(11) Data Integrity Validation
What specific activities need to ...,
What change management processes ...,
What changes to the incident resp...
6  cards
(12) Reporting Vulnerabilities
What should vulnerability reports...,
What options are available for vu...,
What is important about vulnerabi...
9  cards
(12) Incident Reporting
Describe the importance of stakeh...,
When an incident is detected and ...,
What should orgs do as far as leg...
12  cards
(13) Forensic Toolset Building
What record keeping components sh...,
Describe the ins and outs of crea...
17  cards
(13) Cloud, Container, and Virtual Forensics
How do cloud and other virtual fo...,
Describe the procedural differenc...,
What considerations need to be ma...
18  cards
(13) Acquiring data and imaging systems
What type of data or events may r...,
What cautions do you need to obse...,
What other data types may be need...
9  cards

More about
Practice

  • Class purpose General learning

Learn faster with Brainscape on your web, iPhone, or Android device. Study Spirit Writer's Practice flashcards now!

How studying works.

Brainscape's adaptive web mobile flashcards system will drill you on your weaknesses, using a pattern guaranteed to help you learn more in less time.

Add your own flashcards.

Either request "Edit" access from the author, or make a copy of the class to edit as your own. And you can always create a totally new class of your own too!

What's Brainscape anyway?

Brainscape is a digital flashcards platform where you can find, create, share, and study any subject on the planet.

We use an adaptive study algorithm that is proven to help you learn faster and remember longer....

Looking for something else?

CYSA+ 003
  • 3 decks
  • 22 flashcards
  • 1 learners
Decks: 1st Day, 2nd Day, 3rd Day, And more!
CySA+
  • 7 decks
  • 569 flashcards
  • 5 learners
Decks: Jasondion Practice Exam 5, Jasondion Practice Exam 4, Jasondion Practice Exam 3, And more!
CySA+ 003
  • 4 decks
  • 73 flashcards
  • 1 learners
Decks: General, Osint Dedicated Tools, Osint Command Line Tools, And more!
Cysa +
  • 2 decks
  • 193 flashcards
  • 38 learners
Decks: Cso 002, Cso 002 Part 2, And more!
Make Flashcards