SOCIAL ENGINEERING
The practice of looking over someone's shoulder in order to gain information.
What is shoulder surfing?
An area of the internet that you can't find using a normal search engine.
What is the dark web?
A type of phishing that focuses on a specific group of users or even a single user.
What is spear phishing?
Malicious code that attaches itself to a host application and attempts to replicate when the application is executed.
What is a virus?
An individual that attempts to gain unauthorized access to - or compromise - a system or network.
What is a hacker?
The practice of closely following behind an another person in order to access an area without credentials.
What is tailgating?
A visual representation of active threats in the cyber landscape.
What is a threat map?
A type of phishing that might target the CEO of an organization or other executive-level employees.
What is whaling?
A self-replicating malware that can traverse systems and networks without any human interaction.
What is a worm?
An attacker or group of attackers with a large amount of resources, typically sponsored by government.
What are state actors?
A message that is circulated through an organization detailing a threat or virus that is not actually real.
What is a hoax?
A repository of public resources detailing exposures, exploits, and vulnerability.
What is a vulnerability database?
A type of phishing that is mainly conducted via text message.
What is smishing?
A string of code that is embedded into an application or script that is triggered in response to certain conditions or events.
What is a logic bomb?
An organized group of highly-funded attackers that employ their skills for crime.
What is a criminal syndicate?
The act of gathering as much information as possible on a social engineering target.
What is reconnaissance?
The evidence that a cyber attack is actively occurring or has already taken place.
What are indicators of compromise?
A type of phishing that occurs over phone calls and via voice.
What is vishing?
A way to provide persistence and regain entry into a compromised system.
What is a backdoor?
Anyone who has legitimate access to an organization's internal resources and could introduce a threat into the environment - either accidentally or intentionally.
What is an insider threat?
An email that is designed to look legitimate and entice the user into clicking a link or opening an attachment.
What is phishing?
The techniques and methods used by cybersecurity teams to anticipate the next move of an attacker.
What is predictive analysis?
The most common method of delivery for phishing attempts.
What is email?
A program that appears to be a useful tool or application but is really malware in disguise.
What is a trojan?
Attackers that try to steal proprietary business information from other organization's in the same industry in order to gain an advantage in that industry.