Describe these security terms: Principle of least privilege, risk scoring/risk weighting, risk reduction, risk assessment. Understanding Cisco Cybersecurity Fundamentals (210-250) Principle of Least Privilege The principle of least privilege states that a user should only be granted the least amount of rights to do their job. By limiting the rights of users, the amount of […]

Read More »

Describe these terms: Threat actor, run book automation, chain of custody, reverse engineering, sliding window anomaly detection, PII and PHI. Understanding Cisco Cybersecurity Fundamentals (210-250) Threat Actor A threat actor is the individual or group that performs the attack or security incident. Several types of threat actors exist. Script kiddies: Uses existing scripts to hack […]

Read More »

Compare and contrast these concepts: Risk, Threat, Vulnerability, and Exploit. Understanding Cisco Cybersecurity Fundamentals (210-250) Risk: the possibility that something bad will happenThreat: any potential danger to a security assetVulnerability: exploitable weakness in a system or designExploit: software or commands that take advantage of a vulnerability Risk is the possibility of a vulnerability being exploited. […]

Read More »

Describe the principles of the defense in depth strategy  Understanding Cisco Cybersecurity Fundamentals (210-250) Defense in depth uses a layered approach to security. Each layer by itself is not secure, but together they provide a better security for the data being protected. These layers can be summarized as the following: Nontechnical: policies, procedures and training […]

Read More »