Cybersecurity Basics Cheat Sheet

Key Facts

• The CIA triad stands for confidentiality, integrity, and availability, and it describes the three main goals of information security.
• Risk can be estimated with the formula risk = likelihood x impact, using consistent scales such as 1 to 5 for each value.
• A strong password should be long, unique, and hard to guess, and password strength increases greatly as length increases.
• Multi-factor authentication improves security because it requires at least two factors, such as something you know, something you have, or something you are.
• Encryption protects data by converting plaintext into ciphertext using an algorithm and a key, so ciphertext = encrypt(plaintext, key).
• Hashing creates a fixed-length fingerprint of data, and a secure password system stores salted hashes instead of plaintext passwords.
• The principle of least privilege means each user or program should have only the access needed to do its job.
• The best response to suspected phishing is to stop, verify the sender through a trusted channel, and avoid clicking links or opening attachments.

Vocabulary

Confidentiality

Confidentiality means keeping information private so only authorized people or systems can access it.

Integrity

Integrity means keeping data accurate, complete, and unchanged unless an authorized change is made.

Availability

Availability means systems and data are accessible to authorized users when they need them.

Authentication

Authentication is the process of proving identity, such as by using a password, security token, fingerprint, or login code.

Encryption

Encryption is the process of transforming readable data into unreadable ciphertext using a key.

Malware

Malware is harmful software designed to damage systems, steal data, spy on users, or gain unauthorized control.