Social Engineering
This term refers to the practice of sending fraudulent emails that appear to be from a reputable source to induce individuals to reveal personal information.
What is Phishing?
This security measure requires a user to provide two or more verification factors to gain access to a resource like a college email account.
What is MFA (Multi-Factor Authentication)?
This digital "wall" monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies.
What is a Firewall?
This type of malicious software encrypts a victim's files, with the attacker demanding a payment to restore access.
What is Ransomware?
This university document outlines the rules for using campus Wi-Fi, computers, and software responsibly.
What is an Acceptable Use Policy (AUP)?
This phone-based phishing attack involves scammers calling students pretending to be IT support or a government agency.
What is Vishing?
This "one-way" cryptographic function turns data into a fixed-length string of characters; it is commonly used to store passwords securely.
What is a Hash Function (or Hashing)?
This type of attack occurs when a hacker inserts a malicious script into a trusted website, which is then executed in a victim's browser.
What is Cross-Site Scripting (XSS)?
Named after a famous Greek myth, this malware disguises itself as legitimate software to trick users into installing it.
What is a Trojan Horse?
If you are using a public Wi-Fi at a coffee shop, you should use this tool to create an encrypted tunnel for your data.
What is a VPN (Virtual Private Network)?
In this physical attack, an unauthorized person follows an authorized employee into a secure area or dormitory.
What is Tailgating (or Piggybacking)?
In this type of encryption, the same key is used for both encrypting and decrypting the data.
What is Symmetric Encryption?
This acronym stands for an attack that attempts to make a server or network resource unavailable by overwhelming it with a flood of internet traffic.
What is DDoS (Distributed Denial of Service)?
This is a software vulnerability that is exploited by attackers before the software developer becomes aware of it or has a chance to patch it.
What is a Zero-Day vulnerability?
The three pillars of the "CIA Triad," the core model for information security, stand for these three words.
What are Confidentiality, Integrity, and Availability?
This type of phishing targets a specific individual or department, often using personal details found on LinkedIn or a University directory.
What is Spear Phishing?
This is the name of the protocol (the "S" in HTTPS) that provides end-to-end security for data sent between a web browser and a server.
What is TLS (Transport Layer Security)?
This type of vulnerability allows an attacker to interfere with the queries that an application makes to its database.
What is SQL Injection?
These are "ethical hackers" who use their skills to find vulnerabilities and help organizations fix them.
Who are White Hat hackers?
This specific type of "scam" often targets students during the summer or graduation by offering high-paying remote roles that require an "upfront equipment fee."
What is an Employment/Internship Scam?
This "sweet" social engineering tactic involves leaving a malware-infected USB drive in a public place like a student union, hoping someone will plug it in.
What is Baiting?
This modern encryption method uses a pair of keys—one public and one private—to secure communications.
What is Asymmetric Encryption (or Public Key Cryptography)?
This "middleman" attack occurs when a hacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
What is a Man-in-the-Middle (MitM) attack?
This type of malware is designed to gain administrative-level control over a computer system without being detected.
What is a Rootkit?
This 2017 data breach at a major credit reporting agency exposed the sensitive data of approximately 147 million people, including many students' Social Security numbers.
What was the Equifax breach?