Information Security

Malware & Attacks

Network Security

Access Control

Incident Response & Recovery

Emerging Threats

100

A self-replicating program that spreads without user action

What is a worm

100

Hardware or software that filters incoming and outgoing traffic based on rules

What is a firewall

100

Authentication factor based on something you are

What is biometrics

100

The stage where security teams work to limit the spread or impact of an incident

What is containment

100

Malicious use of AI to create realistic fake audio, images, or video

What are deepfakes

200

Malicious code hidden inside a legitimate program

What is a trojan horse

200

Technology that creates an encrypted tunnel between a user and a network

What is a VPN

200

Combining two or more authentication methods for stronger protection

What is multi-factor authentication (MFA)

200

The first step in the incident response process, focused on detecting and reporting issues

What is identification

200

The massive expansion of connected devices has created new risks in this technology area

What is the Internet of Things (IoT)

300

Software that secretly monitors and collects user activity

What is spyware

300

A system that monitors network traffic for suspicious activity and raises alerts

What is an Intrusion Detection System (IDS)

300

The process of verifying that a user is who they claim to be

What is authentication

300

A documented, step by step guide that outlines how an organization should handle incidents

What is an Incident Response Plan (IRP)

300

The new wireless standard that increases bandwidth but also expands the attack surface

What is 5G

400

This type of attack tricks people into revealing sensitive information

What is phishing

400

The protocol used to assign IP addresses dynamically on a network

What is DHCP

400

An access mechanism where one set of credentials works across multiple systems

What is Single Sign-On (SSO)

400

The process of restoring systems, data, and business operations after an incident

What is recovery

400

A large-scale coordinated attack where multiple devices flood a network with traffic

What is a Distributed Denial of Service (DDoS)

500

Malicious code injected into a website's input field to steal or manipulate data

What is SQL injection

500

A security device that both monitors and actively blocks suspicious network traffic

What is an Intrusion Prevention System (IPS)

500

Assigning access based on groups of similar job functions

What is Role-Based Access Control (RBAC)

500

The practice of continuously recording system activity for investigation

What is logging and monitoring

500

A new trend where criminals use AI chatbots to generate realistic phishing emails

What is AI-powered phishing