🔐 Cybersecurity

1. What is cybersecurity?
Cybersecurity is the practice of protecting systems, networks, and data from digital attacks.

2. What are the types of cybersecurity?

Network security, information security, application security, operational security, and disaster
recovery.

3. What is the CIA Triad?

Confidentiality, Integrity, and Availability — the three core principles of cybersecurity.

4. What is the difference between a virus and a worm?

A virus attaches itself to a file or program and needs user action to spread, while a worm is
self-replicating and spreads without user interaction.

5. What is a firewall?
A firewall is a network security device that monitors and filters incoming and outgoing
network traffic.

6. What is encryption?
Encryption is the process of converting data into a coded format to prevent unauthorized
access.

7. What is a DDoS attack?

Distributed Denial of Service attacks flood a server with traffic, making services unavailable
to legitimate users.

8. What is phishing?
A type of cyberattack where attackers impersonate legitimate institutions to trick users into
revealing sensitive information.

9. What is ransomware?
Malware that locks or encrypts a victim’s data and demands payment for access restoration.

10. What is the difference between symmetric and asymmetric encryption?

Symmetric uses one key for encryption and decryption; asymmetric uses a public and a
private key.

11. What is an intrusion detection system (IDS)?

A device or software application that monitors networks for malicious activity or policy
violations.

12. What is an SSL certificate?

Secure Sockets Layer certificate encrypts the data transferred between a web server and
browser.

13. What is two-factor authentication (2FA)?

An extra layer of security requiring two types of credentials (e.g., password and a mobile
code).

14. What is social engineering?

Psychological manipulation of people into performing actions or revealing confidential
information.
15. What is a brute-force attack?
An attempt to crack a password or encryption key by trying all possible combinations.

16. What is a zero-day exploit?

An attack that targets a previously unknown vulnerability before developers have issued a fix.

17. What is endpoint security?

Protection of end-user devices like laptops, smartphones, and desktops from malicious
threats.

18. What is malware?

Malicious software like viruses, worms, spyware, ransomware, and trojans that damage or
steal data.

19. What is patch management?

The process of updating software to fix vulnerabilities and improve performance or security.

20. What are common cybersecurity tools?

Wireshark, Metasploit, Nessus, Nmap, and antivirus software.