Argh
Mateys
Thar
Be
Memes
100

An AES-256 bit key is approximately this much larger than an AES-128 bit key

What is trillions of times bigger?

Explanation: Key sizing options double the binary exponent string value, rather than simply doubling geometric value. This calculation provides an exponentially larger keyspace that is resistant to brute force computing arrays.

100

This cryptographic primitive produces a fixed-length string of bits from an input plaintext of any variable length, while being mathematically one-way and collision-resistant

What is a hashing algorithm?

Explanation: Hashing routines create an unalterable structural print of a payload called a message digest. The algorithm calculates single string lengths uniquely, meaning checking nodes can confirm data integrity.

100

 This cryptographic architecture utilizes digital certificates to authenticate a client to a remote access gateway before generating an encrypted tunnel to protect user credentials and data

What is a Transport Layer Security (TLS) VPN?

Explanation: A Transport Layer Security (TLS) VPN establishes an encrypted application-level tunnel using a server digital certificate to securely identify the VPN gateway. Once a secure tunnel is established, it can safely pass all network traffic over the secure socket without being constrained by application layer protocol types.

100

This is the key you use as the sender when you send a secure email generally

What is the recipient's public key?

Explanation: Under public key encryption designs, anyone can encrypt data for an endpoint using its publicly available key. However, only the corresponding, securely held private key can reverse that ciphertext package.

100

This term is used in cryptography to explicitly define an unencrypted, cleartext message?

What is Plaintext?

Explanation: Plaintext, or cleartext, represents the native raw data payload format before any structural scrambling is applied. Once put through a cipher algorithm, this raw information converts directly into encrypted ciphertext.

200

A patch management system that eliminates a vulnerability after an exploit occurs is an example of this functional control type

What is Corrective?

Explanation: Corrective controls focus on mitigating impact and fixing systems after a security policy violation is actively detected. Applying software updates resolves the underlying exploit vector to restore operations and prevent reoccurrence.

200

This mode of IPsec operations encrypts only the payload data while leaving the original IP headers intact, making it ideal for securing host-to-host connections over a private network

What is Transport mode?

Explanation: Transport mode is designed for host-to-host architectures where encrypting or hiding internal routing IP headers is unnecessary. If data confidentiality is required, it utilizes the Encapsulating Security Payload (ESP) to encrypt only the payload data traveling across the private segment.

200

This property of the CIA Triad ensures that data is stored and transferred as intended and that any modification is authorized

What is Integrity?

Explanation: Integrity guarantees that data remains whole, complete, and uncorrupted during storage or transmission. It relies on mechanisms like cryptographic hashing to verify that unauthorized changes have not occurred.

200

This key is used when signing a digital signature on a message after creating a message digest

What is the signers' private key?

Explanation: Digital signatures combine asymmetric encryption parameters with specific hashing properties. The sender generates a message digest, then locks it with their unique private key to achieve authentication and non-repudiation.

200

Corporate security awareness training program is best classified as this category of security control

What is Operational?

Explanation: Operational security controls are those that depend primarily on human actions, execution, and behaviors to maintain defense. Training tracks, education seminars, and security guard daily protocols are classic examples of operational controls.

300

This protocol allows a browser to check a certificate's real-time status by querying a single certificate per transaction instead of downloading a massive list

What is OCSP Online Certificate Status Protocol?

Explanation: OCSP replaces the need to download large, unwieldy Certificate Revocation Lists. Browsers send a targeted request regarding a single certificate and receive an immediate status response.

300

When deploying cryptographic protections for data assets, this term defines the state of the data in volatile memory, such as system RAM or CPU registers and cache

What is Data In Use?

Explanation: Data in use identifies files undergoing live system manipulation or process execution. This state is distinct from passive non-volatile system storage (data at rest) or active network line transmission (data in transit).

300

This specialized hardware cryptoprocessor is implemented as a module within the CPU of a computer or mobile device to generate and securely store keys

What is a TPM Trusted Platform Module?

Explanation: A TPM provides hardware-rooted security directly from a system motherboard or central processing chip. It runs isolated cryptographic calculations so that private data keys never cross into standard memory space.

300

This digital certificate standard is specified for Public Key Infrastructure (PKIX)

What is X.509?

Explanation: The standard architecture governing modern certificate file blueprints is X.509. It prescribes exact field formatting to display subjects, public key arrays, and issuer signatures.

300

This technique injects a unique, random, non-secret value into a password before it is run through a hash function to prevent the use of precomputed hash tables

What is Salting?

Explanation: Salting modifies user inputs with random data loops to render matching password output values completely distinct. This calculation thwarts attackers by forcing them to rebuild custom hash trees for every separate account.

400

This specific IPsec security protocol signs the network packet via cryptographic hashing to enforce message authentication and data integrity but does not encrypt the underlying payload data

What is the Authentication Header (AH)?

Explanation: The Authentication Header (AH) performs a cryptographic hash over the entire packet to compute an Integrity Check Value (ICV). Because the payload data is left unencrypted, this protocol provides integrity and authentication without providing confidentiality.

400

External responsibility for corporate security (such as due care or liability) lies mainly with this group

What are Directors or Owners?

Explanation: Although technical teams implement daily configuration adjustments, legal liability cannot be fully delegated away from corporate ownership. Directors and executive business owners carry the ultimate burden of proof regarding due care and external compliance.

400

This specialized security business unit features a dedicated team of professionals who monitor and protect critical assets across all corporate operations

What is a SOC Security Operations Center?

Explanation: A SOC operates as a centralized business facility where analysts oversee the continuous defense of digital resources. Because they require significant financing and specialized staff, they are typically found in large corporations.

400

This file, which the subject generates and submits to a Certificate Authority, is used to request a new digital certificate containing its public key

What is a CSR Certificate Signing Request?

Explanation: A CSR contains essential identity parameters along with the subject's newly created public key. The requesting computer retains its corresponding private key while passing the CSR up for formal signature authorization.

400

This term is used to describe an adversary’s ability to achieve ongoing compromise of network security to obtain and maintain access over time using a variety of tools

What is APT Advanced Persistent Threat?

Explanation: An APT represents an ongoing stealth operations campaign managed by high-capability, well-funded adversaries. Rather than running sudden transactional hits, an APT works methodically over long horizons to establish a persistent network presence.

500

Registering lookalike domain names such as gogle.com to deceive users into thinking they are interacting with a trusted brand is known as what

What is Typosquatting?

Explanation: Typosquatting relies on user keyboard errors or visual oversight when reading long electronic links. Attackers secure these slight misspelling mutations (doppelganger domains) to build highly accurate phishing sites.

500

In a "drop attack," this type of threat vector is used by the malicious actor

What is a USB stick?

Explanation: Drop attacks leverage human curiosity by scattering physical memory hardware across high-traffic shared environments like office parking lots. Malicious actors expect that an employee will connect the device to an internal laptop, inadvertently deploying embedded malware.

500

This type of threat actor group is primarily motivated by the desire to bring about a change in society or governance

What are Hacktivists?

Explanation: Hacktivists utilize electronic weapons, website service disruptions, and data exfiltration explicitly to advance an ideological or political agenda. Well-known examples include public digital advocacy consortiums like Anonymous or WikiLeaks.

500

This type of social engineering attack relies on corrupting the way a victim's computer performs Internet name resolution to redirect them to a fake website

What is Pharming?

Explanation: Pharming corrupts network routing infrastructure parameters rather than attempting standard email trickery. The mechanism manipulates host address mappings, invisibly driving traffic away from legitimate domains toward clone destinations.

500

This specific protocol handles mutual endpoint authentication, negotiates cryptographic ciphers, and manages security associations (SA) between peer devices across its two negotiation phases

What is the Internet Key Exchange (IKE) protocol?

Explanation: The Internet Key Exchange (IKE) protocol acts as the setup engine for IPsec environments by establishing a mutually supported security association between peers. Phase I creates a secure channel via Diffie-Hellman key agreement, and Phase II establishes the exact symmetric ciphers used to encrypt data.

600

Signs and warnings describing legal penalties against trespass or network intrusion serve as this functional type of control

What is Deterrent?


Explanation: Deterrent controls do not construct physical or electronic logical blocks against data access. Instead, they rely on visible psychological discouragement to alter an attacker's desire to attempt an intrusion.

600

This process is used to identify how an organization's current security systems deviate from those recommended by a cybersecurity framework

What is Gap Analysis?

Explanation: A gap analysis thoroughly evaluates an organization's existing security configurations against target industry benchmarks. The resulting documentation outlines exactly where missing or poorly configured controls must be remediated.

600

Brute force cryptanalysis is defined as this

What is trying all possibilities?

Explanation: Brute force approaches attempt to decode scrambled datasets through exhaustive programmatic trial and error. Computers sequentially iterate down the entire structural keyspace matrix until plaintext emerges.

600

To better support smartphone remote access clients, this updated key exchange protocol introduces native support for user credential checks via EAP alongside multihoming to maintain active tunnels when switching between cellular and Wi-Fi networks.

What is IKEv2?

Explanation: IKEv2 provides a dedicated remote access standard built heavily around client-to-site remote user scenarios. Its native multihoming capability allows mobile devices to transition between Wi-Fi and mobile data carriers without tearing down and rebuilding the underlying secure IPsec connection.

600

An exploit that can be launched by sending malicious code to a target over a network without depending on an authenticated session is categorized as this technique

What is a remote exploit?

Explanation: Remote security exploits target logical network listening interfaces directly from afar without initial credential requirements. Conversely, local exploits require an existing, authenticated interactive environment to run their payload code.

M
e
n
u