Access Control
A method where access to a website or account is only granted after the user presents two or more factors (password, SMS code, etc.)
What is multifactor authentication? (or two-factor authentication)
A type of malicious software, or malware designed to deny access to a computer system or data until compensation is paid
What is ransomware?
The record your browser keeps of the websites you’ve visited
What is browser history?
A secret word or phrase that must be used to gain access to a computer system or service
What is a password?
An unsolicited message sent via bulk email, also known as junk emails
What is spam?
An approach to restrict system access to authorized users by granting it based on business responsibilities
What is role-based access control?
An attack that aims to make a service such as a website unusable by flooding it with a large amount of malicious traffic
What is a denial of service attack (DDoS)?
The use of remote servers hosted on the internet to store, manage, and process data, rather than a local server or personal computer
What is cloud computing?
The process of converting plaintext into another format that cannot be decoded without a key
What is encryption?
A technique used to fake the sender address of an email
What is spoofing?
A user authentication service that allows users to log into many different applications with a single set of credentials
What is Single Sign On (SSO)?
An attack that repeatedly tries possible passwords or encryption keys until the correct one is found
What is a brute-force attack?
The global, hypermedia-based collection of information and services that is available on internet servers
What is the World Wide Web?
An appliance used at the edge of a network to block unauthorized access and control traffic
What is a firewall?
A key that uniquely identifies the sender of the message and proves the message hasn’t been altered in transit
What is a digital signature?
The use of physical characteristics such as fingerprints to authenticate users
What is biometrics?
A cyber threat that comes from within an organization - for example, from an employee
What is an insider threat?
A segment of data sent by an Internet server to the browser which is stored by the browser to track a user
What is a cookie?
A software application designed to detect and eliminate malicious activity including viruses before damage is done and repair or quarantine files that have already been infected
What is an anti-virus?
Sending malicious or fraudulent emails pretending to be from someone else in order to gain access to data, such as personal information and passwords
What is phishing?
The principle of allowing users as little access to a system as possible for them to complete their tasks
What is the principle of least privilege?
A confirmed incident in which sensitive or confidential data has been accessed or released without authorization
What is a data breach?
Trading in cyberspace, with goods or services supplied through a website
What is e-commerce?
A set of changes deployed to a computer program designed to update, fix, or improve it
What is a patch?
A targeted attempt to steal sensitive information specifically targeting high-profile personnel or senior management
What is whaling or spear-phishing?