19. Course Recap
Course Recap
ND545 C02 L04 A15 Course Overview V2
Great job on finishing this course! Now it's on to the project!
*As a side note, this course is a foundational course that is meant to help build the knowledge to become job-ready, but you will likely need additional training and/or coursework in order to obtain a job in this field. These foundations will set you up for success going forward and are vital to your success in this field. *
Course Key Terms
| KeyTerm | Definition |
|---|---|
| 7-zip | is a free and open-source file archiver, a utility used to place groups of files within compressed, encrypted containers known as "archives". |
| 777 Permissions | Is a level of Linux permissions that means making the file readable, writable and executable by everyone. |
| Algorithm | a process or set of rules to be followed in calculations or other problem-solving operations, especially by a computer. |
| Asymmetric Encryption | is a cryptographic system that uses pairs of keys. Public keys, which may be disseminated widely, and private keys, which are known only to the owner. |
| Authentication | the process or action of verifying the identity of a user or process. |
| Automation | is the application of technology in the form of applications or processes to perform tasks, generally repetitive or time-consuming, with minimal human input. |
| Bitlocker | is a full volume encryption feature included with Microsoft Windows. |
| Blacklist | In computing, a blacklist, denylist or blocklist is a basic access control mechanism that allows through all elements except those explicitly mentioned. Those items on the list are denied access. |
| Certificate Authority | is a an organization that acts to validate identities and bind them to cryptographic key pairs with digital certificates. |
| Ciphertext | is encrypted text modified from plaintext using an encryption algorithm. |
| Collision | is a situation that occurs when two distinct pieces of data have the same hash value. |
| Daemons | is a computer program that runs as a background process, rather than being under the direct control of an interactive user. |
| Data at rest | means inactive data that is stored physically in any digital form. |
| Data in transit | also referred to as data in motion, is defined into two categories, information that flows over the Internet and data that flows in the confines of a private network. |
| Detection | if an adversary does get past our defenses we want to know! |
| Encryption | is the process that converts plaintext, or text that can be read by anyone, into ciphertext and it can only be read by the person who has the secret code, or decryption key. |
| File Hash | is the process of using an algorithm for verifying the integrity of a computer file. |
| Firewall | is a network device that monitors and controls incoming and outgoing traffic. |
| Firmware | is a software program or set of instructions programmed on a hardware device |
| Framework | A set of agreed-upon policies, procedures, and processes that define how information is managed. |
| Intrusion Detection System | is a device or application that monitors traffic for malicious activity or policy violations. |
| Next Gen Firewall | is a network security device that provides capabilities beyond a traditional, stateful firewall. While a traditional firewall typically provides stateful inspection of incoming and outgoing network traffic, a next-generation firewall includes additional features like application awareness and control, integrated intrusion prevention, and cloud-delivered threat intelligence |
| NIST CSF | The Framework is voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. |
| NIST-800 | NIST’s 800 series presents information of interest to the computer security community. The series comprises guidelines, recommendations, and technical specifications. |
| PII | Personally identifiable information is any data that could potentially be used to identify a particular person. Examples include a full name, Social Security number, driver's license number, bank account number, passport number, and email address. |
| Plaintext | data that represent only characters of readable material. |
| Prevention | which is what most people think when it comes to Cybersecurity. Keep the bad guys out! |
| Principle of Least Privilege | is the idea that at any user, program, or process should have only the bare minimum privileges necessary to perform its function. |
| Public Key Infrastructure | is a technology for authenticating users and devices. The basic idea is to have one or more trusted parties digitally sign documents certifying that a particular cryptographic key belongs to a particular user or device. |
| Repository | is a central location in which data is stored and managed. |
| Response | These are the actions or mitigation, we take based on the detection. |
| Scalability | is the ability of a computing system to grow or expand gracefully. |
| SCCM | System Center Configuration Manager is a systems management software product developed by Microsoft for managing large groups of computers running Windows. |
| Vulnerability Scanning | is an automated threat that uses bots or web crawlers to identify security weaknesses in your website and underlying architecture. |
| WhoIs | WHOIS isn't an acronym, though it may look like one. In fact, it is the system that asks the question, who is responsible for a domain name or an IP address? In other words, it's the contact information for IP addresses and Websites. |
| WSUS | Windows Server Update Services is a computer program and network service developed by Microsoft Corporation that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. |
| Yum | Yellowdog Updater, Modified is a free and open-source command-line package-management utility for Linux. It allows for automatic updates and package and dependency management. |