Deeper that Dark
This decentralized communication method is commonly used on the dark web to anonymize user activity and prevent tracking.
What is Onion Routing
This attack manipulates a system by modifying a file or resource between the time it is checked and the time it is used.
What is Time of Check to Time of Use (TOCTOU)
This plays a vital role in data protection and recovery, capturing the state of a system at a specific point in time.
Snapshot
Tools such as Nmap, Nessus, or OpenVAS perform this task.
What is Network Scanning
This process tracks all the organization’s critical systems, components, devices, and other objects of value in an inventory.
What is Asset Management
This type of cybersecurity error occurs when a legitimate threat is mistakenly classified as harmless, allowing an attack to proceed undetected.
What is a False Negative
This type of vulnerability occurs when an application writes more data than expected into a memory buffer, potentially allowing attackers to execute arbitrary code.
What is Buffer Overflow
These file systems maintain a record of all changes made to files, allowing for data recovery and consistency checks after unexpected system shutdowns or crashes.
What is Journaled File System (JFS) or New Technology File System (NTFS)
This is a centralized repository of information related to an organization's IT infrastructure, including assets, configurations, and relationships.
What is Configuration Management Database (CMDB)
Tangible assets can be identified using this.
Barcode label or radio frequency ID (RFID)
This testing approach grants full visibility into an application's source code, configuration, and architecture to analyze potential vulnerabilities.
What is Partially known environment testing (White box)
This vulnerability occurs when multiple processes access shared resources in an unpredictable sequence, leading to unintended behavior.
What is Race Condition
This is an official document that verifies the secure and complete destruction of specific materials or items.
Certificate of Destruction
This type of application attack injects malicious SQL commands to manipulate a database.
What is SQL injection
This is a cheaper means of providing surveillance than maintaining separate guards at each gateway or zone.
Video Surveillance
This scoring system, ranging from 0 to 10, rates the severity of security vulnerabilities.
What is the Common Vulnerability Scoring System (CVSS)
This malicious technique injects harmful code into a running application's memory, allowing an attacker to manipulate its execution.
What is Memory Injection
This refers to the process of ensuring that an organization can maintain or quickly resume its critical functions in the event of a disruption, disaster, or crisis.
Continuity of operations (COOP)
This risk occurs when applications fail to properly validate input, allowing attackers to execute harmful scripts in a user's browser.
What is cross-site scripting (XSS)
These are critical in implementing physical security measures, providing proactive detection and alerting capabilities against potential security breaches.
Sensors
This represents the extent to which an asset is susceptible to being compromised or impacted by a specific vulnerability, and it helps assess the potential impact or loss that could occur if the vulnerability is exploited.
This web security vulnerability tricks a logged-in user into unknowingly performing unintended actions on a trusted website, often leveraging their authentication credentials.
What is Cross-Site Request Forgery (CSRF)
This type of backup involves transferring data to a remote location to ensure protection against natural disasters, theft, and other physical threats to local infrastructure, as well as catastrophic system loss that can result from ransomware infection, for example.
This testing method simulates real-world cyberattacks to identify exploitable weaknesses in a system.
What is penetration testing or ethical hacking
Also known as a mantrap, this is a security measure that regulates entry to a secure area.
What is Access Control Vestibule