Cybersecurity

From the Chief Information Security Officer, also known as the CISO, to the engineering team, public relations team, and even the legal team, every member of the security team matters. (資安長;工程團隊;公關團隊;法律團隊) it's important that you know how to evaluate and escalate incidents to the right individual or team when necessary. (您必須知道如何評估事件，並在必要時將事件升級至對的人或團隊。) I enabled debug logs in the service so I could observe what was going on (觀察/看到) Penetration testing (pen test) (滲透測試) security mindset, security awareness (資安思維; 資安意識)

Your security mindset allows you to protect all levels of assets.
So having a security mindset helps analysts defend against the constant pressure from attackers.
Having a strong security mindset can help set you apart from other candidates as you prepare to enter the security profession.
using fictitious emails to evaluate security awareness at the company.

should be escalated to a supervisor. (上報到主管) how to escalate incidents to protect an organization's assets and data (升級事件) happen

after a security incident has taken place
in case a security incident does occur

The role of a security professional is to ensure a company’s data and assets are protected from threats, risks, and vulnerabilities. (安全專業人員的角色是確保公司的資料和資產不受威脅、風險和弱點的影響。) business continuity and disaster recovery plans (營運持續與災害復原計畫) Conduct training for the business continuity team (進行...演練) If you're not sure of the potential impact of an incident, it's always best to be cautious and report events to the appropriate team members. (不確定...; 最好; 適當的團隊成員)

When a security event results in a data breach, it is categorized as a security incident. (資料外洩; 資安事故)

if it was compromised (如果受到入侵/危害) Intellectual property (智財) They can have a significantly negative impact on an organization if leaked publicly. (嚴重的負面影響;公開洩漏) Examples of confidential data include proprietary information such as trade secrets, financial records, and sensitive government data. (專利資訊;商業秘密;財務紀錄) Access to confidential data sometimes involves the signing of non-disclosure agreements (NDAs) This data classification type is important for an organization’s ongoing business operations (持續營運) Unauthorized access to sensitive data can cause significant damage to an organization’s finances and reputation. (未授權存取;重大損害;聲譽) personally identifiable information (PII), sensitive personally identifiable information (SPII), and protected health information (PHI) Public data, Private data, Sensitive data, Confidential data If an individual gains unauthorized access to private data(個人;未經授權存取) Private data is information that should be kept from the public. (不可公開) threats, risks, and vulnerabilities that are posed by social engineering attacks, such as phishing (由社交工程造成的...) such as intellectual property, trade secrets, PII, and even financial information (智慧財產;商業機密;財務資訊) helps you prepare for the worst-case scenario, even if it doesn't happen(對...做準備；最糟情況) cybersecurity profession（網路安全職業） cybersecurity professionals（網路安全專家） refine your understanding of key security concepts（精進/改進） Writing code that assigns security incident tickets to the appropriate cybersecurity team based on its priority level. (寫程式依據優先等級分派資安事故單給合適的資安小組) This results in DNS resolvers sending large responses to (導致) which can lead to significant issues like unplanned downtime (導致; 重大問題; 意外停機) can access restricted information (限制性的) Security professionals are often tasked with reviewing log files(被要求/要負責/通常的任務) Automate cybersecurity tasks with Python removing usernames that match specific criteria from an access list.（特定標準） Make sure your browser is up to date with the latest version(確認瀏覽器是最新的版本) it might be used to determine whether or not to lock an account. (是否鎖定帳戶) checks whether someone is allowed to access a particular file (是否...; 存取特定檔案) improve efficiency; allow it to work effectively (提高效率; 有效運作) use Python code to reduce the manual effort needed to manage an access control list(人工作業; ) Throughout this certificate you will use Qwiklabs and Jupyter Notebooks to complete hands-on activities（整個認證課程中；實作） Security analysts can access Python through a variety of environments（各種環境） The fast.log file is used for basic logging and alerting and is considered a legacy file format（視為...；傳統） The Network-based IDS application inspects network traffic from different devices on the network（檢查/審視） When suspicious or unusual network activity is detected（可疑的；不尋常的） IDS (Intrusion Detection System) is an application that monitors activity and alerts on possible intrusions.（監視活動；可能入侵的告警） Detection requires data, and this data can come from various data sources.（各種的） It’s important to know how to read and interpret different log formats so that you can uncover the key details surrounding an event and identify unusual or malicious activity.（解讀；發掘；查明；不尋常） logs provide key details about activities that occurred across an organization（發生） logs record events that happen on a network, or system.（發生） intrusion detection systems; intrusion prevent systems (IDS;IPS) investigating an alert involving a possible network intrusion（網路入侵） When an outage occurs due to a security incident（發生資安事件的停機） Business Continuity Plan（BCP 營運持續計畫） the three letters in the CIA triad stand for confidentiality, integrity, and availability（資安鐵三角；機密性；完整性；可用性） ensure that you complete a thorough analysis so that you have enough information to make an informed decision about your findings.（徹底分析；做出明智的決定；發現） you'll receive and assess the alert to determine if it's a false positive（評估；確定/決定；誤警報） which prioritizes incidents according to their level of importance or urgency.（重要等級或緊急程度） Having previously investigated the file hash, it is confirmed to be a known malicious file.（之前調查過檔案雜湊值，證實這是已知的惡意檔案） The email body and subject line contained grammatical errors.（語法錯誤） Tedious, error-prone, or time-consuming tasks can be automated, while analysts can prioritize their time with other tasks.（繁瑣，容易出錯或耗時工作；優先處理...） It is an example of a non-automated playbook, which requires step-by-step actions performed by an analyst.（一步一步動作） This depicts the process for detecting a DDoS and begins with determining the indicators of compromise, like unknown incoming traffic.（首先確定入侵指標；） Documentation must be regularly reviewed and updated to keep up with the evolving threat landscape. (文件必須定期審閱與更新，以跟上不斷演變的威脅形勢) Incident response plans standardize an organization’s response process by outlining procedures in advance of an incident. (事件發生前) If a malicious actor compromised a system, evidence must be available to determine their actions so that appropriate legal action can be taken. (採取適當的法律行動) You observe a known user successfully authenticate a new device using two-factor (觀察到; 注意到) Security terms

malicious actors (惡意行為者)
malicious activity (惡意活動)
attackers (攻擊者)
security incidents (資安事件;安全事件)
security analysts (資安分析師; 安全分析師)
security professionals (資安專家; 安全專家)
the suspicious IP address (可疑的)
unusual processes (不尋常的)

IoCs may be the result of human error, system malfunctions, and other reasons not related to security. (人為錯誤; 系統故障) baselines help establish a standard of expected or normal behavior for systems, devices, and networks. (基線) A baseline is a reference point that’s used for comparison. (baseline 是...) Once something unusual or suspicious is detected (不尋常或可疑的東西) How could the company prevent an incident like this from occurring again?（如何防範這類的事件再發生） the stages of incident detection, investigation, analysis, and response（事故偵測；調查；分析；回應） analyze the contents of captured packets（擷取的封包） The app should be in compliance with PCI-DSS.（符合/遵守） developers tend to focus on making their applications work correctly rather than protecting their products from injection.（往往更；讓...正常運作；而不是） Malware（惡意軟體）

Virus（病毒）
Worm（蠕蟲）
Trojan（木馬）
Ransomware（勒索軟體）
Spyware（間諜軟體）

analyzing the suspicious message（可疑的） the group managed to gain access to the organization’s network and internal tools.（群體；成功取得...的存取） Threat actors use many different tactics to carry out their attacks.（威脅行動者；手法；執行） unauthorized access to restricted systems.（未經授權存取; 受限系統） specific type of attacks that cybercriminals commonly use. (網路犯罪) using fictitious emails to evaluate security awareness at the company. (安全意識) Keeping software updated requires effort. (軟體保持更新需要付出努力) Vulnerability scanners are meant to be non-intrusive. (應該; 非侵入性) Examples of remediation steps might include things like enforcing (矯正) We'll explore this step in more details (更多細節) An employee reports that they cannot log into the payroll system with their access credentials. (無法登入; 存取帳密) Symmetric and asymmetric encryption (對稱與非對稱加密) keep private; keep safe (保持私密; 保持安全) you'll review the controls in place to prevent data leaks. (現有的控制) Periodically auditing those accounts is a key part of keeping your company’s systems secure.（定期; 保持...安全） Score risks based on their severity (嚴重性) So much of the global marketplace has shifted to cloud-based services. (轉移至) As the environment continues to transform, (當...時候) Don't get discouraged now; Don't let anyone discourage you from cybersecurity. (不要灰心) Suppose you wanted to know what department the employee using ...（假設） The principle of least privilege is the concept of granting only the minimal access and authorization required to complete a task or function. （最小權限原則） we use u to represent the user, g to represent the group（表示; 代表） its output indicates that the working directory is logs （顯示; 指示） Although it took some practice and time to get used to, it has been one of the biggest tools ...（需要一些練習與時間來習慣） you'll become much more familiar with（變得更加熟悉） it might happen because we don't have the appropriate permissions to perform a command. (適合的) I misspelled the command（拼錯） the bash shell is the most commonly used shell in the ...（最常使用的） You might examine different types of logs to identify what's going on in the system. (檢查; 查明系統發生了什麼事) Almost everyone learned on their own by experimenting (透過實驗自學) These individuals will likely already have experience using GUIs (這些人; 可能) security analysts commonly use a CLI in their everyday work (通常; 日常工作中) using a GUI is more like ordering food from a restaurant. (更像) Using virtual machines can also be an efficient and convenient way to perform security tasks. (也可以是有效率且方便的方式) One more aspect to consider is that (還有一個考慮的方向是) The OS is responsible for ensuring that each program is allocating and de-allocating resources. (負責; 釋放) A variety of programs, tasks, and processes are ... (各式各樣) The OS handles resource and memory management to ensure the limited capacity of the computer system is used where it's needed most. (電腦系統的有限容量; 最需要的地方) make sure all the resources of the computer are used efficiently. (有效地) Security analysts should be aware of vulnerabilities that affect operating systems. (應該要了解; 影響) They run multiple applications at once (一次) will be an essential part of your job as a security analyst. (基本部分工作) The shared responsibility model states that the CSP must take responsibility for... (規定) Brute force attacks are a trial-and-error process of guessing passwords. (暴力破解; 反覆試驗) up-to-date; out-of-date (最新; 過期) security hardening involves minimizing the attack surface or potential vulnerabilities and keeping a network as secure as possible. (安全強化; 涉及/包括; 攻擊表面; 潛在漏洞; 盡可能保持網路安全 refer to; referred to as (是指...; 這被稱為...)

Software as a service, refers to software suites operated by the CSP that a company can use remotely without hosting the software.
it is referred to as a hybrid cloud environment.

Open-source tools and proprietary tools (專有/私有工具) Analyst; Analysis; Analyze

As a security analyst
Splunk is a data analysis platform
Splunk Enterprise is a self-hosted tool used to retain, analyze and search the log data to provide security information and alert in real-time

From there I managed to get myself into a security vendor and learn security (從那時開始, 我成功進入一家網路安全供應商學習網路安全)