Cyber Sleuths
A type of security control that acts before an incident to eliminate or reduce the likelihood that an attack can succeed.
What is Preventive?
A test that uses active tools and security utilities to evaluate security by simulating an attack on a system.
What is Penetration testing?
A function that converts an arbitrary-length string input to a fixed-length string output. This is done in a way that reduces the chance of collisions, where two different inputs produce the same output.
What is hashing?
A type of email-based social engineering attack, in which the attacker sends email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim.
What is phishing?
Malicious code inserted into an executable file image. The malicious code is executed when the file is run and can deliver a payload, such as attempting to infect other files.
What is a virus?
Software that can suggest and store site and app passwords to reduce risks from poor user choices and behavior. Most browsers have a built-in one of these.
What is a password manager?
A network-based attack where an attacker with access to the local network redirects an IP address to a different MAC address.
What is ARP poisoning?
A target for network event data related to access rules that have been configured for logging.
What is firewall logging?
A complete cryptographic system or product is likely to use multiple of these within a cipher suite. The properties of different symmetric/asymmetric/hash types and of specific ciphers for each type impose limitations on their use in different contexts and for different purposes.
What is cryptographic primitive?
A human-based attack where the attacker extracts information while speaking over the phone or leveraging IP-based voice messaging services (VoIP).
What is vishing?
A type of malware that replicates between processes in system memory and can spread over client/server network connections.
What is a worm?
Multifactor authentication scheme that uses ownership and biometric factors, but not knowledge factors.
What is passwordless authentication?
Identification and authentication information presented in the X.509 format and issued by a certificate authority (CA) as a guarantee that a key pair is valid for a particular subject.
What is a digital certificate?
A technique used in firewalls to analyze packets down to the application layer rather than filtering packets only by header information, enabling the firewall to enforce tighter and more security.
What is stateful inspection?
Procedures and tools that centralize generation and storage of cryptographic keys.
What is a key management system?
A targeted phishing attack aimed at a specific individual or organization, often using personalized information to increase the likelihood of success.
What is spear phishing?
A malicious software program hidden within an innocuous-seeming piece of software. Usually, the Trojan is used to try to compromise the security of the target computer.
What is a Trojan?
A brute force attack in which multiple user accounts are tested with a dictionary of common passwords.
What is password spraying?
The path that a threat actor uses to execute a data exfiltration, service disruption, or disinformation attack. Sophisticated threat actors will make use of multiple vectors.
What is a threat vector?
A hardware network device that has a different primary function, but also has access control features built into its firmware.
What is router firewall?
A technique that strengthens potentially weak input, such as passwords or passphrases created by people, against brute force attacks.
What is key stretching?
An impersonation attack in which a request for a website, typically an e-commerce site, is redirected to a similar-looking, but fake, website.
What is pharming?
Class of malware that modifies system files, often at the kernel level, to conceal its presence.
What is a rootkit?
A type of password attack that compares encrypted passwords against a predetermined list of possible password values.
What is a dictionary attack?
A term used in US and UK common law to require that people only be convicted of crimes following the fair application of the laws of the land.
What is due process?
A Layer 3 firewall technology that compares packet headers against ACLs to determine which network traffic to accept.
What is a packet filtering firewall?
Any method by which cryptographic keys are transferred among users, thus enabling the use of a cryptographic algorithm.
What is key exchange?
A form of phishing that uses SMS text messages to trick a victim into revealing information.
What is smishing?
Software that records information about a PC and its users, often installed without the user’s consent.
What is spyware?
An attack that uses multiple attack methods, including dictionary, rainbow table, and brute force attacks when trying to crack a password.
What is a hybrid password attack?
A mechanism for gaining access to a computer that bypasses or subverts the normal method of authentication.
What is a backdoor?
A stateful inspection firewall that can filter traffic based on specific application protocol headers and data, such as web or email data.
What is a layer 7 firewall?
The science, art, and practice of breaking codes and ciphers.
What is cryptanalysis?
A type of phishing attack that targets high-profile individuals, such as executives or other senior officials, within an organization.
What is whaling?
Malware that tries to extort money from the victim by blocking normal operation of a computer and/or encrypting the victim’s files and demanding payment.
What is ransomware?
An attack that uses a captured authentication token to start an unauthorized session without having to discover the plaintext password for an account.
What is a credential replay?
A threat actor that is motivated by a social issue or political cause.
What are Hacktivists?
Advances in firewall technology, from app awareness, user-based filtering, and intrusion prevention to cloud inspection.
What is next-generation firewall (NGFW)?
A characteristic of transport encryption that ensures if a key is compromised, the compromise will only affect a single session and not facilitate recovery of plaintext data from other sessions.
What is Perfect Forward Secrecy (PFS)?
An impersonation attack in which the attacker gains control of an employee’s account and uses it to convince other employees to perform fraudulent actions.
What is business email compromise?
Malware that hijacks computer resources to create cryptocurrency.
What is crypto-mining?
A type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to crack encrypted passwords.
What is brute force attack?