Show:
Social Engineering
Authentication Methods
Privacy & Security Basics
Network Security
Mobile Security
100

The practice of tricking people into revealing passwords or sensitive information by pretending to be someone trustworthy.

Phishing

100

The most common authentication method combining a username with this secret piece of information.

Password

100

This EU regulation gives citizens control over their personal data and includes the "right to be forgotten."

GDPR (General Data Protection Regulation)

100

This basic security system filters traffic between networks based on predetermined rules.

Firewall

100

This feature lets you remotely locate your lost smartphone.

Find My Device/Find My iPhone

200

The practice of looking through trash to find sensitive information.

Dumpster diving

200

Using more than one method to verify your identity, like "something you know" plus "something you have."

Multi-factor authentication (MFA)

200

This is a secure version of HTTP that encrypts data between your browser and a website.

HTTPS

200

This technology encrypts your internet traffic when using public Wi-Fi.

VPN (Virtual Private Network)

200

This is the practice of controlling which apps can access your phone's camera, location, or contacts.

Permission management

300

A technique where an attacker pretends to be someone or something else to gain trust and access, often for malicious purposes.

Spoofing

300

This authentication method involves scanning your fingerprint, face, or iris.

Biometric authentication

300

This digital file lets websites store information about you on your device.

Cookie

300

This wireless security protocol replaced the vulnerable WEP standard.

WPA (Wi-Fi Protected Access)

300

This verification method confirms app code hasn't been modified since it was published.

Code signing

400

When someone follows an authorized person through a secure door without using their own credentials.

Tailgating/Piggybacking

400

This passwordless approach uses your phone to approve login requests.

Push notification authentication

400

This describes the total amount of information that may be collected about someone across different sources.

Digital footprint

400

This attack makes a website or service unavailable by flooding it with traffic.

DDoS (Distributed Denial of Service)

400

A security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading.

App sandboxing

500

The persuasive tactic where individuals are more likely to comply with requests or follow the advice of those perceived as experts or in positions of authority.

Authority principle

500

This authentication method uses cryptographic keys stored on a physical device you plug into your computer.

Security key/USB token

500

This type of targeted advertising follows you across different websites based on your browsing history.

Behavioral advertising

500

This network name is broadcast by wireless access points.

SSID

500

This vulnerability allows attackers to intercept data by creating fake Wi-Fi networks with familiar names.

Evil twin attack