CIA TRIAD
This principle emphasizes the protection of information from unauthorized access or disclosure.
What is Confidentiality?
This method involves intercepting and altering communications between two parties without their knowledge.
What is Man-in-the-Middle (MitM) attack?
This credit reporting agency suffered a major data breach in September 2017 that affected approximately 147 million consumers.
What is Equifax?
This term refers to the method where an attacker systematically tries every possible combination of characters until the correct password is found.
What is a brute-force attack?
The process of attempting to discover or recover a user’s password by exploiting information or vulnerabilities is known as this.
What is password cracking?
Ensuring that data is accurate and untampered with relates to this component of the CIA Triad.
What is Integrity?
This technique uses social engineering to trick individuals into revealing personal information, often through phishing emails.
What is Phishing?
One of the main vulnerabilities exploited in the Equifax breach was a failure to patch this web application framework, commonly used by businesses.
What is Apache Struts?
The technique used to recover passwords by using a precomputed table that contains hashes for common passwords.
What is a rainbow table?
This type of malicious software is designed to gain unauthorized access to a computer system.
What is a "virus"?
This aspect of the CIA Triad focuses on making sure that information systems and data are accessible to authorized users when needed.
What is Availability?
This hacking method exploits software vulnerabilities to gain unauthorized access to a system, often using a script or automated tool.
What is Exploit?
Equifax faced backlash for this action, taken by several of its executives, just before the breach was publicly announced.
What is selling company stock?
This well-known cybersecurity principle suggests that users should create passwords that are not easily guessable by including letters, numbers, and special characters, often referred to as this format.
What is a strong password?
The process of converting sensitive data into an unreadable format to protect it from unauthorized access is known as this.
What is "encryption"?
This type of attack compromises all three aspects of the CIA Triad by simultaneously stealing, altering, and making data unavailable.
What is a ransomware attack?
In this type of attack, hackers overload a targeted system with traffic to make it unavailable to users, impacting its availability.
What is a Denial of Service (DoS) attack?
This major cybersecurity organization noted that the breach illustrates the importance of organizations to have updated security measures and practices.
What is the Cybersecurity and Infrastructure Security Agency (CISA)?
An attack that involves guessing a password using dictionary words and common variants rather than all possible combinations.
What is a dictionary attack?
This security feature uses your fingerprint or face to unlock a device.
What is biometric authentication?
This policy, part of the CIA Triad, outlines protocols for handling sensitive information to ensure data is kept confidential.
What is a data protection policy?
This advanced persistent threat (APT) technique involves gaining access to a network over a long period, often using various stealth methods.
What is a Backdoor?
Equifax responded to the breach by launching a comprehensive review and implementing this to improve its data security measures.
What is a security enhancement program?
This type of encryption is often used to secure passwords, making them unreadable without the correct decryption key.
What is hashing?
This framework outlines five key functions—Identify, Protect, Detect, Respond, and Recover—to help organizations manage and reduce cybersecurity risk.
What is the NIST Cybersecurity Framework?