Threats & Attacks
This type of attack floods a system with traffic to make it unavailable.
What is a DDoS attack?
This device filters traffic between networks based on rules.
What is a firewall?
A method of verifying a user’s identity with two or more factors.
What is multifactor authentication (MFA)?
The process of converting plaintext into unreadable data.
What is encryption?
A security tool that detects and alerts administrators of suspicious activity.
What is an IDS (Intrusion Detection System)?
A type of malware disguised as legitimate software.
What is a Trojan?
A secure protocol used to manage network devices remotely.
What is SSH?
The principle that users should only have the access they need.
What is least privilege?
The algorithm used in WPA2 for wireless encryption.
What is AES?
The process of evaluating risks and determining how to manage them.
What is risk assessment?
This attack tricks users into revealing confidential information by pretending to be a trusted source.
What is phishing?
VLANs are used to do this in network environments.
What is segment traffic?
This authentication protocol uses tickets and is common in Windows environments.
What is Kerberos?
This cryptographic method uses one key to encrypt and a different one to decrypt.
What is asymmetric encryption?
This plan ensures business functions can continue during and after a disruption.
What is a business continuity plan (BCP)?
A vulnerability that is unknown to the vendor and has no patch available yet.
What is a zero-day exploit?
This tool captures and analyzes network traffic.
What is a packet sniffer (e.g., Wireshark)?
A central system for managing user credentials and access rights.
What is identity provider (IdP)?
A digital fingerprint used to verify data integrity.
What is a hash?
Logs and alerts are centralized in this type of system.
What is a SIEM?
This attack intercepts and potentially alters communication between two parties.
What is a man-in-the-middle (MitM) attack?
This port is used by HTTPS.
What is port 443?
This form of access control bases decisions on roles or job functions.
What is role-based access control (RBAC)?
This public-key algorithm is widely used for secure data transmission.
What is RSA?
The process of identifying and fixing weaknesses in systems.
What is vulnerability management?