🦠
A general term used to describe software designed to damage, disrupt, or gain unauthorized access to a system.
malware
This is the term for attempting to acquire sensitive information by pretending to be a trustworthy entity.
phishing
The act of converting data into an unreadable format to protect its confidentiality.
encryption
A copy of a VMs disk file at a given point in time.
snapshot
A network of remote servers hosted on the Internet to store, manage, and process data.
cloud computing
This type of malware disguises itself as legitimate software to trick users into installing it.
trojan horse
An insider threat comes from which source?
employee or trusted individual within the organization
Symmetric encryption uses the same key to encrypt and decrypt while this type of encryption uses a key pair.
asymmetric
What software creates and runs virtual machines?
hypervisor
IaaS, PaaS, and SaaS are __________________?
cloud service models
This malware locks users out of their system or data and demands payment to restore access.
ransomware
Term used to describe the manipulation of people into giving up confidential information.
social engineering
This cryptographic concept ensures that data has not been altered in transit.
hashing
Also known as the bare-metal hypervisor, which type runs directly on the host's hardware
Type 1 hypervisor
A model defining responsibilities are shared between the cloud provider and the customer.
shared responsibility model
This type of malware can replicate itself and spread across systems without human interaction.
worm
Fake emails targeting specific individuals.
spear phishing
This cryptographic protocol enables secure communication over an insecure network and is widely used in HTTPS.
TLS [Transport Layer Security]
A lightweight alternative to traditional virtual machines, often used in DevOps environments.
container (e.g., Docker)
A cloud deployment model which provides the most control over infrastructure and security
private cloud
Name the stealthy type of malware that provides continuous, privileged access to a system while actively hiding its presence.
rootkit
APT. Not to be confused with an appt.
Advanced Persistent Threat
This type of cryptography is considered more efficient than RSA do to a smaller key size, reducing computational overhead, while providing the same level of security.
Elliptic Curve Cryptography [ECC]
A technique used in virtualization to allow a host operating system to reclaim memory from VMs, when the VM is not using it.
Memory Ballooning
Where data is physically stored and the legal regulations that apply to it.
data residency [concerns]