> For the complete documentation index, see [llms.txt](https://cybersecurity-cloud-and-it-notes.gitbook.io/kyles-cybersecurity-cloud-and-it-gitbook/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://cybersecurity-cloud-and-it-notes.gitbook.io/kyles-cybersecurity-cloud-and-it-gitbook/google-cybersecurity-professional-cert/5.-assets-threats-and-vulnerabilities/module-2/review-protect-organizational-assets.md).

# Review: Protect organizational assets

## Glossary terms from module 2

Let’s turn this glossary into a fun, bite-sized adventure. 🕵️‍♂️✨ Imagine we're on a tech treasure hunt, and each term is a clue or tool we need. Ready? Let’s dive in! 🚀

***

#### 🔐 **Access Controls**

**Think:** Bouncers at a club. **What It Does:** Decides who gets in, who doesn’t, and keeps track of everyone inside. Manages who can see or use information.&#x20;

* Security controls that manage access, authorization, and accountability of information

#### 🧩 **Algorithm**

**Think:** A recipe for your favorite dish. **What It Does:** A step-by-step set of rules to solve a problem or complete a task.

* A set of rules used to solve a problem

#### 🔑 **API Token**

**Think:** A secret handshake. **What It Does:** A tiny, encrypted code that proves who you are when apps talk to each other.

* Application Programming Interface (API) token: A small block of encrypted code that contains information about a user

#### 🔒 **Asymmetric Encryption**

**Think:** A mailbox with a public slot and a private key. **What It Does:** Uses two keys (public to lock, private to unlock) to keep data safe.

#### 🛡️ **Basic Auth**

**Think:** Showing your ID to get into a club. **What It Does:** The basic way to prove who you are to access a server.

#### 🪙 **Bit**

**Think:** The tiniest Lego piece. **What It Does:** The smallest unit of data in computing (0 or 1).

#### 💣 **Brute Force Attack**

**Think:** Trying every key on a keyring until one fits. **What It Does:** Hackers guess passwords by trial and error until they crack them.

#### 🔠 **Cipher**

**Think:** A secret code language. **What It Does:** An algorithm that scrambles information to keep it secret.

#### 🗝️ **Cryptographic Key**

**Think:** The master key to a secret vault. **What It Does:** Unlocks encrypted (scrambled) data.

#### 🕵️‍♂️ **Cryptography**

**Think:** Spy stuff for data. **What It Does:** Turns readable info into secret codes so only the right people can read it.

#### 🛡️ **Data Custodian**

**Think:** The guard of your info treasure. **What It Does:** Takes care of storing, handling, and protecting data safely.

#### 👑 **Data Owner**

**Think:** The king or queen of their data kingdom. **What It Does:** Decides who can see, change, use, or delete their information.

#### 📜 **Digital Certificate**

**Think:** An online ID badge. **What It Does:** Confirms the identity of someone holding a public key.

#### 🔐 **Encryption**

**Think:** Locking your diary. **What It Does:** Converts readable data into a coded format to keep it private.

#### 🎲 **Hash Collision**

**Think:** Two friends accidentally wearing the same costume. **What It Does:** When different inputs create the same hash value (like two passwords ending up with the same code).

#### 🔢 **Hash Function**

**Think:** A blender that turns anything into a unique smoothie. **What It Does:** Takes data and creates a fixed-size code that can’t be turned back into the original.

* An algorithm that produces a code that can’t be decrypted

#### 📚 **Hash Table**

**Think:** A super-organized library index. **What It Does:** Stores and retrieves hash values quickly.

* A data structure that's used to store and reference hash values

#### 🆔 **Identity and Access Management (IAM)**

**Think:** The ultimate gatekeeper system. **What It Does:** Manages who you are digitally and what you can access in an organization.

#### 🕶️ **Information Privacy**

**Think:** Your personal diary under lock and key. **What It Does:** Protects your data from being seen or shared without permission.

#### 🔐 **Multi-Factor Authentication (MFA)**

**Think:** Double locks on your door. **What It Does:** Requires two or more ways to verify who you are before accessing something.

#### ❌ **Non-Repudiation**

**Think:** Digital fingerprints. **What It Does:** Ensures you can’t deny sending a message or performing an action.

#### 🔗 **OAuth**

**Think:** A VIP pass that lets apps share info without sharing passwords. **What It Does:** Allows one app to access parts of another app on your behalf.

* An open-standard authorization protocol that shares designated access between applications

#### 💳 **Payment Card Industry Data Security Standards (PCI DSS)**

**Think:** The rulebook for keeping credit card info safe. **What It Does:** Sets security standards for financial organizations to protect card data.

#### 🕵️‍♀️ **Personally Identifiable Information (PII)**

**Think:** Your personal secret info (like your name or SSN). **What It Does:** Data that can identify you individually.

* Any information used to infer an individual's identity

#### 🏰 **Principle of Least Privilege**

**Think:** Giving only the keys someone needs, no more. **What It Does:** Grants the minimum access necessary for someone to do their job.

#### 🏥 **Protected Health Information (PHI)**

**Think:** Your private medical records. **What It Does:** Info related to your health that needs to stay confidential.

#### 🌐 **Public Key Infrastructure (PKI)**

**Think:** The postal system for encrypted messages. **What It Does:** Manages keys and certificates to secure online communications.

#### 🌈 **Rainbow Table**

**Think:** A cheat sheet for passwords. **What It Does:** A pre-made list of hash values and their original data to crack passwords quickly.

#### 🧂 **Salting**

**Think:** Adding spices to your password recipe. **What It Does:** Adds extra data to passwords before hashing to make them harder to crack.

#### 🕵️ **Security Assessment**

**Think:** A health check for your security. **What It Does:** Evaluates how well your security measures can defend against threats.

#### 📝 **Security Audit**

**Think:** A report card for your security policies. **What It Does:** Reviews and verifies that your security controls meet certain standards.

#### 🛡️ **Security Controls**

**Think:** Shields and barriers to protect your data. **What It Does:** Safeguards designed to reduce specific security risks.

#### 👫 **Separation of Duties**

**Think:** No one person gets all the power. **What It Does:** Ensures tasks are divided so no single user can misuse the system.

#### 🕰️ **Session**

**Think:** Your time spent browsing a website. **What It Does:** A series of interactions between you and a server during one visit.

#### 🍪 **Session Cookie**

**Think:** A temporary pass for your visit. **What It Does:** A token that keeps your session active and determines how long it lasts.

#### 🦹‍♂️ **Session Hijacking**

**Think:** Stealing someone’s temporary pass to sneak in. **What It Does:** Attackers take over your session ID to impersonate you.

#### 🆔 **Session ID**

**Think:** Your unique ticket for a website visit. **What It Does:** Identifies you and your device during a session on a system.

#### 🔑 **Single Sign-On (SSO)**

**Think:** One key opens all doors. **What It Does:** Lets you log in once and access multiple applications without logging in again.

#### 🔄 **Symmetric Encryption**

**Think:** A single key for both locking and unlocking. **What It Does:** Uses one secret key to encrypt and decrypt information.

#### 👤 **User Provisioning**

**Think:** Creating and managing your online identity. **What It Does:** The process of setting up and maintaining a user's access and identity in systems.

***

#### 🎉 **Quick Recap Party!**

* **Locks & Keys:** Encryption, Asymmetric Encryption, Symmetric Encryption, Cryptographic Key
* **Identity Magic:** IAM, MFA, SSO, API Token
* **Data Guardians:** Data Owner, Data Custodian, Access Controls
* **Security Attacks:** Brute Force Attack, Session Hijacking, Hash Collision
* **Fun with Functions:** Algorithm, Hash Function, Cipher
* **Standards & Protocols:** OAuth, PCI DSS, PKI

***

#### 🧠 **Memory Hacks:**

* **Think of "Salt" in Salting** as adding flavor to your password to make it unique.
* **Rainbow Tables** are like cheat sheets that hackers use to match hash values to passwords.
* **MFA** is like having a key, a password, and a fingerprint scanner to enter your house.

***

#### 🎨 **Visualize It:**

Imagine a **castle** (your data) guarded by **bouncers** (Access Controls), with **secret doors** (Encryption) that only you can open using your **master key** (Cryptographic Key). Inside, **different rooms** (Data Custodian, Data Owner) keep various treasures (PII, PHI) safe, while **guards** (Security Controls) watch out for **intruders** (Brute Force Attacks).

***

Stay curious and keep exploring these terms! Each one is a key piece in the grand puzzle of cybersecurity. 🧩🔐✨
