AceNotes · Study
AP CS Principles · Big Idea 4: Computer Systems & Networks40 flashcards

AP CSP Cybersecurity Threats and Defenses

40 flashcards covering AP CSP Cybersecurity Threats and Defenses for the AP-CS-PRINCIPLES Big Idea 4 section.

Cybersecurity threats and defenses are critical components of the AP Computer Science Principles curriculum, specifically under Big Idea 4, which focuses on the implications of computing. This topic covers various types of cybersecurity threats, such as malware, phishing, and denial-of-service attacks, along with strategies to defend against them, including encryption, access control, and incident response. Understanding these concepts is essential for recognizing the impact of cybersecurity on individuals and organizations.

On practice exams and competency assessments, questions related to cybersecurity often present scenarios requiring the identification of threats or the selection of appropriate defense mechanisms. Common traps include confusing different types of attacks or underestimating the importance of user awareness in preventing security breaches. A frequent oversight is the assumption that technical solutions alone are sufficient; in reality, user training and awareness are equally crucial for effective cybersecurity.

Terms (40)

  1. 01

    What is a cybersecurity threat?

    A cybersecurity threat is any potential danger that could exploit a vulnerability to breach security and cause harm to systems, networks, or data. This includes malware, phishing, and denial-of-service attacks, among others (College Board AP CED).

  2. 02

    Define malware in the context of cybersecurity.

    Malware is malicious software designed to disrupt, damage, or gain unauthorized access to computer systems. Common types include viruses, worms, and ransomware (College Board AP CED).

  3. 03

    What is the purpose of a firewall?

    A firewall is a network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules, acting as a barrier between trusted and untrusted networks (College Board AP CED).

  4. 04

    How often should software updates be applied to mitigate security risks?

    Software updates should be applied regularly, as they often include patches for security vulnerabilities. It is recommended to update software as soon as updates are available (College Board AP CED).

  5. 05

    What is phishing?

    Phishing is a type of cyber attack that involves tricking individuals into providing sensitive information, such as usernames and passwords, by masquerading as a trustworthy entity in electronic communications (College Board AP CED).

  6. 06

    What is the first step in responding to a cybersecurity incident?

    The first step in responding to a cybersecurity incident is to identify and contain the threat to prevent further damage to systems and data (College Board AP CED).

  7. 07

    Under AP CSP guidelines, what is required to ensure data privacy?

    To ensure data privacy, organizations must implement security measures such as encryption, access controls, and regular audits to protect sensitive information (College Board AP CED).

  8. 08

    What is a denial-of-service (DoS) attack?

    A denial-of-service attack is an attempt to make a machine or network resource unavailable to its intended users by overwhelming it with a flood of illegitimate requests (College Board AP CED).

  9. 09

    How can strong passwords help defend against cybersecurity threats?

    Strong passwords reduce the risk of unauthorized access by making it difficult for attackers to guess or crack them. They should include a mix of letters, numbers, and symbols (College Board AP CED).

  10. 10

    What is social engineering in cybersecurity?

    Social engineering is a manipulation technique that exploits human psychology to gain confidential information, often through deception (College Board AP CED).

  11. 11

    What is the role of encryption in cybersecurity?

    Encryption protects data by converting it into a coded format that can only be read by authorized users with the decryption key, thus safeguarding sensitive information from unauthorized access (College Board AP CED).

  12. 12

    What is two-factor authentication (2FA)?

    Two-factor authentication is a security process that requires two different forms of identification before granting access to an account, enhancing security beyond just a password (College Board AP CED).

  13. 13

    What is a vulnerability in cybersecurity terms?

    A vulnerability is a weakness in a system, application, or network that can be exploited by threats to gain unauthorized access or cause harm (College Board AP CED).

  14. 14

    What should be included in an incident response plan?

    An incident response plan should include identification, containment, eradication, recovery, and lessons learned to effectively manage and mitigate cybersecurity incidents (College Board AP CED).

  15. 15

    What is a security breach?

    A security breach is an incident that results in unauthorized access to sensitive data, often leading to data theft, loss, or exposure (College Board AP CED).

  16. 16

    How can organizations educate employees about cybersecurity threats?

    Organizations can educate employees through training programs, regular updates on cybersecurity policies, and simulations of phishing attacks to raise awareness (College Board AP CED).

  17. 17

    What is ransomware?

    Ransomware is a type of malware that encrypts a victim's files, with the attacker demanding payment for the decryption key (College Board AP CED).

  18. 18

    What is the significance of regular security audits?

    Regular security audits are significant as they help identify vulnerabilities and ensure compliance with security policies and regulations (College Board AP CED).

  19. 19

    What are the consequences of a cybersecurity breach?

    Consequences of a cybersecurity breach can include financial loss, legal penalties, reputational damage, and loss of customer trust (College Board AP CED).

  20. 20

    What is the function of an intrusion detection system (IDS)?

    An intrusion detection system monitors network traffic for suspicious activity and alerts administrators of potential security breaches (College Board AP CED).

  21. 21

    What is the importance of data backup in cybersecurity?

    Data backup is crucial as it ensures that copies of data are available for recovery in case of data loss due to cyber attacks or system failures (College Board AP CED).

  22. 22

    How does a VPN enhance cybersecurity?

    A Virtual Private Network (VPN) enhances cybersecurity by encrypting internet traffic and masking the user's IP address, providing privacy and security when accessing the internet (College Board AP CED).

  23. 23

    What is the role of antivirus software?

    Antivirus software is designed to detect, prevent, and remove malware from computers and networks, helping to protect against various cybersecurity threats (College Board AP CED).

  24. 24

    What is a cyber threat actor?

    A cyber threat actor is an individual or group that poses a threat to information systems, including hackers, insiders, and nation-state actors (College Board AP CED).

  25. 25

    What is the purpose of a security policy?

    A security policy outlines an organization's approach to protecting its information assets, including guidelines for acceptable use, data protection, and incident response (College Board AP CED).

  26. 26

    What is the significance of patch management?

    Patch management is significant as it involves regularly updating software to fix vulnerabilities, thereby reducing the risk of exploitation by cyber threats (College Board AP CED).

  27. 27

    What is a botnet?

    A botnet is a network of compromised computers that are controlled remotely by an attacker to perform coordinated tasks, often for malicious purposes like launching attacks (College Board AP CED).

  28. 28

    What is the difference between a threat and a vulnerability?

    A threat is a potential danger that could exploit a vulnerability, while a vulnerability is a weakness in a system that can be exploited by a threat (College Board AP CED).

  29. 29

    What is the purpose of security awareness training?

    The purpose of security awareness training is to educate employees about cybersecurity risks and best practices to help prevent security incidents (College Board AP CED).

  30. 30

    What is the function of a digital certificate?

    A digital certificate is used to verify the identity of a user, device, or server, ensuring secure communication over networks (College Board AP CED).

  31. 31

    What is the impact of insider threats on cybersecurity?

    Insider threats can have a significant impact on cybersecurity as they involve individuals within an organization who misuse their access to compromise data or systems (College Board AP CED).

  32. 32

    What is a security incident?

    A security incident is any event that compromises the confidentiality, integrity, or availability of information, requiring a response (College Board AP CED).

  33. 33

    What is the role of network segmentation in cybersecurity?

    Network segmentation enhances security by dividing a network into smaller, isolated segments, limiting access and reducing the spread of threats (College Board AP CED).

  34. 34

    What is the purpose of a cybersecurity framework?

    A cybersecurity framework provides a structured approach for organizations to manage and reduce cybersecurity risks, outlining best practices and guidelines (College Board AP CED).

  35. 35

    What is a zero-day vulnerability?

    A zero-day vulnerability is a security flaw that is unknown to the software vendor and can be exploited by attackers before a patch is released (College Board AP CED).

  36. 36

    What is the importance of incident reporting?

    Incident reporting is important as it helps organizations track security incidents, analyze trends, and improve their security posture over time (College Board AP CED).

  37. 37

    What is an exploit in cybersecurity?

    An exploit is a piece of software, a command, or a sequence of commands that takes advantage of a vulnerability to cause unintended behavior in software or hardware (College Board AP CED).

  38. 38

    What is the purpose of threat modeling?

    Threat modeling is a process used to identify, prioritize, and address potential threats to a system, helping to improve security measures (College Board AP CED).

  39. 39

    What is the role of a security operations center (SOC)?

    A security operations center (SOC) is responsible for monitoring, detecting, and responding to cybersecurity incidents and threats in real-time (College Board AP CED).

  40. 40

    What is the significance of compliance in cybersecurity?

    Compliance with cybersecurity regulations and standards is significant as it helps organizations protect sensitive data and avoid legal penalties (College Board AP CED).

More AP CS Principles big idea 4: computer systems & networks sets

AP CSP Networks and the Internet
39 flashcards
AP CSP IP Addresses and DNS
38 flashcards
AP CSP HTTP and Web Pages
40 flashcards
AP CSP Packets and Routing
36 flashcards
AP CSP Bandwidth and Latency
36 flashcards
AP CSP Fault Tolerance and Redundancy
36 flashcards