1/28
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
ARP Poisoning
An attack that sends falsified ARP messages to associate the attacker's MAC address with a legitimate IP address, enabling traffic interception.
MAC Flooding
An attack that overwhelms a switch's MAC address table, forcing it to broadcast traffic to all ports like a hub, enabling eavesdropping.
MAC Spoofing
Changing a device's MAC address to impersonate another device or bypass MAC-based access controls.
DNS Poisoning
Corrupting DNS resolver data to redirect users from legitimate websites to malicious ones.
Smurf Attack
A DDoS technique that spoofs a victim's IP address and sends ICMP broadcast requests, causing many hosts to flood the victim with replies.
DDoS
Distributed Denial of Service; a DoS attack launched from multiple distributed sources (often a botnet) simultaneously to overwhelm a target.
On-Path Attack
An attack where the attacker secretly intercepts and possibly alters communications between two parties.
Eavesdropping / Sniffing
Passively capturing and analyzing network traffic to steal data such as credentials.
Credential Harvesting
The collection of usernames, passwords, or other authentication data, often through phishing or fake login pages.
Rogue Access Point
An unauthorized wireless access point installed on a network, creating a security gap or entry point for attackers.
Stateless Firewall
A firewall that filters traffic based solely on static rules (source/destination IP, port) without tracking connection state.
Stateful Firewall
A firewall that tracks the state of active connections and makes filtering decisions based on the context of traffic flows.
NGFW
Next-Generation Firewall; combines traditional filtering with deep packet inspection, intrusion prevention, and application awareness.
ACL
Access Control List; a set of rules that permits or denies traffic/access based on defined criteria such as IP address, protocol, or port.
DMZ / Screened Subnet
A network segment between an internal network and the internet that hosts public-facing services while isolating the internal network.
Subnetting
Dividing a larger network into smaller, logical sub-networks to improve organization, performance, and security.
VLAN
Virtual Local Area Network; a logical grouping of devices that segments traffic regardless of physical location, improving security and management.
Port Security
A switch feature that restricts which devices (by MAC address) can connect to a specific physical port.
NIDS
Network Intrusion Detection System; monitors network traffic for signs of malicious activity and generates alerts, without blocking traffic.
NIPS
Network Intrusion Prevention System; monitors network traffic for malicious activity and actively blocks or prevents it in real time.
SIEM
Security Information and Event Management; a platform that aggregates, correlates, and analyzes log/event data for detection and reporting.
Signature-Based Detection
A detection method that identifies threats by matching activity against known attack patterns or signatures.
Anomaly-Based Detection
A detection method that identifies threats by flagging deviations from an established baseline of normal behavior.
Hybrid Detection
A detection approach that combines signature-based and anomaly-based methods for broader threat coverage.
IoC
Indicator of Compromise; forensic evidence (e.g., unusual traffic, file hashes, IPs) suggesting a system has been breached.
Alert Fatigue
A condition where security analysts become desensitized to a high volume of alerts, increasing the risk of missing genuine threats.
WPA3
Wi-Fi Protected Access 3; the current wireless security protocol standard, offering stronger encryption and protections than WPA2.
EAP
Extensible Authentication Protocol; a framework supporting multiple authentication methods, commonly used in wireless and point-to-point connections.
Beacon Frame
A wireless management frame periodically broadcast by an access point to announce its presence and SSID to nearby devices.