Information Security Basics
What does the "C" in the CIA Triad stand for?
What is Confidentiality
What do we call attackers with limited technical knowledge who use prewritten tools?
Who are Script Kiddies?
A system weakness that can be exploited is called a ___________.
What is a vulnerability?
Pretending to be someone else to trick a victim is called __________.
What is impersonation?
An attacker corrupting files causes what type of impact?
What is data loss?
As security increases, what decreases?
What is convenience?
Which group is motivated by ideology and makes political statements through cyberattacks?
Who are Hacktivists?
Using outdated operating systems or legacy hardware is an example of which vulnerability category?
What are platform vulnerabilities?
A targeted phishing attack against executives is called __________.
What is whaling?
What is it called when data is stolen and sold to third parties?
What is data exfiltration?
Information security protects data when it is manipulated, preserved, or ____________.
What is transmitted?
Which type of threat actor is state-sponsored and engages in multiyear campaigns?
Who are State Actors?
Not updating a system’s firmware leaves what kind of vulnerability?
What is an unpatched vulnerability?
Following someone into a secure building without authorization is __________.
What is tailgating?
A loss of system availability impacts what aspect of the organization?
What is productivity/financial loss?
Which principle ensures information is correct and unaltered?
What is Integrity?
What term describes employees or contractors who misuse their access?
Who are Insiders?
What type of vulnerability occurs when a weakness is discovered before developers can patch it?
What is a Zero-Day?
Which is NOT a social engineering attack: phishing, hoax, zero-day, or watering hole?
What is Zero-Day?
Which impact damages how the public views a company?
What is reputational damage?
Which principle ensures authorized users can access information when needed?
What is Availability?
What is the term for a government-sponsored, long-term intrusion campaign?
What is an Advanced Persistent Threat (APT)?
What’s the risk in working with external vendors that connect directly to your systems?
What is third-party/system integration vulnerability?
Looking over someone’s shoulder to steal login info is called __________.
What is shoulder surfing?
A large-scale attack shutting down a company’s website affects what principle of the CIA triad?
What is Availability?