Threats, Vulnerabilities & Attacks
An employee receives a message claiming their bank account is locked and must click a link immediately to restore access.
What is phishing?
A company wants employees working from home to securely connect to internal company systems over the internet.
What is a VPN?
A user logs in with a password and then confirms the login using a code sent to their phone.
What is multi-factor authentication (MFA)?
A company converts sensitive customer information into unreadable data so unauthorized users cannot understand it if stolen.
What is encryption?
Employees complete yearly training on phishing, passwords, and suspicious links to reduce human-related security risks.
What is security awareness training?
A hacker tests thousands of password combinations against a login page until one works.
What is a brute-force attack?
A school installs a device that blocks unauthorized traffic entering or leaving the network based on security rules.
What is a firewall?
A teacher only has access to student grades for their own classes but no other teacher's classes.
What is the principle of least privilege?
A user notices a padlock symbol and “https” in the browser address bar, showing that this protocol is protecting the web connection.
What is transport layer security (TLS)?
A company regularly installs operating system and software updates to correct known security weaknesses.
What are vulnerabilities?
Malware is spreading automatically across company computers by exploiting software flaws and no users clicked anything.
What is a worm?
A network administrator separates student devices from administrative computers to reduce the spread of attacks between groups.
What is network segmentation?
Before allowing access to a system, the system verifies a user’s identity through usernames, passwords, or biometrics.
What is authentication?
A company stores passwords as irreversible values instead of readable text to improve security. When password is entered, it runs through the same process for comparison to the stored value.
What is hashing?
A new hire is reading a company document that explains what employees are allowed and not allowed to do on company computers and networks.
What is an acceptable use policy?
A user connects to free airport Wi-Fi and an attacker secretly intercepts their traffic and login information.
What is a man-in-the-middle attack
A security team has deployed a system to monitor and alert on suspicious traffic without automatically stopping it.
What is an IDS (Intrusion Detection System)?
An employee's employment is terminated, and the company immediately disables the employee's account. If the company didn't do this, they would accept a risk.
What is unauthorized access?
An organization uses one key to encrypt data and a different key to decrypt it.
What is asymmetric encryption?
A company discovers an employee clicked a malicious attachment, and security staff begin documenting the attack, identifying affected systems, and determining the scope of the breach.
What is incident investigation or incident analysis?
A hospital’s patient records become encrypted by attackers demanding payment. But the hospital is not concerned and will not agree to pay the ransom.
What are secure offline backups?
A company places its public-facing web server on a separate network between the internet and the internal company network to reduce risk if the server is compromised.
What is a DMZ?
A company requires every device and user to continuously prove identity and authorization before accessing resources, even inside the network.
What is Zero Trust?
A browser warns that a website certificate is invalid, meaning attackers could potentially intercept or alter communications going to and from the website.
What is a man-in-the-middle attack?
A company conducts practice cybersecurity breach exercises with staff before a real attack occurs in order to improve preparedness.
What are tabletop exercises or incident response exercises?