1/116
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
Social Engineering
The manipulation of people (rather than systems) into divulging confidential information or performing actions that compromise security.
Phishing
A social engineering attack, typically via email, that impersonates a trusted entity to trick victims into revealing sensitive data or clicking malicious links.
Elicitation
A subtle technique for drawing out information from a target through seemingly normal, casual conversation without raising suspicion.
Intimidation
A social engineering tactic that uses fear, threats, or perceived authority to pressure a victim into compliance.
Urgency
A manipulation tactic that pressures a target to act quickly before thinking it through, reducing their ability to scrutinize a request.
Evil Twin
A rogue Wi-Fi access point set up to mimic a legitimate network's SSID, tricking users into connecting so the attacker can intercept their traffic.
Jamming
Deliberately transmitting radio frequency signals to interfere with and disrupt legitimate wireless communications.
War Driving
Driving around with a wireless device to locate and map unsecured or vulnerable Wi-Fi networks.
SSID
The public name broadcast by a wireless network that allows devices to identify and connect to it.
MFA
Multi-Factor Authentication; requires two or more independent verification factors (something you know, have, or are) to grant access.
VPN
Virtual Private Network; creates an encrypted tunnel over a public network, protecting data in transit and masking the user's location/identity.
Zero Day
A vulnerability unknown to the vendor with no available patch, giving defenders no time to respond before it can be exploited.
Voice Cloning
The use of AI to replicate a person's voice from sample audio, often used in fraud or impersonation attacks.
Deepfake
AI-generated synthetic media that convincingly depicts a real person saying or doing something they did not.
LLM
Large Language Model; an AI model trained on massive text datasets to understand and generate human-like language, relevant both as a defensive tool and a potential attack enabler.
DoS
Denial of Service; an attack that overwhelms a system, network, or service with traffic or requests so legitimate users cannot access it.
CIA Triad
The foundational security model of Confidentiality, Integrity, and Availability, used to guide security policy and controls.
Confidentiality
Ensuring that information is accessible only to those authorized to view it.
Integrity
Ensuring that data remains accurate, complete, and unaltered except by authorized action.
Availability
Ensuring that systems and data are accessible to authorized users when needed.
Defense-in-Depth
A layered security strategy using multiple, overlapping controls so that if one layer fails, others still provide protection.
Risk Assessment
The process of identifying, analyzing, and evaluating risks to determine their likelihood and potential impact.
Residual Risk
The risk that remains after security controls and mitigations have been applied.
Pretexting
A social engineering technique where an attacker fabricates a false scenario to gain a victim's trust and extract information.
Authority
A persuasion principle where people comply with requests from someone perceived to hold power or legitimacy.
Consensus
A persuasion principle (social proof) where people are influenced to act because they believe others are doing the same.
Scarcity
A persuasion principle that increases compliance by suggesting an opportunity is limited in availability or time.
Familiarity
A persuasion principle where people are more easily influenced by those they like, recognize, or feel connected to.
Script Kiddie
An unskilled attacker who uses pre-written tools or scripts created by others, without deep technical knowledge.
Hacktivist
An attacker motivated by political or social causes who uses hacking to promote an ideological agenda.
Insider Threat
A security risk originating from someone within the organization who has legitimate access.
Cyberterrorist
An attacker who uses digital attacks to cause fear, disruption, or harm in furtherance of ideological or political goals.
OSINT
Open Source Intelligence; information gathered from publicly available sources used in reconnaissance.
Reconnaissance
The information-gathering phase of an attack, where an attacker learns about a target before launching an exploit.
Persistence
Techniques attackers use to maintain long-term access to a compromised system, even after reboots or credential changes.
C2
Command and Control; infrastructure used by attackers to communicate with and control compromised systems remotely.
RAT
Remote Access Trojan; malware that provides an attacker with covert remote control over an infected system.
Lateral Movement
Techniques attackers use to move through a network from an initially compromised system to other systems.
Piggybacking
Gaining unauthorized physical access to a restricted area with the knowledge or consent of an authorized person.
Tailgating
Gaining unauthorized physical access by following closely behind an authorized person, typically without their consent or awareness.
Shoulder Surfing
Observing someone's screen, keyboard, or PIN entry to steal sensitive information.
Dumpster Diving
Searching through an organization's or individual's trash to find discarded sensitive information.
Card Cloning
Illegally copying data from a legitimate access or payment card to create a duplicate for fraudulent use.
UPS
Uninterruptible Power Supply; a backup power device that provides short-term power during an outage, protecting availability of systems.
IRP
Incident Response Plan; a documented, structured approach for detecting, responding to, and recovering from security incidents.
ARP Poisoning
An attack that sends falsified ARP messages to associate the attacker's MAC address with a legitimate IP address, enabling traffic interception.
MAC Flooding
An attack that overwhelms a switch's MAC address table, forcing it to broadcast traffic to all ports like a hub, enabling eavesdropping.
MAC Spoofing
Changing a device's MAC address to impersonate another device or bypass MAC-based access controls.
DNS Poisoning
Corrupting DNS resolver data to redirect users from legitimate websites to malicious ones.
Smurf Attack
A DDoS technique that spoofs a victim's IP address and sends ICMP broadcast requests, causing many hosts to flood the victim with replies.
DDoS
Distributed Denial of Service; a DoS attack launched from multiple distributed sources (often a botnet) simultaneously to overwhelm a target.
On-Path Attack
An attack where the attacker secretly intercepts and possibly alters communications between two parties.
Eavesdropping / Sniffing
Passively capturing and analyzing network traffic to steal data such as credentials.
Credential Harvesting
The collection of usernames, passwords, or other authentication data, often through phishing or fake login pages.
Rogue Access Point
An unauthorized wireless access point installed on a network, creating a security gap or entry point for attackers.
Stateless Firewall
A firewall that filters traffic based solely on static rules (source/destination IP, port) without tracking connection state.
Stateful Firewall
A firewall that tracks the state of active connections and makes filtering decisions based on the context of traffic flows.
NGFW
Next-Generation Firewall; combines traditional filtering with deep packet inspection, intrusion prevention, and application awareness.
ACL
Access Control List; a set of rules that permits or denies traffic/access based on defined criteria such as IP address, protocol, or port.
DMZ / Screened Subnet
A network segment between an internal network and the internet that hosts public-facing services while isolating the internal network.
Subnetting
Dividing a larger network into smaller, logical sub-networks to improve organization, performance, and security.
VLAN
Virtual Local Area Network; a logical grouping of devices that segments traffic regardless of physical location, improving security and management.
Port Security
A switch feature that restricts which devices (by MAC address) can connect to a specific physical port.
NIDS
Network Intrusion Detection System; monitors network traffic for signs of malicious activity and generates alerts, without blocking traffic.
NIPS
Network Intrusion Prevention System; monitors network traffic for malicious activity and actively blocks or prevents it in real time.
SIEM
Security Information and Event Management; a platform that aggregates, correlates, and analyzes log/event data for detection and reporting.
Signature-Based Detection
A detection method that identifies threats by matching activity against known attack patterns or signatures.
Anomaly-Based Detection
A detection method that identifies threats by flagging deviations from an established baseline of normal behavior.
Hybrid Detection
A detection approach that combines signature-based and anomaly-based methods for broader threat coverage.
IoC
Indicator of Compromise; forensic evidence (e.g., unusual traffic, file hashes, IPs) suggesting a system has been breached.
Alert Fatigue
A condition where security analysts become desensitized to a high volume of alerts, increasing the risk of missing genuine threats.
WPA3
Wi-Fi Protected Access 3; the current wireless security protocol standard, offering stronger encryption and protections than WPA2.
EAP
Extensible Authentication Protocol; a framework supporting multiple authentication methods, commonly used in wireless and point-to-point connections.
Beacon Frame
A wireless management frame periodically broadcast by an access point to announce its presence and SSID to nearby devices.
Server
A computer or system that provides resources, data, or services to other computers (clients) over a network.
Embedded Computer
A specialized computing system built into a larger device to perform dedicated functions, such as in appliances or industrial control systems.
IoT
Internet of Things; network-connected physical devices that collect and exchange data, often with limited built-in security.
Virus
Malicious code that attaches itself to a legitimate file or program and requires user action to execute and spread.
Worm
Self-replicating malware that spreads across networks and systems automatically, without requiring user interaction.
Trojan
Malware disguised as legitimate or desirable software to trick users into installing it.
Ransomware
Malware that encrypts a victim's files or locks their system, demanding payment for restoration.
Spyware
Malware that covertly monitors and collects user activity or data without consent.
Keylogger
Malware or hardware that records a user's keystrokes to capture sensitive information like passwords.
Logic Bomb
Malicious code intentionally inserted into a system that lies dormant until triggered by a specific condition or event.
Rootkit
Malware designed to gain and maintain privileged access while hiding its presence from detection.
Fileless Malware
Malware that operates in system memory and leverages legitimate system tools rather than writing files to disk, making it harder to detect.
Cryptographic Hash
A one-way mathematical function that converts input data into a fixed-length string, used to verify integrity.
MD5 (deprecated)
An older cryptographic hash algorithm producing a 128-bit hash; no longer considered secure due to known collision vulnerabilities.
SHA-256
A cryptographic hash algorithm producing a 256-bit hash, widely used for data integrity and security.
SHA-512
A cryptographic hash algorithm producing a 512-bit hash, offering a larger output size than SHA-256.
NTHash
The hashing algorithm used by Windows to store password hashes in the SAM database, also known as NTLM hash.
Salt
Random data added to a password before hashing so identical passwords produce different hashes, defeating precomputed attacks.
Collision
When two different inputs produce the same hash output, undermining the integrity guarantee of a hash function.
Brute Force
A password attack that systematically tries every possible combination of characters until the correct one is found.
Dictionary Attack
A password attack that tries words from a precompiled list of common passwords or phrases.
Rainbow Table
A precomputed table of hash values used to quickly reverse-lookup plaintext passwords from their hashes.
Password Spraying
An attack that tries one common password across many different user accounts to avoid triggering lockout policies.
Credential Stuffing
An attack that uses lists of previously breached username/password pairs to attempt login on other services, exploiting password reuse.
BIOS / UEFI
Firmware that initializes hardware and boots the operating system; UEFI is the modern replacement offering enhanced security like Secure Boot.
Autorun
A feature that automatically executes programs from removable media upon insertion, historically exploited to spread malware.