Final exam ITN 261 ( modules vocabulary )

What is the CIA Triad?

Confidentiality, Integrity, and Availability—core principles of cybersecurity.

What is the Cyber Kill Chain?

A model describing stages of a cyberattack.

What is MITRE ATT&CK?

A framework for classifying adversary tactics and techniques.

What is Ethical Hacking?

Authorized testing of systems to find vulnerabilities.

What is Risk Management?

The process of identifying, assessing, and mitigating risks.

What is Information Assurance?

Protection of systems ensuring availability, integrity, authentication, confidentiality, and non-repudiation.

What is Incident Management?

Steps taken to handle and resolve security incidents.

What is Footprinting?

Gathering information about a target.

What is OSINT?

Open Source Intelligence—public data gathering for reconnaissance.

What is a Whois Lookup?

Identifying domain registration data.

What is DNS Footprinting?

Extracting DNS records.

What is Website Mirroring?

Downloading a full copy of a website.

What is Email Header Analysis?

Inspecting email headers to trace the sender.

What is Social Engineering?

Manipulating people to reveal confidential information.

What is a Ping Sweep?

ICMP scans to discover live hosts.

What is Port Scanning?

Discovering open ports and services.

What is Nmap?

A powerful network scanning tool.

What is Firewall Evasion?

Techniques used to bypass firewalls.

What are Proxies?

Tools to mask origin IP addresses.

What is NetBIOS Enumeration?

Extracting Windows networking information.

What is SNMP Enumeration?

Gathering system details from SNMP-enabled devices.

What is LDAP?

A protocol used to access directory services.

What is Directory Traversal?

Exploring directories and file paths on web servers.

What is a Vulnerability Scanner?

Tool to identify system weaknesses (e.g., OpenVAS).

What is CVE?

Common Vulnerabilities and Exposures—public list of known vulnerabilities.

What is Privilege Escalation?

Gaining higher access on a system.

What is a Buffer Overflow?

Exploit where excess data corrupts memory.

What is Metasploit?

Framework for developing and executing exploits.

What is Meterpreter?

Metasploit payload for post-exploitation.

What is Netcat?

Tool for network communication and backdoors.

What is Pass-the-Hash?

Attack using password hash without decrypting it.

What is Hashcat?

Password recovery tool using GPU acceleration.

What is a Trojan Horse?

Malware disguised as legitimate software.

What is a Rootkit?

Malware designed to hide its presence.

What is an APT?

Advanced Persistent Threat—a long-term, targeted cyberattack.

What is Static Analysis?

Analyzing code without executing it.

What is Packet Sniffing?

Intercepting network traffic (e.g., Wireshark).

What is ARP Poisoning?

Redirecting traffic using spoofed ARP messages.

What is a MITM attack?

Attacker secretly relays or alters communication.

What is Phishing?

Tricking users into revealing sensitive info via fake messages.

What is Impersonation?

Pretending to be someone else to gain trust.

What is an Insider Threat?

Risk posed by individuals within the organization.

What is a DoS/DDoS Attack?

Overwhelming a system with traffic to make it unavailable.

What is a TCP SYN Flood?

DoS method using SYN packets to exhaust resources.

What is a BotNet?

Network of zombified devices used in DDoS attacks.

What is a Session Token?

Unique identifier for a user session.

What is XSS?

Injecting malicious scripts into web pages.

What is CSRF?

Tricking users into executing unwanted actions.

What is an IDS?

Intrusion Detection System—monitors traffic for suspicious activity.

What is Snort?

Open-source IDS.

What is a Honeypot?

Decoy system to detect attackers.

What is a Web Application Firewall?

Firewall that protects application layer resources.

What is Web Defacement?

Unauthorized alteration of a website’s appearance.

What is the OWASP Top 10?

List of top web application security risks.

What is SQL Injection?

Inserting SQL commands into input fields.

What is Command Injection?

Injecting OS commands.

What is Clickjacking?

Tricking users into clicking something hidden.

What is XXE?

XML External Entity injection attack.

What is IDOR?

Insecure Direct Object Reference vulnerability.

What is Burp Suite?

Web vulnerability scanner and proxy tool.

What is Blind SQLi?

SQL injection where inference is used instead of direct feedback.

What is SQLmap?

Tool for automating SQL injection detection and exploitation.

What is WPA3?

Most recent and secure Wi-Fi encryption standard.

What is WPS?

Vulnerable Wi-Fi Protected Setup protocol.

What is Flipper Zero?

Multi-tool for wireless and hardware hacking.

What is Jailbreaking?

Removing restrictions on iOS to gain root access.

What is Rooting?

Removing restrictions on Android devices.

What is MDM?

Mobile Device Management—admin control over mobile devices.

What is IoT?

Internet of Things, often insecure and unpatched.

What is OT?

Operational Technology—used in industrial controls like SCADA.

What is Shodan?

Search engine for internet-connected devices.

What are IaaS, PaaS, SaaS?

Different cloud service models.

What is an S3 Bucket?

Cloud storage service which can be misconfigured.

What is the Shared Responsibility Model?

Defines security obligations for providers and users.

What is Symmetric Encryption?

Encryption using one key for encryption and decryption.

What is Asymmetric Encryption?

Encryption using a public/private key pair.

What is PKI?

Public Key Infrastructure—framework for managing digital keys.

What is a Hash Function?

One-way encryption for integrity (e.g., SHA-256).

What is a Digital Signature?

Verifies message origin and integrity.

What is IP Spoofing?

Forging source IP address to hide identity or impersonate.

What is MAC Spoofing?

Changing MAC address to bypass security controls.

What is ARP Spoofing?

Associating attacker's MAC with IP of another host.

What is DNS Spoofing?

Corrupting DNS cache to redirect traffic to malicious sites.

What is a Replay Attack?

Reusing valid data transmissions to gain access.

What is Man-in-the-Middle?

Intercepting communication between two systems.

What is a Ping of Death?

Sending oversized or malformed packets to crash a system.

What is a Smurf Attack?

Using spoofed ICMP echo requests to flood a target.

What is a Fragmentation Attack?

Sending fragmented packets to bypass defenses.

What is a Land Attack?

Sending packet with same source and destination IP/port.

What is a Teardrop Attack?

Sending overlapping IP fragments to crash systems.

What is Session Hijacking?

Taking over an active session between client and server.

What is Credential Stuffing?

Using leaked credentials in automated login attempts.

What is a Rogue DHCP Server?

Unauthorized DHCP server misdirecting users.

What is an Evil Twin Attack?

Fake Wi-Fi access point to steal data.