Security Principles
What does “Least Privilege” mean?
Giving users only the access they need.
What type of malware locks your files until a payment is made?
Ransomware
What is an unpatched software weakness called?
Vulnerability
What do the letters in CIA Triad stand for?
Confidentiality, Integrity, Availability
Software that detects and removes malware.
Antivirus
This principle ensures actions can be traced to a user.
Accountability
This attack floods a server with traffic to shut it down.
DoS (Denial of Service)
Default passwords on devices are considered what?
Security Misconfiguration
Encryption protects which CIA element?
Confidentiality
What is used to filter incoming and outgoing network traffic?
Firewall
Principle that ensures systems can continue to function even if parts fail.
Fault Tolerance
Tricking someone into giving info through fake emails.
Phishing
Weakness in IoT devices lacking updates is called?
IoT Vulnerabilities
Backups help ensure which aspect of the CIA triad?
Availability
Strong passwords and biometrics are examples of what?
Authentication methods
Separating tasks so no user has total control is called what?
Separation of Duties
An attacker secretly intercepts communication between two parties.
Man-in-the-Middle
Poorly written code that allows outsiders to inject commands.
Code Injection / SQL Injection
What protects integrity by detecting unauthorized data changes?
Hashing
What security concept uses multiple layers like passwords + MFA?
Defense in Depth
The principle that security should be built in from the start of a system, not added later.
Security by Design
A long-term, hidden cyberattack targeting a specific organization.
Advanced Persistent Threat (APT)
This vulnerability occurs when sensitive data is not encrypted in storage or transit
Data Exposure
Access control lists (ACLs) help enforce which CIA principle?
Confidentiality
A test where professionals try to hack a system legally.
Penetration Testing