Virtualization
Cybersecurity Threats
COMPUSEC &
INFOSEC
Firewalls & Network Defense
Incident Response
100

This software creates and manages virtual machines on a host system

Hypervisor

100

Psychological manipulation that tricks users into revealing confidential information

Social Engineering

100

This ensures that information is available when authorized users need it

Availability

100

Hardware or software that filters and protects network traffic

Firewall

100

The first individual to identify and react to a potential incident

First Responder

200

A software-based emulation of a physical computer system

Virtual Machine (VM)

200

A malicious program disguised as something useful, granting hackers control

Trojan Horse

200

This program identifies vulnerabilities in systems processing national security information

TEMPEST

200

This rule-based filtering method checks if traffic is part of an existing connection

Stateful Inspection

200

The step in incident response that involves analyzing technical details and root causes

Incident Analysis

300

This hypervisor runs directly on hardware without an underlying OS

Bare-Metal Hypervisor

300

A coordinated attack where multiple systems flood a target with traffic

Distributed Denial of Service attack

300

Electromagnetic interference that can disrupt or expose communications

EMI (Electromagnetic Interference)

300

This firewall zone allows selected Internet traffic to reach internal servers

Demilitarized Zone (DMZ)

300

The team responsible for handling and documenting security incidents

Computer Incident Response Team (CIRT)

400

Securing a system by reducing its surface of vulnerability

Hardening

400

A hidden software that gives an attacker privileged access to a system

Rootkit

400

This system protects the transmission of unencrypted classified information

Protected Distribution System (PDS)

400

This method blocks all traffic by default and only allows trusted connections

Allowlisting

400

The process of reviewing lessons learned and corrective actions after an incident

Post-Incident Analysis or Postmortem

500

One disadvantage of virtualization is that it can introduce these risks due to sharing hardware resources

Security Risks

500

The cybersecurity discipline that identifies and protects classified national security information

Information Security (INFOSEC)

500

The copper cabling principle that separates encrypted and unencrypted signals

Red/Black Seperation

500

This combines packet, stateful, and application-layer filtering for deep analysis

Next Generation Firewall (NGFW)

500

This type of incident occurs when classified information is sent to a lower classification device

Classified Messaging Incident (CMI)

M
e
n
u