A digital currency that can be traded online without the need for a central bank
What is Bitcoin
100
A library for developers to use that provides "safe" replacements for certain functions that are prone to security vulnerabilities in the C language
What is SafeC
100
The result of an input validation error in the OpenSSL library resulting in buffer over-read. May be used to expose crytographic content such as private keys, certificates and passwords.
What is Heartbleed
100
Identify as "digital Robin Hood" and visually appear in public by wearing Guy Fawkes Masks. They have publicized themselves by attacking the government, religious and and corporate websites
Who is Anonymous
100
When a program attempts to put more data in storage than it can hold or when a program attempts to put data in storage past its allocation
What is Buffer Overflow
200
The type of device that was used last week for a large DDoS attack on DYN's DNS servers, affecting sites such as Reddit and Twitter
What is IoT
200
The step of the CSDL process in which a developer is required to use the C-SERV tool?
What is "Perform Gap Analysis"
200
A man-in-the-middle exploit that takes advantage of fallback to SSLv3.
What is POODLE
200
Co-founder of Apple, his first white-hat hacking project involved "phone-phreaking." in which he bypassed the phone system and made devices for friends called "blue boxes" which enabled free long-distance phone calls
Who is Steve Wozniak
200
Botnet Linked to Dyn DNS DDoS Attacks
What is Mirai
300
The type of software that was responsible for a data breach of 3.2 million debit cards in India, was declared in the news last week.
What is Malware
300
The name of the tool used during the "Secure Design" phase of the CSDL process
What is ThreatBuilder
300
A vulnerability that allows Bash shell users to to execute arbitrary commands.
What is ShellShock
300
Famous cryptoanalyst at Bletchley Park, credited for playing a pivotal role in cracking intercepted coded messages that enabled the Allies to defeat the Nazis in WWII
Who is Alan Turing
300
Type of computer security vulnerability typically found in web applications. It enables attackers to inject client-side scripts into web pages viewed by other users
What is XSS (Cross - Site Scripting)
400
World Wide Web content that exists on darknets, overlay networks which use the public internet, but which require specific software, configurations or authorization to access
What is the Dark Web
400
A vulnerability testing tool that does protocol fuzzing and is part of the Validate Requirements & Resiliency part of the CSDL process.
What is Codenomicon (or Defensics)
400
A privilege-escalation vulnerability that potentially allows any installed application, or malicious code smuggled onto a box, to gain root-level access and completely hijack the device
What is Dirty Cow
400
Once the most wanted hacker in U.S. History. Went on a 2.5 year hacking spree. Spent five years in prison for various computer and communications-related crimes. He now runs his own security consulting company
Who is Kevin Mitnick
400
A collection of software tools that enable an unauthorized user to gain control of a computer system without being detected.
What is a rootkit
500
Size of the recent data breach at Yahoo, where names, email addresses, telephone numbers, birthdays, hashed passwords, and some "encrypted or unencrypted security questions and answers" were stolen
What is 500 million
500
A system that automatically alerts development teams when vulnerabilities are discovered and published in 3rd Party Software/Open Source Software
What is CIAM
500
A type of persistent malware that allows an attacker to gain control of an affected device and compromise its integrity with a modified Cisco IOS software image.
What is Synful Knock
500
An American hacker known for unlocking an iPhone allowing the phone to be used with other wireless carriers contrary to Apple's intentions. His most recent project is building vehicular automation technoloyg based on artificial intelligence algorithms.
Who is George Hotz (geohotz)
500
A computer system on the internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems