A VPN is a Virtual Private Network that secures and encrypts internet connections, protecting data during transmission.

A zero-day exploit is an attack on a software vulnerability that is unknown to the vendor and not yet patched.

Phishing is a social engineering attack where attackers trick users into providing sensitive information via fake emails or websites.

A penetration test simulates a cyberattack to identify vulnerabilities in a system or network.

A botnet is a network of infected devices controlled by cybercriminals to perform attacks like DDoS or malware distribution.

An IDS detects and alerts on suspicious activity, while an IPS detects and blocks attacks in real-time.

A security audit involves evaluating a system's security posture to identify vulnerabilities and ensure compliance with standards.

Social engineering manipulates individuals into divulging confidential information by exploiting human psychology.

The CIA triad stands for Confidentiality, Integrity, and Availability, the three core principles of cybersecurity.

Symmetric encryption uses the same key for both encryption and decryption, while asymmetric encryption uses a public key for encryption and a private key for decryption.

Cybersecurity involves protecting systems, networks, and data from digital attacks, damage, or unauthorized access. It includes practices like encryption, firewalls, intrusion detection systems, and secure access management.

Common threats include malware, phishing, ransomware, man-in-the-middle attacks, denial-of-service (DoS) attacks, and insider threats.

A virus attaches itself to a program or file and spreads when the program or file is executed. A worm, on the other hand, is a self-replicating program that spreads independently over networks.

Multi-factor authentication (MFA) is a security process that requires two or more forms of verification to access resources.

Encryption converts data into a secure format to prevent unauthorized access, ensuring confidentiality and integrity.

A firewall monitors and controls network traffic based on predefined security rules to block unauthorized access.

A DDoS attack floods a target network with traffic from multiple systems, causing service disruption or downtime.

Patch management involves identifying, acquiring, and installing software updates to fix vulnerabilities.

Common malware signs include system slowness, unusual behavior, pop-ups, and disabled antivirus software.

A sandbox is an isolated environment for safely testing potentially malicious software without affecting the system.

A hash function converts data into a fixed-size value or digest that securely represents the original data.

A CISO is responsible for overseeing an organization’s information security strategy and managing cybersecurity risks.

White-hat hackers are ethical hackers, black-hat hackers exploit vulnerabilities for malicious purposes, and gray-hat hackers may operate without permission but don't have malicious intent.

Risk management in cybersecurity involves identifying, assessing, and mitigating risks to systems and data.

A security breach occurs when unauthorized access is gained to sensitive data, systems, or networks.

SSL is a protocol used to secure communications between a web server and a client (browser) by encrypting data transmitted over the network.

The public key encrypts data and can be shared, while the private key decrypts the data and must be kept secure.

Two-factor authentication (2FA) is an authentication method requiring two forms of verification: something you know (password) and something you have (security token or app).

Cloud security ensures the protection of data stored in the cloud, offering scalability, flexibility, enhanced monitoring, and reduced infrastructure costs.

Regularly updating software, using strong passwords, enabling MFA, conducting security training, and backing up data are best practices for maintaining cybersecurity hygiene.

import random

def is_weak_rng():
    # Generate a random number using the default RNG
    number1 = random.randint(1, 100)
    number2 = random.randint(1, 100)
    
    if number1 == number2:
        return "Weak RNG: Generated numbers are not random."
    return "Strong RNG: Generated numbers are random."

# Test case
print(is_weak_rng())

Explanation:

• This function checks if two randomly generated numbers from the default random module are the same, which would indicate a weakness in the RNG.
• The random module is not suitable for cryptographic applications, as it can produce predictable results. Cryptographically secure random number generators (CSPRNGs) should be used for security-critical applications.