Cybersecurity Cheat Sheet

The core ideas of Cybersecurity distilled into a single, scannable reference — perfect for review or quick lookup.

PiqCue — piqcue.com/cybersecurity/cheatsheet

Quick Reference

CIA Triad

The CIA triad stands for Confidentiality, Integrity, and Availability, forming the three core principles of information security. Confidentiality ensures data is accessible only to authorized parties, integrity ensures data is accurate and unaltered, and availability ensures systems and data are accessible when needed.

Encryption

Encryption is the process of converting plaintext data into an unreadable format (ciphertext) using mathematical algorithms and cryptographic keys. Only authorized parties with the correct decryption key can reverse the process and access the original data. Encryption is fundamental to securing data both at rest and in transit.

Firewalls

A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Firewalls establish a barrier between trusted internal networks and untrusted external networks such as the internet. Modern next-generation firewalls (NGFWs) also perform deep packet inspection, intrusion prevention, and application-level filtering.

Malware

Malware is any software intentionally designed to cause damage, disrupt operations, or gain unauthorized access to computer systems. Common types include viruses, worms, trojans, ransomware, spyware, and rootkits. Each type has distinct propagation methods and payloads, but all pose serious threats to system security.

Phishing

Phishing is a social engineering attack in which an attacker disguises themselves as a trustworthy entity to trick victims into revealing sensitive information such as login credentials, financial data, or personal details. Phishing attacks are commonly delivered via email but also occur through SMS (smishing), voice calls (vishing), and fraudulent websites.

Zero-Day Exploits

A zero-day exploit targets a previously unknown vulnerability in software or hardware that the vendor has not yet patched. The term 'zero-day' refers to the fact that developers have had zero days to address the flaw. These exploits are particularly dangerous because no defense or signature exists at the time of attack.

Penetration Testing

Penetration testing (pen testing) is an authorized, simulated cyberattack performed on a system to evaluate its security posture. Pen testers use the same tools and techniques as malicious hackers but operate within a defined scope and legal agreement. The goal is to identify vulnerabilities before real attackers can exploit them.

Authentication

Authentication is the process of verifying the identity of a user, device, or system before granting access to resources. It typically relies on one or more factors: something you know (password), something you have (security token), or something you are (biometrics). Multi-factor authentication (MFA) combines two or more factors for stronger security.

Network Security

Network security encompasses the policies, practices, and technologies designed to protect the usability, reliability, integrity, and safety of a network and its data. It involves both hardware and software solutions and addresses threats that seek to enter, spread within, or exfiltrate data from a network.

Incident Response

Incident response is the organized approach to addressing and managing the aftermath of a security breach or cyberattack. The goal is to handle the situation in a way that limits damage, reduces recovery time and costs, and prevents future occurrences. A typical incident response plan includes preparation, identification, containment, eradication, recovery, and lessons learned phases.

Key Terms at a Glance

Access Control:Policies and mechanisms that restrict who or what can view or use resources in a computing environment, based on identity and authorization level.

Authentication:The process of verifying the identity of a user, device, or system before granting access to resources.

Authorization:The process of determining what permissions and access rights an authenticated user or system has within an environment.

Botnet:A network of compromised computers (bots or zombies) controlled remotely by an attacker, often used for DDoS attacks or spam distribution.

Brute Force Attack:An attack method that attempts every possible combination of credentials or keys until the correct one is found.

Ciphertext:The encrypted, unreadable form of data after an encryption algorithm has been applied to plaintext.

Cross-Site Scripting (XSS):A web security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

DDoS (Distributed Denial of Service):An attack that floods a target with traffic from many distributed sources to overwhelm its resources and make it unavailable.

Encryption:The process of converting data into an encoded format that can only be decoded by authorized parties possessing the correct key.

Exploit:A piece of code, software, or technique that takes advantage of a vulnerability to gain unauthorized access or cause unintended behavior.

Firewall:A network security system that monitors and controls incoming and outgoing traffic based on predetermined security rules.

Hashing:A one-way function that converts data into a fixed-length string of characters, used for verifying data integrity and storing passwords securely.

Incident Response:The organized approach to addressing and managing the aftermath of a security breach or cyberattack to minimize damage and recovery time.

Intrusion Detection System (IDS):A system that monitors network traffic or host activities for suspicious behavior and generates alerts when potential threats are detected.

Malware:Any software intentionally designed to cause damage to a computer, server, client, or network, including viruses, worms, trojans, and ransomware.

Get study tips in your inbox

We'll send you evidence-based study strategies and new cheat sheets as they're published.

We'll notify you about updates. No spam, unsubscribe anytime.