Social Engineering
This common social engineering tactic involves tricking individuals into revealing personal information through fake emails or messages.
What is phishing?
This is the process of confirming a user’s identity before granting access.
What is authentication?
This principle ensures that sensitive information is protected from unauthorized access.
What is confidentiality?
This is a malicious software program designed to damage or disrupt a system.
What is malware?
This security method scrambles data so it can only be read by authorized parties.
What is encryption?
A scammer posing as IT support to gain access to your account is an example of this technique.
What is pretexting?
This ensures a user only has access to resources they are permitted to use.
What is authorization? or Principle of least privilege
This principle ensures that data remains accurate and unaltered.
What is integrity?
A denial-of-service (DoS) attack targets this aspect of the CIA Triad.
What is availability?
Using strong passwords and changing them regularly helps prevent this type of attack.
What is password cracking?, Brute force, Dictionary attacks..
This is the term for when attackers call someone pretending to be a trusted authority to extract sensitive information.
Answer: What is vishing (voice phishing)?
This refers to tracking user activity and maintaining logs for accountability.
What is accounting?
This principle ensures that systems and data are available when needed.
What is availability?
This type of attack involves guessing or cracking passwords to gain access to a system.
What is brute force?
Installing and regularly updating this software helps protect against malware.
What is antivirus software?
This term describes an attacker following someone into a secure building without proper credentials.
What is tailgating (or piggybacking)?
This form of authentication requires two or more verification factors, such as a password and a fingerprint.
What is multi-factor authentication (MFA)?
The encryption of sensitive files is a method of maintaining this aspect of the CIA Triad.
What is confidentiality?
This type of malware disguises itself as legitimate software but performs malicious actions.
What is a Trojan horse?
Restricting access based on user roles is an example of this security model.
What is role-based access control (RBAC)?
This advanced social engineering attack uses a legitimate-looking website to steal usernames and passwords.
What is a spoofed site or phishing site?
his type of accounting tracks access by recording who accessed what, when, and how.
What is audit logging?
A ransomware attack can compromise all three aspects of this model.
What is the CIA Triad?
An attack that intercepts and modifies communication between two parties is known as this.
What is a man-in-the-middle (MITM) attack?
This type of testing identifies vulnerabilities in a system before attackers can exploit them.
What is penetration testing?