Cast study - An ethical approach to hacking

1234567891011121314151617181920212223242526
Across
  1. 1. Simulated cyberattacks used to assess system security.
  2. 3. The analysis of systems and data to investigate security incidents or breaches.
  3. 5. Software used to recover or bypass passwords through brute force or other methods.
  4. 11. A testing method where the tester has full knowledge of the system’s internals.
  5. 12. The technique of identifying active devices and services on a network.
  6. 15. A testing method where the tester has partial knowledge of the system.
  7. 16. A social engineering attack using phone calls to extract sensitive information.
  8. 19. A unique identifier assigned to each device connected to a network.
  9. 20. The creation of code or tools to take advantage of system vulnerabilities.
  10. 21. Identifying the operating system of a target device during reconnaissance.
  11. 22. Probing a system to identify open ports and available services.
  12. 24. Psychological manipulation tactics to trick people into revealing confidential information.
  13. 26. A documented strategy for detecting, responding to, and recovering from security incidents.
Down
  1. 2. An evaluation of an organization’s overall cybersecurity strength and weaknesses.
  2. 4. A web attack that injects malicious scripts into trusted websites.
  3. 6. Using advanced search operators to find sensitive data or vulnerabilities online.
  4. 7. The process of evaluating systems through defined methods to find vulnerabilities.
  5. 8. Publicly available information gathered for analysis.
  6. 9. Malicious software designed to harm or exploit systems.
  7. 10. An exploit where a program overruns a buffer’s boundary and overwrites adjacent memory.
  8. 13. A code injection attack targeting databases through malicious SQL queries.
  9. 14. A social engineering method that involves inventing a scenario to steal information.
  10. 17. An individual who gains unauthorized access to systems or data.
  11. 18. A testing method where the tester has no prior knowledge of the system.
  12. 23. The layout or structure of a network’s connections and devices.
  13. 25. The process of discovering devices and connections within a network.