Network Security
This attack floods a network or server with excessive traffic, making it unavailable to users.
What is DDoS?
When a system verifies that the hardware and firmware haven't been tampered with before loading into the operating system
What is Secure Boot?
The process of finding and evaluating potential security threats to information systems
What is Risk Analysis?
This sophisticated worm was discovered in 2010 and is known for sabotaging Iran’s nuclear program by targeting industrial systems
What is Stuxnet?
Refers to any software designed to harm your computer, network or device
What is Malware?
This protocol uses port 80 by default and is commonly used for unencrypted web traffic.
What is HTTP?
This chip is often built into modern motherboards and is a new security requirement for most modern software. This chip can be retrofitted into legacy motherboard via PCIE
What is TPM (Trusted Platform Module)? (If you play league of legends/ riot games you'll know what this is) What is "The Defense Calculator"?
The term for a set of actions designed to lower the chances or impact of a security risk
What is Risk Mitigation?
This type of malware copies itself and spreads to other computers, often without needing to attach itself to another program
What is a worm?
Using deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines
What is Social Engineering?
The port for the Domain Name System (DNS) protocol
What is port 53?
A type of attack! This attack comes in the form of a small device placed between your peripherals and your PC to collect keystrokes
What is a keylogger attack?
The type of threat that includes events such as power outages, hardware theft, or fires
What is a Physical Security Risk?
This kind of malware poses as legitimate software to trick users into installing it, then carries out malicious actions in the background
What is a Trojan horse (Trojan)?
An email-based social engineering attack in which the attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim
What is Phishing?
This type of authentication factor is based on something you have, such as a smart card or mobile token.
What is 2FA?
A small physical barrier preventing access to a system that is not 2FA (Two Factor Authentication) this can be both physical and biometric.
What is Security token/key?
The remaining risk after applying security controls
What is Residual Risk?
This malware monitors everything you type on your keyboard, often to steal passwords or other sensitive information
What is a keylogger?
A vulnerability or security hole in a computer system unknown to its developers on launch
What is a Zero-Day Vulnerability?
This protocol provides dynamic IP address assignment and can be abused in spoofing attacks if not secured.
What is DHCP ?
A type of device that can be plugged into a system through one of the most common IO ports that normally transmits both data and power, but in this case bricks a whole system.
What is a USB Killer ?
The full name for the acronym CIA
What is Confidentiality, Integrity, and Availability?
This type of malware encrypts a victim’s files and demands payment to restore access
What is Ransomware?
Dictates that users, applications, and processes should only be granted the minimum permissions necessary to complete their duties
What is the principle of least privilege (PoLP)?