authentication
access control
Threats attacks
Security Ops
100

This common authentication factor relies on something a user knows, such as a password or PIN.

What is knowledge-based authentication?

100

This access control method restricts access to resources based on the identity of the user or group

What is discretionary access control (DAC)?

100

This type of attack overloads a network or server with excessive traffic, causing it to become unavailable to users

This type of attack overloads a network or server with excessive traffic, causing it to become unavailable to users

100

This is the first step in the incident response process, where an organization identifies and confirms that an incident has occurred.

What is detection and identification?

200

This form of authentication combines at least two different factors from categories such as knowledge, possession, and inherence.

What is multifactor authentication (MFA)?

200

This access control model is based on security labels assigned to users and resources, often used in military and government systems.

What is mandatory access control (MAC)?

200

This type of malware disguises itself as a legitimate program or file to trick users into downloading and executing it.

What is a Trojan?

200

This centralized system collects, analyzes, and stores log data to help identify and investigate security events.

What is a Security Information and Event Management (SIEM) system?

300

This authentication protocol is commonly used for securely logging into network services by using tickets issued by a trusted third party.

What is Kerberos?

300

This NAC method grants or denies network access based on user identity and device compliance, often integrating with directory services like Active Directory.

What is 802.1X authentication?

300

This attack involves manipulating a web application to include malicious code in a response sent to another user, exploiting their trust in the application's source.

What is cross-site scripting (XSS)?

300

This key principle in digital forensics ensures the integrity of evidence by documenting its collection, transfer, and analysis.

What is chain of custody?

400

This metric in biometric authentication systems measures the likelihood of a false positive match.

What is the False Acceptance Rate (FAR)

400

This feature of port security limits the number of MAC addresses allowed on a switch port, helping to prevent unauthorized devices from connecting.

What is MAC address filtering?

400

This attack vector exploits vulnerabilities in unsecured wireless networks, often using techniques such as rogue access points or evil twin attacks.

What is wireless attack?

400

This proactive security practice involves searching for threats or indicators of compromise within an organization’s environment before alerts are triggered.

What is threat hunting?

500

This modern authentication standard provides single sign-on (SSO) capabilities by exchanging tokens between an identity provider and a service provider.

What is SAML (Security Assertion Markup Language)?

500

This technology is used to inspect and enforce security policies for HTTP and HTTPS traffic, protecting web applications from threats such as SQL injection and cross-site scripting.

What is a web application firewall (WAF)?

500

This highly targeted and persistent threat is often carried out by well-funded adversaries, focusing on long-term infiltration and data exfiltration from a specific organization.

What is an advanced persistent threat (APT)?  

500

This advanced SOC capability uses machine learning and artificial intelligence to automate threat detection, response, and analysis, reducing response times and minimizing human intervention.

What is SOAR (Security Orchestration, Automation, and Response)?

M
e
n
u