First_Test_Ver_A

Segmentation is the best approach for handling a critical business application on a legacy server, as it isolates the application from other network segments, reducing the risk of vulnerabilities and ensuring better security.

A cyber security disaster recovery plan after a hurricane should prioritize data protection, system restoration, and secure access control by focusing on pre-storm data backups, offsite storage, secure remote access, damage assessment, and gradual system restoration, all while maintaining heightened vigilance against potential cyber threats that may arise during the recovery process.

(XDR) Extended Detection and Response - gathers threat data from various security tools across an organization's technology stack, allowing for a more unified and efficient way to detect, investigate, and respond to cyber threats

(SPF) Sender Policy Framework - prevent email spoofing and phishing attacks.

(DMARC) Domain-based Message Authentication, Reporting, and Conformance - email security protocol that helps prevent malicious emails. DMARC works by verifying email senders and protecting domains from fraudulent email.

(DLP) Data Loss Prevention - set of tools and strategies designed to detect and prevent the unauthorized access, use, or transmission of sensitive data within an organization, essentially safeguarding against data breaches by monitoring and blocking the movement of critical information like personal details or confidential business data.

Shadow IT is the use of IT systems, software, or devices without the approval of the IT department. It can include cloud services, hardware, and applications.

Insider Threat is someone with authorized access to the network, who, intentionally or unintentionally uses that access to harm the organization by stealing data, disrupting operations, or compromising sensitive information.

Data Exfiltration is the unauthorized copying, transfer, or retrieval of data from a device or server. It's a type of security breach that can involve personal data, financial records, and intellectual property.

Service Disruption is an event that causes a significant interruption or unavailability of a digital service, preventing users from accessing or utilizing it normally, often due to a cyber attack that overwhelms the system with traffic or compromises its functionality.

Voice over Internet Protocol (VoIP) uses a variety of protocols, including Session Initiation Protocol (SIP), Real-time Transport Protocol (RTP), and Secure Real-time Transport Protocol (SRTP)

The most commonly used protocol in HVAC systems is BACnet (Building Automation and Control Network)

(RTOS) Real Time OS and (SOC) Security Operations Center don't really use any specific protocols.

Digital forensics is the practice of collecting, analyzing, and preserving digital evidence

E-Discovery is a legal process that involves gathering and reviewing electronic information to use as evidence in a legal case

Incident Response is the organized process an organization takes to detect, analyze, contain, and remediate cyber threats or security breaches once they occur, aiming to minimize damage and recover quickly

Threat Hunting is a proactive approach where security professionals actively search through an organization's network and systems to identify potential cyber threats that might have evaded traditional security measures

Fuzzing is an automated software testing technique where a program is bombarded with random, invalid, or unexpected data inputs to intentionally trigger errors or crashes, thereby identifying potential security vulnerabilities in the software that malicious actors could exploit

Continuous Deployment refers to a software development practice where code changes are automatically pushed to a live production environment after passing automated tests

Static code analysis, also known as static application security testing (SAST), is a method for analyzing code without running it to find security vulnerabilities

Manual Peer Review is the process where a security professional manually examines another colleague's security work, like a penetration test report, security configuration, or code, to identify potential vulnerabilities or weaknesses by carefully reviewing details that might be missed by automated tools