Cybersecurity
Across
- 6. Malicious software designed to harm or exploit any programmable device, service, or network.
- 7. A standalone malware computer program that replicates itself in order to spread to other computers.
- 9. A security incident in which information is accessed without authorization.
- 12. A weakness in a system or its design that can be exploited by a threat actor to perform unauthorized actions within a computer system.
- 14. The exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
- 15. A cybersecurity strategy under which a user can only take actions on their computer or network that an administrator has explicitly allowed.
- 17. A small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing.
- 18. A software update comprised code inserted (or patched) into the code of an existing software program to fix security vulnerabilities, improve functionality, or to update the software.
- 21. The act or practice of obtaining secrets without the permission of the holder of the information (personal, sensitive, proprietary or classified), for personal, economic, political, or military advantage using illicit means.
- 23. A mathematical technique used to validate the authenticity and integrity of a message, software, or digital document.
- 24. A method for gaining assurance in the security of an IT system by attempting to breach some or all of that system's security, using the same tools and techniques as an attacker might.
- 26. Evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets.
- 28. A control mechanism that allows through all elements (email, users, passwords, URLs, etc.), except for those explicitly mentioned.
- 29. A network of private computers infected with malicious software and controlled as a group without the owners' knowledge.
- 31. Engineering The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
- 33. Attack An attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
- 34. An attack that aims to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of internet traffic.
- 35. A network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits.
- 38. A systematic evaluation of the security of a company's information system by measuring how well it conforms to a set of established criteria.
- 39. A device or software application that monitors a network or systems for malicious activity or policy violations.
Down
- 1. A set of software tools that enable an unauthorized user to gain control of a computer system without being detected.
- 2. Software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive.
- 3. The application of scientific knowledge to investigate crimes on digital devices, such as computers, smartphones, or networks.
- 4. The act of disguising a communication from an unknown source as being from a known, trusted source.
- 5. A type of surveillance technology used to record keystrokes made by a user, often without their knowledge.
- 8. Software that automatically displays or downloads advertising material when a user is online.
- 10. Software designed to detect, prevent, and remove malicious software like viruses, worms, and trojans.
- 11. The process of identifying, analyzing, and evaluating risk.
- 12. A service that encrypts your internet traffic and protects your online identity by hiding your IP address.
- 13. The process of converting information or data into a code, especially to prevent unauthorized access.
- 16. An organized approach to addressing and managing the aftermath of a security breach or cyberattack.
- 19. Someone who uses computers to gain unauthorized access to data.
- 20. Horse A type of malware that is often disguised as legitimate software.
- 22. A network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
- 25. A type of malicious software designed to block access to a computer system until a sum of money is paid.
- 27. Attack An attack that exploits a previously unknown vulnerability in a computer application or operating system.
- 30. The practice of protecting systems, networks, and programs from digital attacks.
- 32. A cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need.
- 36. Authentication A security process in which users provide two different authentication factors to verify themselves.
- 37. A piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to cause unintended or unanticipated behavior to occur on computer software or hardware.