Cybersecurity Basics
This three-part model is the foundation of cybersecurity principles.
What is the CIA triad (Confidentiality, Integrity, and Availability)?
This type of attack involves an attacker sending fraudulent communications that appear to come from a reputable source.
What is phishing?
This is an update to software that fixes a security vulnerability.
What is a patch?
This 2017 ransomware attack affected over 200,000 computers across 150 countries, exploiting a vulnerability in Windows. It made users _____.
What is WannaCry?
Passwords are typically not stored in plain text. They are stored as ________________.
What are hashes?
This type of software is designed to detect and remove malicious software from a computer.
What is antivirus software?
This type of malware encrypts a victim's files and demands payment to restore access.
What is ransomware?
This principle involves granting users only the access they need to perform their job functions.
What is the principle of least privilege?
This 2000s virus spread through email with the subject line _____ and infected millions of computers worldwide.
what is ILOVEYOU?
This kind of engineering is used to trick people into revealing their personal information.
What is social engineering?
This is the process of converting information or data into a code to prevent unauthorized access.
What is encryption?
This threat involves secretly monitoring a user’s keystrokes to capture sensitive information like passwords.
What is a keylogger?
This is a security measure that requires users to provide two forms of identification before accessing an account.
What is two-factor authentication?
This attack on Iran destroyed many of the centrifuges it used in its nuclear weapons program.
What is Stuxnet?
These two colors are included in the names of hackers who hack maliciously and those who hack with the permission of system managers.
What is black and white?
This term refers to the practice of ensuring that data is accurate and reliable.
What is data integrity?
This type of malware disguises itself as legitimate software to trick users into installing it.
What is a Trojan horse?
This type of test involves simulating cyberattacks on a system to identify vulnerabilities.
What is penetration testing?
A 2014 data breach of a email service exposed data of over 500 million users but the breach was not publicly disclosed until two years later.
Yahoo
This is the science of hiding information in plain sight, like manipulating the binary of files or images.
What is steganography?
This type of attack involves overwhelming a system with traffic to make it unavailable to users.
What is a Distributed Denial of Service (DDoS) attack?
This term describes a vulnerability that is unknown to those who should be interested in mitigating it.
What is a zero-day exploit?
This practice reduces blast radius by segmenting systems so a compromise in one area cannot easily spread to others.
What is network segmentation?
This 2020 supply chain attack involved hackers inserting malicious code into software updates for Orion software platform which is a widely used IT management platform
What is SolarWinds?
This term describes the use of multiple compromised computers to perform coordinated attacks, such as overwhelming a server with traffic.
What is a botnet