Security Concepts
This attack method focuses on exploiting human behavior instead of technology.
Social engineering
This ensures data is only accessible to authorized users.
Confidentiality
Data before encryption is called this.
Plaintext
This verifies who a user is.
Authentication
This device filters traffic between networks.
Firewall
This type of attack tricks users into giving up confidential information.
What is Phishing
This ensures data is not altered during transmission.
Integrity
Data after encryption is called this.
Ciphertext
This determines what a user can access.
Authorization
This tool detects suspicious activity but does not stop it.
IDS
This type of attack locks your data until payment is made.
Ransomware
This ensures systems and data are accessible when needed.
Availability
This type of encryption uses one key.
Symmetric
This logs user activity.
Accounting
This tool actively blocks malicious activity.
IPS
This type of attack attempts to overwhelm a system and make it unavailable.
Denial of Service
Encryption primarily supports this part of the CIA triad.
Confidentiality
This type of encryption uses a public and private key.
Asymmetric
Using two or more authentication factors is called this.
MFA
This server acts as an intermediary and creates logs.
Proxy server
Redirecting a user to a fake website that looks real is called this.
Pharming
Backups and redundancy primarily support this concept.
Availability
This is the piece of information used to encrypt and decrypt data.
Key
This allows one login for multiple systems.
SSO
These rules determine what traffic is allowed or denied.
ACL