Alphabet Soup (Acronyms)
What does "CIA" stand for in the context of information security?
Confidentiality, Integrity, and Availability
This type of malware encrypts a victim's files and demands payment for the decryption key.
Ransomware
The "S" in HTTPS stands for this, indicating that your connection to the website is encrypted.
Secure
This digital "wall" sits between a trusted internal network and an untrusted external network, monitoring and filtering traffic.
A Firewall
What day, time, and location are our weekly club meetings held?
Monday evenings at 5pm in ET007(A-B)
What does "DNS" stand for, the system often called the "phonebook of the internet"?
Domain Name System
A piece of malware that disguises itself as a legitimate program.
A Trojan Horse
This vulnerability allows an attacker to read arbitrary files on the server by using sequences like ../ to navigate the file system.
Directory Traversal (or Path Traversal)
This popular open-source tool allows you to capture and interactively browse the traffic running on a computer network.
Wireshark
Name one of the executive board members of the club.
President:@Noah Pumphrey
Vice President:@Noah H
Treasurer:@haik
Event Coordinator:@KB - Kaleb
Secretary:@Chris P Chicken - Nithish
Abbreviated as "CSRF," this web attack tricks a victim's browser into making an unwanted request to a site where they are already authenticated.
Cross-Site Request Forgery
This type of malware operates with the highest level of operating system privilege to hide its presence from detection.
A Rootkit
This dangerous vulnerability, abbreviated "____-Side Request Forgery," allows an attacker to force requests to internal resources that are not normally accessible from the internet.
Server
This foundational security principle involves layering multiple, different security controls so that if one fails, another is there to stop an attack.
Defense in Depth
What major competition or event did our club participate in last year?
National Cyber League (NCL) and CyberRange
This U.S. government agency, abbreviated as "NIST," provides cybersecurity frameworks and standards, including the famous CSF
National Institute of Standards and Technology
What term describes malware that can constantly change its own code and signature files to evade detection by traditional antivirus software?
Polymorphic Malware
Is the risk presented to an organization by current or past employees who have knowledge of how the organization works and what and where the most valuable (damaging) information might reside.
Insider Threats
An Intrusion Detection System (IDS) becomes this when it is given the ability to not just detect but also actively block malicious network traffic.
An Intrusion Prevention System (IPS)
Best place to ask questions about anything club-related or cybersecurity focused?
Our Discord and/or at the meetings:
This vulnerability allows an attacker to inject malicious scripts into a trusted website, which then run in the victim's browser.
Cross-Site Scripting
This is a type of malicious software that exists only as a process in the computer's memory (RAM) rather than as a file on the hard drive. This makes it extremely difficult for traditional antivirus programs to detect.
Fileless Malware
Any combination of your name, your home address or phone number, credit card or account numbers or social security number.
PII (Personally Identifiable Information)
This is a decoy computer system set up to attract and trap attackers, allowing defenders to study their methods.
A honeypot
Who is the faculty advisor for the cybersecurity club?
Clay Hampton - @ctrlnet - cthampto@purdue.edu