Information
Security
Availability
The Enemy
I'm so smart
100

A system that monitors network traffic for suspicious activity and alerts administrators about potential intrusions.

What is an Intrusion Detection System (IDS)?

100
Overlapping layers of protection put in place so that if one layer fails other layers succeed in protecting is known as....
What is Defense in Depth?
100

Control to apply or maintain permissions to prevent an account from getting information they are not authorized to see while making the information available to those who are authorized.

What is Access Control?

100

A type of malware that encrypts a victim's data, demanding a payment to decrypt it.

What is ransomware?

100

This type of malicious software is designed to secretly collect sensitive information, such as keystrokes or login credentials

What is a Keylogger?

200

This regulation, enacted in the European Union, governs the protection of personal data and privacy.

What is GDPR (General Data Protection Regulation)?

200

A process to identify potential security weaknesses on a system or network

What is a vulnerability scan?

200
An identifier that uniquely tracks actions to individuals.
What is an Account? (or Login ID)
200
Is the risk presented to an organization by current or past employees who have knowledge of how the organization works and what and where the most valuable (damaging) information might reside.
What is Insider threat?
200

In addition to the GDPR, this U.S. state law mandates the protection of personal data and provides individuals with the right to request access to their personal information held by businesses.

What is the California Consumer Privacy Act (CCPA)?

300
Any combination of your name, your home address or phone number, credit card or account numbers or social security number.
What is PII? (or Personally Identifiable Information)
300
The use of personality, inowledge of human nature and social skills to steal passwords, keys tokens or other credentials to gain access to systems.
What is Social Engineering?
300

 A security model that requires strict verification of user identities and device security before granting network access

What is Zero Trust Network Access (ZTNA)?

300

A type of malware that can replicate itself and spread to other computers, often through network vulnerabilities.

What is a worm?

300

A cyber attack that exploits a previously unknown vulnerability in software or hardware

What is a "Zero-Day Attack" 

400

This framework, often used by organizations to demonstrate their commitment to protecting sensitive information, includes a series of security controls and best practices aligned with privacy regulations.

What is ISO/IEC 27001?

400
30-50% of all data loss due to the people already within the organization.
What is Insider Threat?
400

A network segment that acts as a buffer between a trusted internal network and the public internet

What is a DMZ (Demilitarized Zone)

400
They are structured groups funded by other governments and dedicated to mapping out the internet addresses for the purpose of espionage and possible computer attacks.
What is state sponsored hacking?
400

This term refers to a vulnerability in a web application that occurs when user input is improperly sanitized, allowing an attacker to inject harmful scripts into web pages viewed by other users.

What is Cross-Site Scripting (XSS)?

500

This principle means that users should only have access to the data and resources necessary for their job functions.

What is Least Privilege?

500

A network security system that monitors and controls incoming and outgoing network traffic, acting as a barrier between trusted and untrusted networks

What is a Firewall

500

This concept refers to the practice of ensuring that a system can continue to operate even after a security breach or failure occurs.

What is Business Continuity?

500

This type of attack is designed to flood a system with traffic to overwhelm and render it inoperable.

What is a Denial of Service (DoS) Attack?

500

PGP, often used in secure email communication, relies on public-key cryptography to ensure that messages are encrypted and digitally signed. What does PGP stand for?

What is Pretty Good Privacy?

M
e
n
u