Certificate of Authenticity
A check that ensures a digital certificate is still valid and has not been revoked.
What is OCSP (Online Certificate Status Protocol)
An attack that uses multiple compromised systems to flood a target’s bandwidth.
What is DDoS (Distributed Denial of Service)
An attack that exploits the way a system processes data that exceeds its memory buffer.
What is a Buffer Overflow Attack
A method of access control based on a user's job function within an organization.
A document outlining the expected uptime and performance of a service.
What is SLA (Service Level Agreement)
A specialized team that investigates and mitigates cyber threats.
What is CSIRT (Computer Security Incident Response Team)
An XML-based framework for exchanging authentication and authorization data.
Malicious code inserted into a legitimate web page to redirect users or steal cookies.
What is XSS (Cross-Site Scripting)
Hiding messages or data within another file, such as an image.
What is Steganography
A suite of protocols used to secure IP communications at the network layer.
What is IPsec (Internet Protocol Security)
A standard list of publicly known information security vulnerabilities.
What is CVE (Common Vulnerabilities and Exposures)
This device distributes network traffic across a cluster of servers to ensure availability.
What is a Load Balancer
A protocol for accessing and maintaining distributed directory information services.
What is LDAP (Lightweight Directory Access Protocol)
An attack where an actor captures a session token to impersonate a user.
What is MITM (Man-in-the-Middle) or On-Path Attack
A social engineering attack that targets high-profile executives.
What is Whaling
An extension of DNS that adds security by signing records with digital signatures.
What is DNSSEC (Domain Name System Security Extensions)
A legal document where parties agree not to disclose confidential information.
What is NDA (Non-Disclosure Agreement)
A device or software that inspects and filters traffic based on deep packet analysis
What is NGFW (Next-Generation Firewall)
The framework used to manage digital certificates and public-key encryption.
What is PKI (Public Key Infrastructure)
A type of malicious software that blocks access to data until a payment is made.
What is Ransomware
A vulnerability that is exploited before the developer has a chance to create a patch.
What is a Zero-Day Vulnerability
A security concept where a single physical cable carries multiple isolated networks using layer 3 or managed switches.
What is VLAN (Virtual Area Network)
A system that allows a user to log in once and access multiple related systems.
What is SSO (Single Sign-On)
Software that provides real-time analysis of security alerts generated by hardware.
What is SIEM (Security Information and Event Management)
Requiring two or more pieces of evidence to verify a user's identity.
What is MFA (Multi-Factor Authentication)
Forcing a user's browser to send a request to a different web application.
What is CSRF (Cross-Site Request Forgery)
An exercise where a "Red Team" attacks and a "Blue Team" defends during a simulated security incident.
What is a Tabletop Exercise
This protocol uses TLS to wrap PPP traffic for secure remote access.
What is SSTP (Secure Socket Tunneling Protocol)
A set of rules that defines how employees can use company technology assets.
What is AUP (Acceptable Use Policy)
A network security tool that sits between a web application and the internet.
What is WAF (Web Application Firewall)
An open standard for token-based authentication and authorization on the web.
What is OAuth
This cloud security model ensures that no user or device is trusted by default, even if they are inside the network perimeter.
What is ZTA (Zero Trust Architecture)
A mathematical function that converts data into a fixed-length string of characters.
What is Hashing
A secure version of the protocol used to transfer files over port 990 or 21.
What is FTPS (File Transfer Protocol Secure)
A centralized server used for "Triple-A" (Authentication, Authorization, Accounting) that is not proprietary to Cisco.
What is RADIUS (Remote Authentication Dial-In User Service)
Will alert you when there is a possibility of an intrusion on your network
What is an IDS (Intrusion Detection System) or NIDS (Network Intrusion Detection System)
A standard for authenticating network devices before they can connect to a LAN.
What is IEEE 802.1X
Tricking a user into clicking a hidden UI element.
What is Clickjacking
Authentication based on physical characteristics like fingerprints or retina scans.
What are Biometrics
A secure protocol used to manage network devices over port 22.
What is SSH (Secure Shell)
An authentication protocol used by Microsoft Windows Active Directory named after a three headed dog that didn't live in Hogwarts
What is Kerberos
The security principle where users are given the minimum access needed for their job.
What is POLP (Principle of Least Privilege)