WGU C172 Network and Security Foundations (v4): Unit 3&4: Terms, Full Review. Graded A+ 2024

Asset - -A person, device, location, or information that SecOps aims to protect from attack. Attack - -An action taken by a threat that exploits a vulnerability that attempts to either block authorized access to an asset, or to gain unauthorized access to an asset. Risk - -The potential of a threat to exploit a vulnerability via an attack. SecOps (IT security operations) - -A discipline responsible for protecting assets by reducing the risk of attacks. Threat - -Something or someone that can exploit a vulnerability to attack an asset. Vulnerability - -A weakness in software, hardware, facilities, or humans that can be exploited by a threat. Common Vulnerabilities - -Poor physical security measures. Weak passwords/default passwords. Misconfigured firewall rules. Personal devices in the network. Advanced persistent threats. Zero-day. Advanced Persistent Threats (APT) - -A virus or malware remains undetected while it sits idle for long periods. Goal is to infect backups. Victim is then susceptible to ransom threats. Zero-Day - -An exploit or vulnerability that is not yet known to the public. There is no patch available to mitigate this vulnerability. Attacker Types - -Vulnerability testers. Blue, red, white, and purple teams. Hackers: white hat, black hat, and gray hat. Insider threats. Nation states. Script kiddies