Malware
Social Engineering (Physical)
Social Engineering (Digital)
Bad Actors
Methods of Protection (Org)
100

Attach to legitimate files and spread when those files are executed

What is Virus?

100

A physical security breach where an unauthorized individual gains access to a secure area by closely following someone with legitimate access

What is Tailgating?

100

 An attack that attempts to steal your money, or your identity, by getting you to reveal personal information such as credit card numbers, bank information, or passwords on websites that pretend to be legitimate.

What is Phishing?

100

They are people who traditionally tried to gain access to computers remotely to learn more and for intellectual curiosity.

Who are hackers?

100

A security system that requires users to provide two or more verification factors to access an account or system.

What is a MFA? (Multi-Factor Authentication)
200

Disguise themselves as legitimate software to trick users into installing them.

What is Trojan?

200

The practice of obtaining sensitive information by searching through discarded materials, such as trash or recycling bins

What is Dumpster Diving?

200

A type of cybercrime where criminals use phone calls to trick individuals into revealing sensitive information, such as bank details, passwords, or personal data.

What is a Vishing?

200
Is the risk presented to an organization by current or past employees who have knowledge of how the organization works and what and where the most valuable (damaging) information might reside.
What is Insider threat?
200

Hardware that provides multi-factor authentication (MFA) to protect online accounts and sensitive data, often replacing traditional passwords or acting as a second authentication factor.  

What is YubiKey? (Security Key) 

300

Encrypts files and demands a ransom for their decryption.

What is Ransomware? 

300

The act of directly observing someone's actions to steal sensitive information, like passwords or personal details, by visually monitoring their screen or keyboard input.

What is Shoulder Surfing?

300

Type of cyberattack where scammers use deceptive text messages (SMS) to trick individuals into revealing sensitive information or downloading malicious software.

Who is Smishing?

300

These are well run groups of crooks who methodically look for computer vulnerabilities to steal large numbers of financial or credit card accounts for financial profit.

Who are organized crime groups? (Cybercriminals)

300

Designed to detect and destroy computer viruses.

What is a Antivirus? 

400

Monitors user activity and collects sensitive information.

What is Spyware? 

400

This technique involves asking seemingly harmless questions or engaging in casual conversation to extract sensitive information from individuals. The attacker might appear friendly or helpful to lower the victim's guard and encourage them to divulge information.  

What is Elliciatiation?

400

Type of online fraud where attackers register domain names that are very similar to legitimate, popular websites, often with minor misspellings or variations. This can lead to various malicious activities, such as stealing personal information, spreading malware, or conducting phishing attacks.

What is Typosquatting?

400

They are structured groups funded by other governments and dedicated to mapping out the internet addresses for the purpose of espionage and possible computer attacks.

What is state sponsored hacking? (Nation-Station Actors)

400

A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

What if a Firewall? 

500
Displays unwanted advertisements and can track user activity.


What is Adware? 

500

This involves leaving a physical "bait" item in a location where it is likely to be found by an employee. The physical hardware may contain malware or a link to a malicious website, which, when accessed, can compromise the system.

What is USB Baiting? (USB attack)

500

Cybersecurity attack where an attacker compromises a website frequently visited by a specific group of targets, then injects malicious code (malware) to infect users who visit the site.

What is a watering hole?

500

Motivated by political or social causes, using cyberattacks to promote their agenda.

Who are Hacktivists? 

500

Network security concept that creates a buffer zone between an organization's internal network and the untrusted internet.

What is DMZ? (Demilitarized Zone)