Network Nightmares
The first line of defense for a network, controlling incoming and outgoing traffic based on defined rules.
What is a firewall?
A type of malicious software that replicates itself and spreads to other computers.
What is a virus (or worm)?
This common advice involves mixing uppercase and lowercase letters, numbers, and symbols.
What is a strong password?
A deceptive email designed to trick users into revealing sensitive information.
What is a phishing email?
The practice of protecting computer systems and networks from theft, damage, or unauthorized access.
What is cybersecurity (or information security)?
An attempt to overwhelm a target server with a flood of traffic, making it unavailable to legitimate users.
What is a Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attack?
Malware that encrypts a victim's files and demands a ransom for their decryption.
What is ransomware?
A physical or software-based device that generates time-sensitive codes for two-factor authentication.
What is a security token (or hardware token or authenticator app)?
A type of phishing that targets specific individuals or high-profile employees within an organization.
What is spear phishing?
The three letters often used to represent the core goals of cybersecurity: Confidentiality, Integrity, and Availability.
What is the CIA triad?
A technique used by attackers to intercept communication between two parties, often to steal credentials.
What is a Man-in-the-Middle (MITM) attack?
A program that appears legitimate but performs malicious activity in the background.
What is a Trojan horse?
This security principle suggests granting users only the minimum level of access necessary to perform their job functions.
What is the principle of least privilege?
Creating a fake website that looks identical to a legitimate one to steal login credentials.
What is spoofing?
The process of identifying and assessing potential weaknesses in a system or network.
What is vulnerability assessment (or penetration testing)?
A set of rules governing the communication between devices on a network, like TCP/IP.
What is a network protocol?
This type of malware often arrives in spam emails and records a user's keystrokes.
What is a keylogger?
An attack that attempts to guess a password by trying a large number of possibilities.
What is a brute-force attack?
A tactic that involves impersonating someone in authority to gain access or information.
What is social engineering?
The practice of responding to and recovering from a cybersecurity incident.
What is incident response?
The process of examining network traffic for suspicious patterns or known malicious activity.
What is network intrusion detection (or traffic analysis)?
A network of compromised computers controlled by a single attacker, often used to launch DDoS attacks.
A more secure alternative to SMS-based two-factor authentication, often using a dedicated app.
What is an authenticator app?
A newer form of phishing that uses text messages to lure victims into clicking malicious links or providing information.
What is smishing?
A framework of policies and procedures designed to manage and mitigate an organization's information security risks.
What is an Information Security Management System (ISMS)?