CIA Triad - Confidentiality, Integrity, and Availability — the foundational principles of cybersecurity., Threat - Any potential danger that could exploit a vulnerability and cause harm., Vulnerability - A weakness that can be exploited by a threat actor., Risk - The likelihood or probability that a threat will exploit a vulnerability., Exploit - A method or code used by an attacker to take advantage of a vulnerability., Malware - Malicious software such as viruses, worms, trojans, and spyware., Ransomware - A type of malware that encrypts data and demands payment to restore it., Phishing - A deceptive attempt to steal information by posing as a trustworthy source., Social Engineering - Manipulating people into giving up confidential information or access., Insider Threat - A threat that originates from someone within the organization., Zero-Day - An unknown vulnerability that hasn't been patched yet., DDoS Attack - A Distributed Denial of Service attack; floods a service with traffic from many devices., Brute Force Attack - An attack that attempts all possible combinations to crack a password., Dictionary Attack - An attack using a list of known words to guess a password., Privilege Escalation - Gaining higher access or permissions than initially granted., Patch Management - The process of keeping software up to date to fix vulnerabilities., Encryption - The process of converting data into unreadable form to protect it., Symmetric Encryption - Encryption that uses the same key for both encryption and decryption., Asymmetric Encryption - Encryption that uses a pair of keys — public and private — to secure data., Public Key - A key that is shared publicly and used to encrypt messages., Private Key - A key that is kept secret and used to decrypt messages., Hashing - A process that converts data into a fixed-length value to ensure integrity., Digital Signature - A way to verify the origin and integrity of a message using encryption., MFA (Multi-Factor Authentication) - A security system that requires more than one method of authentication., Biometrics - Authentication based on a physical trait, such as a fingerprint or facial recognition., Firewall - A system that monitors and filters network traffic based on rules., IDS - An Intrusion Detection System that monitors traffic and alerts on suspicious activity., IPS - An Intrusion Prevention System that actively blocks detected threats., VPN - A Virtual Private Network that encrypts internet traffic between the user and the server., Proxy - A device or service that acts as an intermediary between users and the internet.,

sec+ terms

打印
嵌入

排行榜

视觉风格

选项

切换模板

恢复自动保存: