Information Security Cheat Sheet

The core ideas of Information Security distilled into a single, scannable reference — perfect for review or quick lookup.

PiqCue — piqcue.com/information-security/cheatsheet

Quick Reference

CIA Triad

The three core principles of information security: Confidentiality (restricting access to authorized users), Integrity (ensuring data accuracy and trustworthiness), and Availability (ensuring reliable access to information when needed). This model serves as the foundational framework for designing and evaluating security controls.

Defense in Depth

A layered security strategy that employs multiple defensive mechanisms so that if one layer fails, others continue to provide protection. The approach combines physical, technical, and administrative controls at multiple levels of an organization's infrastructure.

Principle of Least Privilege

The security concept that users, processes, and systems should be granted only the minimum level of access necessary to perform their legitimate functions. This limits the potential damage from accidents, errors, or malicious actions.

Social Engineering

The manipulation of people into performing actions or divulging confidential information by exploiting psychological tendencies such as trust, fear, urgency, and authority. Social engineering bypasses technical controls by targeting the human element.

Encryption

The process of converting plaintext data into an unreadable ciphertext format using a cryptographic algorithm and key, ensuring that only authorized parties with the correct decryption key can access the original information. Encryption protects data both at rest and in transit.

Risk Management

The systematic process of identifying, assessing, and prioritizing threats and vulnerabilities to information assets, then applying controls to reduce the likelihood or impact of adverse events to an acceptable level. Risk can be mitigated, transferred, accepted, or avoided.

Multi-Factor Authentication (MFA)

An authentication method that requires users to provide two or more independent verification factors, typically something they know (password), something they have (security token or phone), and something they are (biometric). MFA significantly reduces the risk of credential compromise.

Incident Response

The organized approach to addressing and managing the aftermath of a security breach or cyberattack. The goal is to handle the situation so that damage is limited, recovery time and costs are minimized, and lessons are captured for future improvement.

Zero Trust Architecture

A security model based on the principle of 'never trust, always verify,' which assumes that threats exist both outside and inside the network. Every user, device, and network flow is authenticated, authorized, and continuously validated before being granted access to resources.

Vulnerability Management

The cyclical practice of identifying, classifying, remediating, and mitigating security vulnerabilities in systems and software. It includes regular scanning, patch management, and prioritization based on severity and exploitability.

Key Terms at a Glance

Authentication:The process of verifying the identity of a user, device, or system before granting access to resources.

Authorization:The process of determining what permissions and access rights an authenticated user or system has.

Availability:The assurance that information and systems are accessible and usable when needed by authorized users.

Ciphertext:The encrypted, unreadable form of data produced by an encryption algorithm, which can only be converted back to plaintext with the correct decryption key.

Confidentiality:The principle that information is accessible only to those authorized to access it.

Cryptography:The science of securing information by transforming it into an unreadable format using mathematical algorithms.

Denial of Service (DoS):An attack that aims to make a system, network, or service unavailable by overwhelming it with traffic or exploiting a vulnerability.

Digital Certificate:An electronic document issued by a Certificate Authority that binds a public key to an identity, enabling verification of authenticity.

Exploit:A piece of software, data, or sequence of commands that takes advantage of a vulnerability to cause unintended behavior in a system.

Firewall:A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Hashing:A one-way cryptographic function that converts input data into a fixed-length output (hash) that cannot be reversed to reveal the original data.

Incident Response:The organized methodology for handling security breaches or cyberattacks, including preparation, detection, containment, eradication, recovery, and lessons learned.

Integrity:The assurance that information is accurate, complete, and has not been modified by unauthorized parties.

Intrusion Detection System (IDS):A device or software that monitors network or system activities for malicious behavior or policy violations and generates alerts.

Malware:Malicious software designed to damage, disrupt, or gain unauthorized access to systems, including viruses, worms, trojans, ransomware, and spyware.

Get study tips in your inbox

We'll send you evidence-based study strategies and new cheat sheets as they're published.

We'll notify you about updates. No spam, unsubscribe anytime.