Rosie the Cat
This type of malware disguises itself as legitimate software to gain unauthorized access to a system
What is a trojan
PII
What is personally identifiable information
A team that acts as the attacking force.
What is Red team?
This type of attack involves intercepting andaltering communications between two parties
What is an on-path attack (MITM)
Acts as the network defense team
What is the blue team?
This security approach ensures that even if one layer of defense fails, additional controls are in place to mitigate the risk
Defense-in-depth
APT
What is advanced persistent threat
This principle ensures that users only have the minimum access required to perform their job
Policies, procedures, and work practices that help or prevent a threat or make a threat more likely.
What are operational controls?
The third phase of incident response.
What is containment?
Places malware where it is safe to interact with and investigate attack methods and malware operation
What are sandbox environments
ACL
What is access control list
Client-side attack that injects a malicious script into a web browser, taking advantage of the browser-website trust
What is cross-site scripting (XSS) attack
Controls implemented with technology and include items such as firewalls,access lists, permissions on files or folders, and devices that identify and prevent threats.
What are technical controls?
This type of attack uses usernames and passwords harvested from data breaches and attempts to enter these in other sites
What is credential stuffing
This method of threat detection identifies unusual patterns in system behavior rather than relying on known attack signatures
What is anomaly-based detection
ARO
What is the annual rate of occurrence
A log analysis technique that detects anomalies based on predefined patterns
What is signature-based detection
This type of security control detects and blocks malicious traffic before it enters the internal network
What is intrusion prevention system (IPS)
Type of encryption algorithm in which the encryption key is the same as the decryption key
What is symmetric encryption
The principle that assumes a network is always at risk and requires continuous verification
What is zero-trust
BCP
What is business continuity plan
Taking a large document or file and with use of an algorithm, reducing the file to a character string that can be used to verify the integrity of the file.
What is Hashing?
This attack exploits the trust relationship between two systems, allowing attackers to send unauthorized requests or commands
What is cross-site request forgery (XSRF)
This type of attack occurs when data overwrites adjacent memory, potentially allowing an attacker to execute arbitrary code
What is a buffer overflow attack