Security models and frameworks
Network security
Malware types and behavior
Social engineering
Legal, ethical, and privacy
100

Users/processes get only the access necessary to perform tasks

Least privilege

100

Secure tunnel for private communication across public networks

VPN (Virtual Private Network)

100

Self‑replicating malware that spreads across networks without host programs

Worm

100

Fraudulent messages designed to trick users into revealing information

Phishing

100

Payment Card Industry Data Security Standard for cardholder data protection

PCI DSS

200

Vulnerability unknown to the vendor and unpatched at the time of exploitation

First day of Vulnerability discovered

Zero‑day

200

Device or software that filters traffic by rules to block/allow connections.

Firewall / ACL

200

Encrypts or blocks access to data and demands payment for restoration

Ransomware

200

Targeted phishing tailored to a specific individual or organization

Spear phishing

200

U.S. regulation protecting healthcare information privacy and security

HIPAA

300

Ensures system boots only using trusted signed bootloaders/OS.

Secure Boot

300

widely used for authenticating remote users to networks via VPNs, wireless, or dial-up connections

RADIUS

300

Conceals presence and escalates privileges to maintain persistent access

Rootkit

300

What is Vishing 

Voice phishing via phone calls

300

EU regulation governing data protection and privacy for individuals

GDPR

400

Never trust; always verify every access request regardless of network location.

Zero trust

400

Malicious AP impersonating a legitimate SSID to capture credentials

Evil twin

400

Operates in memory without writing files to disk, evading detection

Fileless malware

400

What is Smishing 

Phishing via SMS/text messages

400

Legal requirement that data is subject to the laws of the country where it is stored

Data sovereignty

500

Running code in isolated environment to limit damage from malware

Sandboxing

500

Detects and actively blocks or prevents malicious traffic

IPS (Intrusion Prevention System)

NOT IDS (Intrusion Detection System) 

500

Records keystrokes to capture credentials and sensitive input

Keylogger

500

Observing someone’s screen or input to capture sensitive information

Shoulder surfing

500

The documented, chronological record of evidence from the time it's collected to its presentation in court, ensuring its authenticity and integrity by detailing every person who handled it, when, and why

Chain of custody

M
e
n
u