# Cybersecurity
- Social media is a great way to connect to other security professionals in the industry 社交媒體是與業界其他安全專業人員聯繫的絕佳方式
- By staying informed about security trends, you can more effectively identify and develop remediation strategies to address a wide range of security challenges 藉由持續(隨時)瞭解安全趨勢,您可以更有效地辨識並制訂補救策略,以因應各種安全挑戰
- engaging with the security community through various security organizations and conferences is a great way to stay up-to-date on current security news 透過各種安全組織和會議與安全社群接觸,是掌握最新安全新聞的好方法
- You don't have to know everything. You have teammates and other people that can help you with areas that you're weak in 你不必什麼都懂。您有隊友和其他人可以幫助您解決您的弱點
- I take courses, try to get certificates if I can along the way 我參加了一些課程,並嘗試在有機會的情況下考取證書
- It's important to continue to learn in the field of cybersecurity because things change all the time 因為事物不斷在改變,持續學習對網路安全領域是重要的
- always remember not to click on unexpected links or attachments sent from unfamiliar users on social media. 切記不要點擊社交媒體上不熟悉的使用者所傳送的意外連結或附件
- Be aware of social engineering 注意社交工程
- it’s also important to be mindful that hackers use social media to trick users into giving up private information 也要注意黑客會利用社交媒體誘騙使用者提供私人資訊
- Are you interested in forensic security or data logging 您是否對資安鑑識或資料記錄感興趣
- focus on reacting to security incidents or preventing them from happening 專注於安全事故應變或預防安全事故發生
- Security is a constantly evolving industry. As professionals in security, we must evolve with it by seeking out new information. (資訊)安全是一個不斷演進的產業。身為(資訊)安全的專業人員,我們必須透過尋找新的資訊來與時俱進。
- A few well-known security websites and blogs to get you started are 一些知名的安全網站與 blog 是
- will help you stand out to hiring managers and could give you an extra edge over other candidates(將可協助您在招募經理面前脫穎而出,並可讓您比其他應徵者更具優勢)
- What excites me about the security profession is(讓我對資安工作感到興奮的是)
- a few good resources for you to review periodically.(一些好的資源讓你定期檢視)
- As the industry evolves, it's essential to stay up-to-date on the latest security trends and news(隨著產業的演進,掌握最新的安全趨勢和新聞是非常重要的)
- As we approach the end of our program,(隨著/當我們的課程接近尾聲)
- we'll share some ways to become involved with the security community.(我們會分享一些參與安全社群的方法)
- we'll identify reliable security resources you can use to stay up-to-date on security news and trends.(我們會為您找出可靠的安全資源,讓您隨時掌握最新的安全新聞和趨勢。)
- how to engage with the security community, find jobs in the security field, create a resume, and navigate the interview process(接觸安全社群;掌握面試流程)
- other stakeholders will be more focused on how policies and procedures are working to prevent cyber attacks(其他利害關係人將更專注於政策與程序如何防止網路攻擊)
- Juliana decides to put together a detailed document with timelines that clearly explain what happened(決定整理出一份有時間軸的詳細文件,清楚說明所發生的事情)
- Juliana’s manager has also been informed that(還已經被告知...)
- Juliana's visual dashboard makes it easier for the high-level stakeholders to review incident #1 and determine a course of action(Juliana 的可視化儀表板讓高層級利害關係人更容易檢視事件 #1,並決定行動方案)
- Her dashboard will use charts and graphs to relay important information(她的儀表板會使用圖表來傳達重要資訊)
- she used her company’s escalation policy to properly escalate the two incidents(她運用公司的上報政策將兩起事件正確上報)
- escalation; escalate (上報/提升至上層處理/事件升級)
- allow decision makers to determine how to address security issues that put the organization at risk(讓決策者決定如何處理使組織陷入風險的安全問題)
- allow security team members to convey essential information to stakeholders(讓安全團隊成員向利害關係人傳達重要資訊)
- Those stakeholders and the security team can then work together to determine how to address the issue(然後,這些利害關係人和安全團隊可以共同合作,決定如何解決/處理問題)
- Based on this information,(根據)
- wants to know how many employees are often clicking on phishing emails.
The goal is to identify which five departments click on those emails most often.(想要知道有多少員工經常點選釣魚電子郵件。目標是找出哪五個部門最常點選這些電子郵件。)
- The audit gathered data showing how many phishing emails each department clicked over the last five months(稽核收集的資料顯示每個部門在最近五個月內點選了多少封釣魚電子郵件)
- Other times you might want to include a document attachment that further elaborates on a specific topic.(其他時候,您可能想要包含一個文件附件,以進一步詳細說明特定主題)
- Security is often a team effort.(資訊安全通常是一項團隊工作。)
- Visuals help provide these decision-makers with actionable information that can help them identify potential risks to the organization's security posture.(可視化有助於為這些決策者提供可執行的資訊,幫助他們識別組織安全態勢的潛在風險)
- An entry-level analyst might communicate directly or indirectly with these individuals.(入門級的分析師可能會直接或間接與這些人溝通。)
- Create visual dashboards for impactful cybersecurity communications(建立具影響力的網路安全溝通視覺化儀表板)
- If you don't receive a timely response from a stakeholder, following up shows initiative.(如果您沒有收到利害關係人及時的回覆,追蹤展現您的主動性)
- It's important to stand out in the security profession, especially if you don't have previous experience in the industry.(在資安工作中,要表現突出很重要,特別是如果你沒有這個行業的先前經驗)
- It sounds simple, but a friendly call can often prevent a major issue from occurring(這聽起來很簡單,但一個友善的電話往往可以避免重大問題的發生。)
- When appropriate, take the initiative to follow up with a stakeholder if they haven't responded to an email in a timely manner.(如果利害關係人沒有及時回覆電子郵件,請在適當的時候要主動追蹤)
- Direct communication is often better than waiting days or weeks for an email response to an issue that requires immediate attention.(對於需要立即處理的問題,直接溝通往往比等待數天或數週的電子郵件回覆來得好)
- that sometimes a simple instant message or call can help move a situation forward.(有的時候一個簡單的即時訊息或電話就能推進一個情況)
- This means they may sometimes miss an email, or fail to respond in a timely manner.(這意味著他們有時候可能會錯過電子郵件,或者無法及時回應。)
- Be sure to follow the procedures outlined in your organization's playbooks(請務必遵循組織手冊中列出的程序)
- Be mindful of the sensitive information contained in these types of communications. 注意(留心);在這些類型的溝通
- we'll focus on various communication strategies that can help you engage with and convey key ideas to stakeholders(各種溝通策略;接觸;傳達重要想法)
- The ability to communicate threats, risks, vulnerabilities, or incidents and possible solutions is a valuable skill for security professionals.(溝通威脅、風險、弱點或事故以及可能的解決方案的能力是安全專業人員的寶貴技能。)
- Senior-level stakeholders might be more interested in the underlying risks, such as the potential financial burden of a security incident—as opposed to the details around logs(高層利害關係人;而不是)
- How do I explain the situation in a nontechnical manner?(以非技術性的方式說明情況)
- your immediate supervisor(直屬主管)
- how it impacts the organization, and possible solutions to the issue.(可能的解決方案)
- It's essential that communications are specific and clear(...必須...)
- Staying informed about security issues helps stakeholders do their jobs more effectively.(隨時了解..., 更有效率的...)
- You don't want them to have to guess the reason for your email or why it matters to them.(不會讓他們要..., 對他們重要)
- keep those top-level stakeholders informed on the security measures(讓...隨時了解/知道...)
- responsibilities; responsible for (職責;對...負責)
- there are certain stakeholders that the analyst will need to provide updates to (分析師需要向某些利害關係人提供最新資訊)
- the security measures and protocols in place (所採用的安全措施和協議)
- A big part of what you’ll do as a security analyst is report your findings to various security stakeholders. (身為資安分析師,您要做的一大部分工作就是向各個安全利害關係人報告您的發現。)
- the individuals who have a significant interest in those business operations: stakeholders. (與這些企業營運有重大利益關係的個人:利害關係人)
- They're also tasked with creating security and business continuity plans. (他們還負責制定資訊安全和營運持續計劃。)
- CISOs are high-level executives responsible for developing an organization's (高階主管)
- Another stakeholder with an interest in security is the Chief Information Security Officer, or CISO (有資安利害關係; 資安長)
- They are concerned about security from a financial standpoint because of the potential costs of an incident to the business.(財務觀點/立場)
- because the decisions made on a day-to-day basis by stakeholders will impact how you do your job (每天/日常;你的工作方式)
- on a daily basis(在日常)
- the supervisor indicates that a data breach has occurred . This breach has impacted one of the manufacturing sites for the organization. (主管表示已發生資料外洩事件。此外洩影響了該組織的其中一個製造據點。)
- the incident may be increased or decreased to a high or low criticality level.(嚴重等級)
- Suddenly, you notice there's been unusual log activity in an app that was recently banned from the organization.(突然間,您發現最近被組織禁用的應用程式出現不尋常的日誌活動。)
- The internal compliance of an organization’s data protection procedures. (內部規範)
- Malware infections can cause a system's network to run an unusually low speeds.(惡意軟體感染會導致系統的網路運行速度異常低)
- a few incident classification types to be aware of: malware infection, unauthorized access, and improper usage (應注意的幾種事件分類類型:惡意軟體感染、未授權存取和不當使用)
- Security incident escalation is the process of identifying a potential security incident. (資安事故上報)
- you’ll learn the importance of escalating security issues and the potential impact of failing to escalate an issue. (上報資安問題的重要性;未能上報問題的可能影響)
- it has the potential to become a larger problem that costs the company money, exposes sensitive customer data, or damages the company's reputation. (它有可能成為一個更大的問題,使公司蒙受金錢損失、客戶敏感資料外洩或公司聲譽受損。)
- From the Chief Information Security Officer, also known as the CISO, to the engineering team, public relations team, and even the legal team, every member of the security team matters. (資安長;工程團隊;公關團隊;法律團隊)
- it's important that you know how to evaluate and escalate incidents to the right individual or team when necessary. (您必須知道如何評估事件,並在必要時將事件升級至對的人或團隊。)
- I enabled debug logs in the service so I could observe what was going on (觀察/看到)
- Penetration testing (pen test) (滲透測試)
- security mindset, security awareness (資安思維; 資安意識)
- Your security mindset allows you to protect all levels of assets.
- So having a security mindset helps analysts defend against the constant pressure from attackers.
- Having a strong security mindset can help set you apart from other candidates as you prepare to enter the security profession. (資安工作)
- using fictitious emails to evaluate security awareness at the company.
- should be escalated to a supervisor. (上報到主管)
- how to escalate incidents to protect an organization's assets and data (升級事件)
- happen
- after a security incident has taken place
- in case a security incident does occur
- The role of a security professional is to ensure a company’s data and assets are protected from threats, risks, and vulnerabilities. (安全專業人員的角色是確保公司的資料和資產不受威脅、風險和弱點的影響。)
- business continuity and disaster recovery plans (營運持續與災害復原計畫)
- Conduct training for the business continuity team (進行...演練)
- If you're not sure of the potential impact of an incident, it's always best to be cautious and report events to the appropriate team members. (不確定...; 最好; 適當的團隊成員)
- When a security event results in a data breach, it is categorized as a security incident. (資料外洩; 資安事故)
- if it was compromised (如果受到入侵/危害)
- Intellectual property (智財)
- They can have a significantly negative impact on an organization if leaked publicly. (嚴重的負面影響;公開洩漏)
- Examples of confidential data include proprietary information such as trade secrets, financial records, and sensitive government data. (專利資訊;商業秘密;財務紀錄)
- Access to confidential data sometimes involves the signing of non-disclosure agreements (NDAs)
- This data classification type is important for an organization’s ongoing business operations (持續營運)
- Unauthorized access to sensitive data can cause significant damage to an organization’s finances and reputation. (未授權存取;重大損害;聲譽)
- personally identifiable information (PII), sensitive personally identifiable information (SPII), and protected health information (PHI)
- Public data, Private data, Sensitive data, Confidential data
- If an individual gains unauthorized access to private data(個人;未經授權存取)
- Private data is information that should be kept from the public. (不可公開)
- threats, risks, and vulnerabilities that are posed by social engineering attacks, such as phishing (由社交工程造成的...)
- such as intellectual property, trade secrets, PII, and even financial information (智慧財產;商業機密;財務資訊)
- helps you prepare for the worst-case scenario, even if it doesn't happen(對...做準備;最糟情況)
- cybersecurity profession(網路安全工作)
- cybersecurity professionals(網路安全專家)
- cybersecurity field(網路安全領域)
- refine your understanding of key security concepts(精進/改進)
- Writing code that assigns security incident tickets to the appropriate cybersecurity team based on its priority level. (寫程式依據優先等級分派資安事故單給合適的資安小組)
- This results in DNS resolvers sending large responses to (導致)
- which can lead to significant issues like unplanned downtime (導致; 重大問題; 意外停機)
- can access restricted information (限制性的)
- Security professionals are often tasked with reviewing log files(被要求/要負責/通常的任務)
- Automate cybersecurity tasks with Python
- removing usernames that match specific criteria from an access list.(特定標準)
- Make sure your browser is up to date with the latest version(確認瀏覽器是最新的版本)
- it might be used to determine whether or not to lock an account. (是否鎖定帳戶)
- checks whether someone is allowed to access a particular file (是否...; 存取特定檔案)
- improve efficiency; allow it to work effectively (提高效率; 有效運作)
- use Python code to reduce the manual effort needed to manage an access control list(人工作業; )
- Throughout this certificate you will use Qwiklabs and Jupyter Notebooks to complete hands-on activities(整個認證課程中;實作)
- Security analysts can access Python through a variety of environments(各種環境)
- The fast.log file is used for basic logging and alerting and is considered a legacy file format(視為...;傳統)
- The Network-based IDS application inspects network traffic from different devices on the network(檢查/審視)
- When suspicious or unusual network activity is detected(可疑的;不尋常的)
- IDS (Intrusion Detection System) is an application that monitors activity and alerts on possible intrusions.(監視活動;可能入侵的告警)
- Detection requires data, and this data can come from various data sources.(各種的)
- It’s important to know how to read and interpret different log formats so that you can uncover the key details surrounding an event and identify unusual or malicious activity.(解讀;發掘;查明;不尋常)
- logs provide key details about activities that occurred across an organization(發生)
- logs record events that happen on a network, or system.(發生)
- intrusion detection systems; intrusion prevent systems (IDS;IPS)
- investigating an alert involving a possible network intrusion(網路入侵)
- When an outage occurs due to a security incident(發生資安事件的停機)
- Business Continuity Plan(BCP 營運持續計畫)
- the three letters in the CIA triad stand for confidentiality, integrity, and availability(資安鐵三角;機密性;完整性;可用性)
- ensure that you complete a thorough analysis so that you have enough information to make an informed decision about your findings.(徹底分析;做出明智的決定;發現)
- you'll receive and assess the alert to determine if it's a false positive(評估;確定/決定;誤警報)
- which prioritizes incidents according to their level of importance or urgency.(重要等級或緊急程度)
- Having previously investigated the file hash, it is confirmed to be a known malicious file.(之前調查過檔案雜湊值,證實這是已知的惡意檔案)
- The email body and subject line contained grammatical errors.(語法錯誤)
- Tedious, error-prone, or time-consuming tasks can be automated, while analysts can prioritize their time with other tasks.(繁瑣,容易出錯或耗時工作;優先處理...)
- It is an example of a non-automated playbook, which requires step-by-step actions performed by an analyst.(非自動的手冊;一步一步動作)
- This depicts the process for detecting a DDoS and begins with determining the indicators of compromise, like unknown incoming traffic.(首先確定入侵指標;)
- Documentation must be regularly reviewed and updated to keep up with the evolving threat landscape. (文件必須定期審閱與更新,以跟上不斷演變的威脅形勢)
- Incident response plans standardize an organization’s response process by outlining procedures in advance of an incident. (事件發生前)
- If a malicious actor compromised a system, evidence must be available to determine their actions so that appropriate legal action can be taken. (採取適當的法律行動)
- You observe a known user successfully authenticate a new device using two-factor (觀察到; 注意到)
- Security terms
- malicious actors (惡意行為者)
- malicious activity (惡意活動)
- attackers (攻擊者)
- security incidents(資安事件;安全事件)
- security analysts(資安分析師; 安全分析師)
- security professionals(資安專家; 安全專家)
- security profession(資安工作)
- security field(資安領域)
- the suspicious IP address (可疑的)
- unusual processes (不尋常的)
- IoCs may be the result of human error, system malfunctions, and other reasons not related to security. (人為錯誤; 系統故障)
- baselines help establish a standard of expected or normal behavior for systems, devices, and networks. (基線)
- A baseline is a reference point that’s used for comparison. (baseline 是...)
- Once something unusual or suspicious is detected (不尋常或可疑的東西)
- How could the company prevent an incident like this from occurring again?(如何防範這類的事件再發生)
- the stages of incident detection, investigation, analysis, and response(事故偵測;調查;分析;回應)
- analyze the contents of captured packets(擷取的封包)
- The app should be in compliance with PCI-DSS.(符合/遵守)
- developers tend to focus on making their applications work correctly rather than protecting their products from injection.(往往更;讓...正常運作;而不是)
- Malware(惡意軟體)
- Virus(病毒)
- Worm(蠕蟲)
- Trojan(木馬)
- Ransomware(勒索軟體)
- Spyware(間諜軟體)
- analyzing the suspicious message(可疑的)
- the group managed to gain access to the organization’s network and internal tools.(群體;成功取得...的存取)
- Threat actors use many different tactics to carry out their attacks.(威脅行動者;手法;執行)
- unauthorized access to restricted systems.(未經授權存取; 受限系統)
- specific type of attacks that cybercriminals commonly use. (網路犯罪)
- using fictitious emails to evaluate security awareness at the company. (安全意識)
- Keeping software updated requires effort. (軟體保持更新需要付出努力)
- Vulnerability scanners are meant to be non-intrusive. (應該; 非侵入性)
- Examples of remediation steps might include things like enforcing (矯正)
- We'll explore this step in more details (更多細節)
- An employee reports that they cannot log into the payroll system with their access credentials. (無法登入; 存取帳密)
- Symmetric and asymmetric encryption (對稱與非對稱加密)
- keep private; keep safe (保持私密; 保持安全)
- you'll review the controls in place to prevent data leaks. (現有的控制)
- Periodically auditing those accounts is a key part of keeping your company’s systems secure.(定期; 保持...安全)
- Score risks based on their severity (嚴重性)
- So much of the global marketplace has shifted to cloud-based services. (轉移至)
- As the environment continues to transform, (當...時候)
- Don't get discouraged now; Don't let anyone discourage you from cybersecurity. (不要灰心)
- Suppose you wanted to know what department the employee using ...(假設)
- The principle of least privilege is the concept of granting only the minimal access and authorization required to complete a task or function. (最小權限原則)
- we use u to represent the user, g to represent the group(表示; 代表)
- its output indicates that the working directory is logs (顯示; 指示)
- Although it took some practice and time to get used to, it has been one of the biggest tools ...(需要一些練習與時間來習慣)
- you'll become much more familiar with(變得更加熟悉)
- it might happen because we don't have the appropriate permissions to perform a command. (適合的)
- I misspelled the command(拼錯)
- the bash shell is the most commonly used shell in the ...(最常使用的)
- You might examine different types of logs to identify what's going on in the system. (檢查; 查明系統發生了什麼事)
- Almost everyone learned on their own by experimenting (透過實驗自學)
- These individuals will likely already have experience using GUIs (這些人; 可能)
- security analysts commonly use a CLI in their everyday work (通常; 日常工作中)
- using a GUI is more like ordering food from a restaurant. (更像)
- Using virtual machines can also be an efficient and convenient way to perform security tasks. (也可以是有效率且方便的方式)
- One more aspect to consider is that (還有一個考慮的方向是)
- The OS is responsible for ensuring that each program is allocating and de-allocating resources. (負責; 釋放)
- A variety of programs, tasks, and processes are ... (各式各樣)
- The OS handles resource and memory management to ensure the limited capacity of the computer system is used where it's needed most. (電腦系統的有限容量; 最需要的地方)
- make sure all the resources of the computer are used efficiently. (有效地)
- Security analysts should be aware of vulnerabilities that affect operating systems. (應該要了解; 影響)
- They run multiple applications at once (一次)
- will be an essential part of your job as a security analyst. (基本部分工作)
- The shared responsibility model states that the CSP must take responsibility for... (共同職責模式;規定)
- Brute force attacks are a trial-and-error process of guessing passwords. (暴力破解; 反覆試驗)
- up-to-date; out-of-date (最新; 過期)
- security hardening involves minimizing the attack surface or potential vulnerabilities and keeping a network as secure as possible. (安全強化; 涉及/包括; 攻擊表面; 潛在漏洞; 盡可能保持網路安全
- refer to; referred to as (是指...; 這被稱為...)
- Software as a service, refers to software suites operated by the CSP that a company can use remotely without hosting the software.
- it is referred to as a hybrid cloud environment.
- Open-source tools and proprietary tools (專有/私有工具)
- Analyst; Analysis; Analyze; Analytic
- like machine learning or data analytics
- As a security analyst
- Splunk is a data analysis platform
- Splunk Enterprise is a self-hosted tool used to retain, analyze and search the log data to provide security information and alert in real-time
- From there I managed to get myself into a security vendor and learn security (從那時開始, 我成功進入一家網路安全供應商學習網路安全)