With this it infrastructure, an executive can send an email that is digitally signed using their private key. The recipient verifies the signature using the corresponding public key.
What is Public Key Infrastructure?
A web application accepts user input without sanitization and appends it directly into SQL statements.
What is SQL Injection?
Every access request is evaluated continuously based on identity, device posture, location, and behavior even after authentication.
What is Zero Trust?
A security platform aggregates logs from firewalls, servers, endpoints, and cloud services into one location for analysis.
What is SIEM (Security Information and event management?
An organization classifies customer data before implementing a Data Loss Prevention solution.
What is Data Classification?
With this technique, the same passwords result in a different hash-value
What is salting?
This threat is sent per e-mail to inject malicious code or extract information.
What is phishing?
Employees authenticate once and receive access tokens that authorize multiple cloud applications.
What is OAuth?
A security analyst proactively searches enterprise telemetry for indicators of compromise that have not generated alerts.
What is Threat Hunting?
This security goal is threatened when people can read and/or edit files they are not supposed to see/change?
What is confidentiality?
With this technique, the data on a stolen laptop cannot be read.
What is encryption at rest?
An attack, where employees receive SMS messages pretending to be the CEO requesting immediate password resets.
What is Smishing?
With this method, only authorized personnel can access certain files.
What is ACL (Access Control List)?
An organization deploys decoy servers specifically designed to attract attackers without risking production assets.
What is a Honeypot?
This approach tries to exploit human vulnerabilities like gaining unallowed access to buildings.
What is social engineering?
With this attack, the authentication exchange is captured and later retransmitted without modification to gain access.
What is a Reply Attack?
An attack, where a domain named micr0soft-login.com is used to closely resembles a legitimate vendor website.
What is Typosquatting?
Sensitive databases are moved into their own subnet where only authorized application servers may communicate with them.
What is Network Segmentation?
This method helps to confirm file integrity.
What is hashing?
With this method, the criticality of a vulnerability can be measured like 8.1 or 6.7.
What is CVSS? (Common Vulnerability Scoring System)?
This technique prevents someone from choosing their first and last name as credentials for their account.
What is a password policy?
This mitigation places outdated Windows Server in an isolated network segment because it can neither be updated or replaced with a supported version.
What is a Compensating Control?
Network access is denied until endpoints successfully authenticate with certificates, pass compliance checks, and are placed into a production VLAN.
What is 802.1X Network Access Control?
This platform helps to manage mobile devices and allows technical implementations like geofencing or remote deletion.
What is MDM (Mobile Device Management)?
During an audit, administrators discover that dozens of employees have Domain Admin privileges. The organization responds by storing privileged credentials in a vault, enforcing RBAC, and requiring approval before use.
What is Privileged Access Management (PAM)?