AP Cybersecurity Vocabulary

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/116

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 2:04 PM on 7/5/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

117 Terms

1
New cards

Social Engineering

The manipulation of people (rather than systems) into divulging confidential information or performing actions that compromise security.

2
New cards

Phishing

A social engineering attack, typically via email, that impersonates a trusted entity to trick victims into revealing sensitive data or clicking malicious links.

3
New cards

Elicitation

A subtle technique for drawing out information from a target through seemingly normal, casual conversation without raising suspicion.

4
New cards

Intimidation

A social engineering tactic that uses fear, threats, or perceived authority to pressure a victim into compliance.

5
New cards

Urgency

A manipulation tactic that pressures a target to act quickly before thinking it through, reducing their ability to scrutinize a request.

6
New cards

Evil Twin

A rogue Wi-Fi access point set up to mimic a legitimate network's SSID, tricking users into connecting so the attacker can intercept their traffic.

7
New cards

Jamming

Deliberately transmitting radio frequency signals to interfere with and disrupt legitimate wireless communications.

8
New cards

War Driving

Driving around with a wireless device to locate and map unsecured or vulnerable Wi-Fi networks.

9
New cards

SSID

The public name broadcast by a wireless network that allows devices to identify and connect to it.

10
New cards

MFA

Multi-Factor Authentication; requires two or more independent verification factors (something you know, have, or are) to grant access.

11
New cards

VPN

Virtual Private Network; creates an encrypted tunnel over a public network, protecting data in transit and masking the user's location/identity.

12
New cards

Zero Day

A vulnerability unknown to the vendor with no available patch, giving defenders no time to respond before it can be exploited.

13
New cards

Voice Cloning

The use of AI to replicate a person's voice from sample audio, often used in fraud or impersonation attacks.

14
New cards

Deepfake

AI-generated synthetic media that convincingly depicts a real person saying or doing something they did not.

15
New cards

LLM

Large Language Model; an AI model trained on massive text datasets to understand and generate human-like language, relevant both as a defensive tool and a potential attack enabler.

16
New cards

DoS

Denial of Service; an attack that overwhelms a system, network, or service with traffic or requests so legitimate users cannot access it.

17
New cards

CIA Triad

The foundational security model of Confidentiality, Integrity, and Availability, used to guide security policy and controls.

18
New cards

Confidentiality

Ensuring that information is accessible only to those authorized to view it.

19
New cards

Integrity

Ensuring that data remains accurate, complete, and unaltered except by authorized action.

20
New cards

Availability

Ensuring that systems and data are accessible to authorized users when needed.

21
New cards

Defense-in-Depth

A layered security strategy using multiple, overlapping controls so that if one layer fails, others still provide protection.

22
New cards

Risk Assessment

The process of identifying, analyzing, and evaluating risks to determine their likelihood and potential impact.

23
New cards

Residual Risk

The risk that remains after security controls and mitigations have been applied.

24
New cards

Pretexting

A social engineering technique where an attacker fabricates a false scenario to gain a victim's trust and extract information.

25
New cards

Authority

A persuasion principle where people comply with requests from someone perceived to hold power or legitimacy.

26
New cards

Consensus

A persuasion principle (social proof) where people are influenced to act because they believe others are doing the same.

27
New cards

Scarcity

A persuasion principle that increases compliance by suggesting an opportunity is limited in availability or time.

28
New cards

Familiarity

A persuasion principle where people are more easily influenced by those they like, recognize, or feel connected to.

29
New cards

Script Kiddie

An unskilled attacker who uses pre-written tools or scripts created by others, without deep technical knowledge.

30
New cards

Hacktivist

An attacker motivated by political or social causes who uses hacking to promote an ideological agenda.

31
New cards

Insider Threat

A security risk originating from someone within the organization who has legitimate access.

32
New cards

Cyberterrorist

An attacker who uses digital attacks to cause fear, disruption, or harm in furtherance of ideological or political goals.

33
New cards

OSINT

Open Source Intelligence; information gathered from publicly available sources used in reconnaissance.

34
New cards

Reconnaissance

The information-gathering phase of an attack, where an attacker learns about a target before launching an exploit.

35
New cards

Persistence

Techniques attackers use to maintain long-term access to a compromised system, even after reboots or credential changes.

36
New cards

C2

Command and Control; infrastructure used by attackers to communicate with and control compromised systems remotely.

37
New cards

RAT

Remote Access Trojan; malware that provides an attacker with covert remote control over an infected system.

38
New cards

Lateral Movement

Techniques attackers use to move through a network from an initially compromised system to other systems.

39
New cards

Piggybacking

Gaining unauthorized physical access to a restricted area with the knowledge or consent of an authorized person.

40
New cards

Tailgating

Gaining unauthorized physical access by following closely behind an authorized person, typically without their consent or awareness.

41
New cards

Shoulder Surfing

Observing someone's screen, keyboard, or PIN entry to steal sensitive information.

42
New cards

Dumpster Diving

Searching through an organization's or individual's trash to find discarded sensitive information.

43
New cards

Card Cloning

Illegally copying data from a legitimate access or payment card to create a duplicate for fraudulent use.

44
New cards

UPS

Uninterruptible Power Supply; a backup power device that provides short-term power during an outage, protecting availability of systems.

45
New cards

IRP

Incident Response Plan; a documented, structured approach for detecting, responding to, and recovering from security incidents.

46
New cards

ARP Poisoning

An attack that sends falsified ARP messages to associate the attacker's MAC address with a legitimate IP address, enabling traffic interception.

47
New cards

MAC Flooding

An attack that overwhelms a switch's MAC address table, forcing it to broadcast traffic to all ports like a hub, enabling eavesdropping.

48
New cards

MAC Spoofing

Changing a device's MAC address to impersonate another device or bypass MAC-based access controls.

49
New cards

DNS Poisoning

Corrupting DNS resolver data to redirect users from legitimate websites to malicious ones.

50
New cards

Smurf Attack

A DDoS technique that spoofs a victim's IP address and sends ICMP broadcast requests, causing many hosts to flood the victim with replies.

51
New cards

DDoS

Distributed Denial of Service; a DoS attack launched from multiple distributed sources (often a botnet) simultaneously to overwhelm a target.

52
New cards

On-Path Attack

An attack where the attacker secretly intercepts and possibly alters communications between two parties.

53
New cards

Eavesdropping / Sniffing

Passively capturing and analyzing network traffic to steal data such as credentials.

54
New cards

Credential Harvesting

The collection of usernames, passwords, or other authentication data, often through phishing or fake login pages.

55
New cards

Rogue Access Point

An unauthorized wireless access point installed on a network, creating a security gap or entry point for attackers.

56
New cards

Stateless Firewall

A firewall that filters traffic based solely on static rules (source/destination IP, port) without tracking connection state.

57
New cards

Stateful Firewall

A firewall that tracks the state of active connections and makes filtering decisions based on the context of traffic flows.

58
New cards

NGFW

Next-Generation Firewall; combines traditional filtering with deep packet inspection, intrusion prevention, and application awareness.

59
New cards

ACL

Access Control List; a set of rules that permits or denies traffic/access based on defined criteria such as IP address, protocol, or port.

60
New cards

DMZ / Screened Subnet

A network segment between an internal network and the internet that hosts public-facing services while isolating the internal network.

61
New cards

Subnetting

Dividing a larger network into smaller, logical sub-networks to improve organization, performance, and security.

62
New cards

VLAN

Virtual Local Area Network; a logical grouping of devices that segments traffic regardless of physical location, improving security and management.

63
New cards

Port Security

A switch feature that restricts which devices (by MAC address) can connect to a specific physical port.

64
New cards

NIDS

Network Intrusion Detection System; monitors network traffic for signs of malicious activity and generates alerts, without blocking traffic.

65
New cards

NIPS

Network Intrusion Prevention System; monitors network traffic for malicious activity and actively blocks or prevents it in real time.

66
New cards

SIEM

Security Information and Event Management; a platform that aggregates, correlates, and analyzes log/event data for detection and reporting.

67
New cards

Signature-Based Detection

A detection method that identifies threats by matching activity against known attack patterns or signatures.

68
New cards

Anomaly-Based Detection

A detection method that identifies threats by flagging deviations from an established baseline of normal behavior.

69
New cards

Hybrid Detection

A detection approach that combines signature-based and anomaly-based methods for broader threat coverage.

70
New cards

IoC

Indicator of Compromise; forensic evidence (e.g., unusual traffic, file hashes, IPs) suggesting a system has been breached.

71
New cards

Alert Fatigue

A condition where security analysts become desensitized to a high volume of alerts, increasing the risk of missing genuine threats.

72
New cards

WPA3

Wi-Fi Protected Access 3; the current wireless security protocol standard, offering stronger encryption and protections than WPA2.

73
New cards

EAP

Extensible Authentication Protocol; a framework supporting multiple authentication methods, commonly used in wireless and point-to-point connections.

74
New cards

Beacon Frame

A wireless management frame periodically broadcast by an access point to announce its presence and SSID to nearby devices.

75
New cards

Server

A computer or system that provides resources, data, or services to other computers (clients) over a network.

76
New cards

Embedded Computer

A specialized computing system built into a larger device to perform dedicated functions, such as in appliances or industrial control systems.

77
New cards

IoT

Internet of Things; network-connected physical devices that collect and exchange data, often with limited built-in security.

78
New cards

Virus

Malicious code that attaches itself to a legitimate file or program and requires user action to execute and spread.

79
New cards

Worm

Self-replicating malware that spreads across networks and systems automatically, without requiring user interaction.

80
New cards

Trojan

Malware disguised as legitimate or desirable software to trick users into installing it.

81
New cards

Ransomware

Malware that encrypts a victim's files or locks their system, demanding payment for restoration.

82
New cards

Spyware

Malware that covertly monitors and collects user activity or data without consent.

83
New cards

Keylogger

Malware or hardware that records a user's keystrokes to capture sensitive information like passwords.

84
New cards

Logic Bomb

Malicious code intentionally inserted into a system that lies dormant until triggered by a specific condition or event.

85
New cards

Rootkit

Malware designed to gain and maintain privileged access while hiding its presence from detection.

86
New cards

Fileless Malware

Malware that operates in system memory and leverages legitimate system tools rather than writing files to disk, making it harder to detect.

87
New cards

Cryptographic Hash

A one-way mathematical function that converts input data into a fixed-length string, used to verify integrity.

88
New cards

MD5 (deprecated)

An older cryptographic hash algorithm producing a 128-bit hash; no longer considered secure due to known collision vulnerabilities.

89
New cards

SHA-256

A cryptographic hash algorithm producing a 256-bit hash, widely used for data integrity and security.

90
New cards

SHA-512

A cryptographic hash algorithm producing a 512-bit hash, offering a larger output size than SHA-256.

91
New cards

NTHash

The hashing algorithm used by Windows to store password hashes in the SAM database, also known as NTLM hash.

92
New cards

Salt

Random data added to a password before hashing so identical passwords produce different hashes, defeating precomputed attacks.

93
New cards

Collision

When two different inputs produce the same hash output, undermining the integrity guarantee of a hash function.

94
New cards

Brute Force

A password attack that systematically tries every possible combination of characters until the correct one is found.

95
New cards

Dictionary Attack

A password attack that tries words from a precompiled list of common passwords or phrases.

96
New cards

Rainbow Table

A precomputed table of hash values used to quickly reverse-lookup plaintext passwords from their hashes.

97
New cards

Password Spraying

An attack that tries one common password across many different user accounts to avoid triggering lockout policies.

98
New cards

Credential Stuffing

An attack that uses lists of previously breached username/password pairs to attempt login on other services, exploiting password reuse.

99
New cards

BIOS / UEFI

Firmware that initializes hardware and boots the operating system; UEFI is the modern replacement offering enhanced security like Secure Boot.

100
New cards

Autorun

A feature that automatically executes programs from removable media upon insertion, historically exploited to spread malware.