Brute Force Attack - A method of gaining unauthorized access by systematically trying all possible password or encryption key combinations until the correct one is found., Dictionary Attack - A type of password attack that uses a precompiled list of common words and phrases to guess the correct password., Cross-Site Scripting - A security vulnerability that allows attackers to inject malicious scripts into web pages, which are then executed in the browsers of unsuspecting users., SQL Injection - A security vulnerability that occurs when an attacker manipulates a website's SQL queries by inserting malicious code, allowing them to access or alter the database., Phishing - A type of cyberattack where attackers impersonate legitimate organizations or individuals through fake emails, websites, or messages to trick people into revealing sensitive information like passwords, credit card numbers, or other personal data., Vishing - A type of social engineering attack where attackers use phone calls or voice messages to impersonate legitimate organizations, tricking individuals into revealing sensitive information such as personal details, account numbers, or passwords., Whaling - A type of phishing attack that targets high-profile individuals, such as executives or senior management, often using highly customized and convincing messages to steal sensitive information or gain unauthorized access to company resources., Spear Phishing - A targeted phishing attack where cybercriminals customize their messages to a specific individual or organization, often using information gathered from various sources to make the attack appear legitimate and increase the likelihood of success., Evil Twin - A type of Wi-Fi attack where a malicious actor sets up a fake Wi-Fi hotspot with the same name (SSID) as a legitimate one, tricking users into connecting to it, allowing the attacker to intercept data or launch further attacks., On-Path Attack - (formerly known as a Man-in-the-Middle attack) occurs when an attacker intercepts and potentially alters communication between two parties without their knowledge, often to steal or manipulate data., Footprint Threat - Involves collecting publicly available information about a target system or organization to identify potential vulnerabilities for exploitation in future cyberattacks., Denial of Service (DoS) Attack - Attack aims to overwhelm a system, server, or network with excessive traffic, rendering it unavailable to users., Distributed Denial of Service (DDoS) - Attack involves multiple systems or devices working together to flood a target with traffic, overwhelming its resources and causing service disruption., Encryption - Is the process of converting data into a coded form to prevent unauthorized access, ensuring confidentiality and security, Hashing - Is a fixed-size string of characters generated by a ____ function, used to uniquely represent data and ensure data integrity., Trojan - A type of malware that disguises itself as a legitimate program or file to deceive users into executing it, allowing attackers to gain unauthorized access to systems., 802.1x - A network access control protocol used to authenticate devices trying to connect to a network, ensuring that only authorized users or devices can access network resources., RADIUS (Remote Authentication Dial-In User Service) - A protocol that provides centralized authentication, authorization, and accounting for network access, commonly used in wireless networks and VPNs., TACACS+ (Terminal Access Controller Access-Control System) - A proprietary protocol developed by Cisco for handling authentication, authorization, and accounting in network devices, offering more detailed control and flexibility compared to RADIUS., Kerberos - A network authentication protocol primarily used in Windows environments (but also works cross-platform) to securely authenticate users and services using a centralized key distribution center (KDC) for ticket-based authentication., SSO (Single Sign-On) - A user authentication process that allows access to multiple applications or systems with one set of login credentials, improving convenience and security by reducing the need for multiple logins., DMZ (Demilitarized Zone) - A network segment that acts as a buffer zone between a company's internal network and external networks, typically used to host publicly accessible services like web servers while isolating them from the internal network to enhance security., Keylogger - A type of malicious software or hardware designed to secretly record keystrokes on a computer or mobile device, often used for stealing sensitive information like passwords and personal data.,

CompTIA A+ Security Matching Game

列印
嵌入

排行榜

視覺風格

選項

切換範本

恢復自動保存: ?