8 cards43 people studying this

Cybersecurity Essentials

Core security concepts — encryption, authentication, common attacks, and defense strategies.

Share on X WhatsApp

Study this deck for free

Free account includes unlimited cards, FSRS v6 scheduling, and AI card generation.
No credit card required.

Try a card

Try it — tap the card

What is the difference between encryption and hashing?

92% likely forgotten

Tap to see the answer

Encryption is reversible (can decrypt with key). Hashing is one-way (cannot recover original). Use encryption for data in transit, hashing for passwords.

Tap to flip back

What is SQL injection?

Last reviewed 12 days ago

Tap to see the answer

An attack where malicious SQL is inserted into input fields. Prevents: use parameterized queries/prepared statements, never concatenate user input into SQL.

Tap to flip back

What is XSS (Cross-Site Scripting)?

87% likely forgotten

Tap to see the answer

Injecting malicious scripts into web pages viewed by other users. Types: Stored (persistent), Reflected, DOM-based. Prevent: sanitize output, use CSP headers.

Tap to flip back

What is the CIA triad?

Fading — due 5 days ago

Tap to see the answer

Confidentiality (only authorized access), Integrity (data not tampered with), Availability (systems accessible when needed). Foundation of information security.

Tap to flip back

What is two-factor authentication (2FA)?

79% likely forgotten

Tap to see the answer

Requires two different types of evidence: something you know (password), something you have (phone/token), or something you are (biometric).

Tap to flip back

What is a man-in-the-middle (MITM) attack?

Last reviewed 21 days ago

Tap to see the answer

Attacker intercepts communication between two parties, potentially reading or altering messages. Prevented by TLS/HTTPS, certificate pinning, and encrypted protocols.

Tap to flip back

What is HTTPS and how does it work?

94% likely forgotten

Tap to see the answer

HTTP over TLS. Uses asymmetric encryption for key exchange, then symmetric encryption for data transfer. Certificates verify server identity. Prevents eavesdropping.

Tap to flip back

What is a zero-day vulnerability?

Fading — due 9 days ago

Tap to see the answer

A security flaw unknown to the vendor with no available patch. Called "zero-day" because developers have zero days to fix it before exploitation.

Tap to flip back

Create your own AI flashcards

Create your own AI flashcards in 30 seconds — free

Get started for free

Want to track your progress with spaced repetition?

Made with Forgetless — the AI flashcard app

Create your own deck in 30 seconds. Powered by the same algorithm as Anki.

Start free