Network Security
This protocol secures web traffic by encrypting data between client and server.
What is HTTPS?
A phishing variant that pretends to come from a trusted colleague to request money or data.
What is spear‑phishing?
It’s the “pay‑to‑play” model where attackers encrypt a victim’s files and demand a ransom.
What is ransomware?
Required to maintain access to a classified information system
NTK, Clearance, training (live and Atlas), and briefings
Tools, frameworks, techniques, and practices implemented to ensure the security of computing, information, and other systems and their users
Cybersecurity
A network device that monitors and filters inbound/outbound traffic based on a set of security rules.
What is a firewall?
a type of phishing where they use Ai generated voices to steal information
Vishing
This type of malicious software replicates itself to spread to other computers without needing to attach to a host program.
What is a worm?
The only individuals authorized to transfer data to and from a classified system or removable media
Data Transfer Agents
Kind of devices prohibited from entering restricted access/ closed areas
Bluetooth, Wi-Fi, RFID, audio & visual recording devices, flash drives, USB, thumb drives
This type of attack involves overwhelming a target with traffic, causing denial of service.
What is a DDoS attack?
a type of phishing where they target the "big fish" (CEO)
Whaling
This “trojan” pretends to be legitimate software but actually installs a backdoor.
What is a Trojan horse?
The individual who Maintains inventory/stock of all media stored within the Restricted Access Area or Closed-Area (i.e., approved safe) throughout its lifecycle (creation to destruction)
Media Custodian
Form needed to be able to move classified hardware
Hardware move form
The practice of breaking a security system into components to analyze it is known as this.
What is penetration testing?
a type of phishing where they use texting
sms phishing
The term for software that is installed without the user’s knowledge and then silently gathers data, often used for espionage.
What is spyware?
The individual who continuously monitors activities on the systems and networks to detect unauthorized actions in violation of signed user agreements
Information System Security Officer (ISSO)
Needed for a high to low data transfer
Two-Person Integrity, AFT
An authentication method that uses something you have, something you know, and something you are.
What is multi‑factor authentication (MFA)?
phishing through fake wifi
Evil twin
This zero‑day malware family targeted millions of routers in 2022, exploiting a hard‑coded admin password.
What is the “Mirai” botnet?
The specific individual (by name) responsible for supervising and directing security measures necessary for implementing applicable NISPOM and related requirements for classified information
Jeff Vaccariello
Act of reproducing, extracting, summarizing, incorporating, paraphrasing, restating, or generating, in a new form, information already classified and marking the newly developed material consistent with the classification and markings applied to the source information
Derivative Classification