IB CS 2026 Case Study terminology

full-widthCall with Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/25

flashcard set

Earn XP

Description and Tags

IB DP CS 2026 Case study's vocabulary

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No study sessions yet.

26 Terms

1

Buffer overflow attacks

An attack where too much data is sent to a program so it overwrites memory and may crash or run attacker code.

2

Cross-site scripting (X-SS)

A web attack where an attacker injects malicious script into a trusted website so it runs in a user’s browser.

3

Exploit development

The process of creating code or a method that takes advantage of a software weakness to gain access or control.

4

Hacker

Someone who uses technical skills to access or test systems; can be ethical (authorized) or unethical (unauthorized).

5

IP address

A unique number assigned to a device on a network that helps identify it and route data to it.

6

Malware

Software designed to harm a computer or network

7

Network mapping

Creating a diagram or list of devices and connections in a network to understand how it is structured.

8

Network scanning

Checking a network to find active devices

9

Network topology

The layout of a network—how devices are connected (for example star

10

Open-source intelligence (OSINT)

Information gathered from publicly available sources (websites

11

OS detection

Identifying what operating system a device is running (for example Windows

12

Password cracking tool

A program used to guess or recover passwords (for example by trying many combinations or using known password lists).

13

Penetration testing

An authorized security test where testers attempt to find and safely exploit weaknesses to improve security.

14

Port scanning

Checking which network ports on a device are open to learn what services might be running.

15

Pretexting

A social engineering method where an attacker invents a believable story to trick someone into sharing information or access.

16

Response plan

A documented set of steps an organization follows to handle a security incident (contain

17

Search engine dorking

Using advanced search terms to find sensitive information that may be accidentally exposed online.

18

Security posture assessment

An overall review of an organization’s security strengths and weaknesses

19

Social engineering attacks

Attacks that manipulate people into giving up information

20

SQL injection

A database attack where an attacker inserts harmful SQL commands into an input field to access or change data.

21

System forensics

Collecting and analyzing digital evidence after an incident to understand what happened and support reporting.

22

Testing

Checking a system to find bugs

23

Black box

Testing with no internal knowledge of the system; the tester behaves like an outsider.

24

Grey box

Testing with limited internal knowledge (some access or details) to focus and improve the test.

25

White box

Testing with full knowledge of the system (code

26

Vishing (voice phishing)

A scam where attackers use phone calls or voice messages to trick people into revealing sensitive information.