Pen Testing & Vulnerabilities
This team performs offensive operations in security exercises.
Red Team
A login page requiring a code before Wi-Fi access.
Captive Portal
SIEM feature that compares logs to known malicious patterns.
Correlation
Manages all devices including IoT, printers, and workstations.
UEM
Policy outlining required steps after a cyberattack.
Incident Response Policy
Rules that define scope, methods, and timeframes before testing.
Rules of Engagement
A fake access point created to steal credentials.
Evil Twin
Correct order: Detection → Analysis → Containment → Eradication → Recovery. What is this process called.
Incident Response Process
Creating separate logical networks on a switch.
VLAN
Process of limiting permissions for employees to only what they need.
Least Privilege / Access Control
Analysis of software during execution to find vulnerabilities.
Dynamic Analysis
Displays Wi-Fi signal strength visually across a building.
Heat Map
This SIEM feature shows security events and updates on one easy-to-read screen.
Dashboard
Installing apps from outside official app stores.
Sideloading
HIPAA patient data classification.
Regulated Data
A paid program for reporting discovered vulnerabilities.
Bug Bounty Program
A malicious actor intercepts NFC data and replays it to impersonate a device.
Relay Attack
A site that becomes operational within minutes after disaster.
Hot Site
When multiple customers share the same cloud hardware while keeping their data isolated, this principle is being used.
Multitenancy
Plan used to reverse changes when a deployment fails.
Backout Plan
A corrective control that disables abnormal accounts automatically.
Continuous Monitoring / Automated Remediation
An email attack exploiting open SMTP servers.
Open SMTP Relay
Document ensuring evidence accountability during forensics.
Chain of Custody
This policy lets employees use their own phone or tablet for work.
What is BYOD (Bring Your Own Device)?
Policy preventing downloading unverified software.
Acceptable Use Policy (AUP)