Unit 3: AP Cybersecurity Vocabulary

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/28

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 2:00 PM on 7/5/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

29 Terms

1
New cards

ARP Poisoning

An attack that sends falsified ARP messages to associate the attacker's MAC address with a legitimate IP address, enabling traffic interception.

2
New cards

MAC Flooding

An attack that overwhelms a switch's MAC address table, forcing it to broadcast traffic to all ports like a hub, enabling eavesdropping.

3
New cards

MAC Spoofing

Changing a device's MAC address to impersonate another device or bypass MAC-based access controls.

4
New cards

DNS Poisoning

Corrupting DNS resolver data to redirect users from legitimate websites to malicious ones.

5
New cards

Smurf Attack

A DDoS technique that spoofs a victim's IP address and sends ICMP broadcast requests, causing many hosts to flood the victim with replies.

6
New cards

DDoS

Distributed Denial of Service; a DoS attack launched from multiple distributed sources (often a botnet) simultaneously to overwhelm a target.

7
New cards

On-Path Attack

An attack where the attacker secretly intercepts and possibly alters communications between two parties.

8
New cards

Eavesdropping / Sniffing

Passively capturing and analyzing network traffic to steal data such as credentials.

9
New cards

Credential Harvesting

The collection of usernames, passwords, or other authentication data, often through phishing or fake login pages.

10
New cards

Rogue Access Point

An unauthorized wireless access point installed on a network, creating a security gap or entry point for attackers.

11
New cards

Stateless Firewall

A firewall that filters traffic based solely on static rules (source/destination IP, port) without tracking connection state.

12
New cards

Stateful Firewall

A firewall that tracks the state of active connections and makes filtering decisions based on the context of traffic flows.

13
New cards

NGFW

Next-Generation Firewall; combines traditional filtering with deep packet inspection, intrusion prevention, and application awareness.

14
New cards

ACL

Access Control List; a set of rules that permits or denies traffic/access based on defined criteria such as IP address, protocol, or port.

15
New cards

DMZ / Screened Subnet

A network segment between an internal network and the internet that hosts public-facing services while isolating the internal network.

16
New cards

Subnetting

Dividing a larger network into smaller, logical sub-networks to improve organization, performance, and security.

17
New cards

VLAN

Virtual Local Area Network; a logical grouping of devices that segments traffic regardless of physical location, improving security and management.

18
New cards

Port Security

A switch feature that restricts which devices (by MAC address) can connect to a specific physical port.

19
New cards

NIDS

Network Intrusion Detection System; monitors network traffic for signs of malicious activity and generates alerts, without blocking traffic.

20
New cards

NIPS

Network Intrusion Prevention System; monitors network traffic for malicious activity and actively blocks or prevents it in real time.

21
New cards

SIEM

Security Information and Event Management; a platform that aggregates, correlates, and analyzes log/event data for detection and reporting.

22
New cards

Signature-Based Detection

A detection method that identifies threats by matching activity against known attack patterns or signatures.

23
New cards

Anomaly-Based Detection

A detection method that identifies threats by flagging deviations from an established baseline of normal behavior.

24
New cards

Hybrid Detection

A detection approach that combines signature-based and anomaly-based methods for broader threat coverage.

25
New cards

IoC

Indicator of Compromise; forensic evidence (e.g., unusual traffic, file hashes, IPs) suggesting a system has been breached.

26
New cards

Alert Fatigue

A condition where security analysts become desensitized to a high volume of alerts, increasing the risk of missing genuine threats.

27
New cards

WPA3

Wi-Fi Protected Access 3; the current wireless security protocol standard, offering stronger encryption and protections than WPA2.

28
New cards

EAP

Extensible Authentication Protocol; a framework supporting multiple authentication methods, commonly used in wireless and point-to-point connections.

29
New cards

Beacon Frame

A wireless management frame periodically broadcast by an access point to announce its presence and SSID to nearby devices.