CYBER Crossword

Edit Answers
1234567891011121314151617181920212223
Across
  1. 2. : The process of granting or denying specific requests to use resources or information systems.
  2. 5. : A security mechanism requiring two or more independent credentials for authentication.
  3. 7. : Fraudulent attempt (often by email) to obtain sensitive information by posing as a trustworthy entity.
  4. 8. : A hidden or undocumented entry point in software or a system to bypass normal security controls.
  5. 9. : A weakness in a system, design, implementation, or configuration that can be exploited.
  6. 11. : Copies of data held in separate storage, used so systems can recover from failures, errors or attacks such as ransomware.
  7. 12. : A network security device or software that monitors and controls incoming and outgoing network traffic based on rules.
  8. 13. : Malicious software designed to damage or do unwanted actions on a computer system.
  9. 18. : Knowledge about threat actors, their tools, tactics, and procedures, used to inform defensive actions.
  10. 21. : A list of approved items (users, applications, IPs) that are granted access; everything else is typically denied by default.
  11. 22. : An attack that disrupts normal traffic by overwhelming a target with requests.
  12. 23. : An individual, group or organisation that has the intent and capability to carry out harmful cyber actions.
Down
  1. 1. : The confirmed exposure of protected or sensitive information to an unauthorised party.
  2. 3. : The ability of an organisation to continue operating and recover during or after a cyber-attack or incident.
  3. 4. : A network of internet-connected devices infected by malware and controlled as a group without the owners’ knowledge.
  4. 6. : A highly sophisticated cyber attack, often by a well-resourced adversary, aiming to remain undetected for a long period.
  5. 10. : A threat posed by someone within the organisation, e.g., an employee, who uses their access (intentionally or unintentionally) to harm the organisation.
  6. 14. : Verifying the identity of a user, process or device.
  7. 15. : A record of events (who did what, when) used to support security monitoring and investigation.
  8. 16. : The approval or permission for someone or something to perform an action.
  9. 17. : The process of converting plaintext into ciphertext to prevent unauthorized access.
  10. 19. : A piece of software, data, or sequence of commands that takes advantage of a vulnerability to cause undesired behaviour.
  11. 20. : A vulnerability or exploit that is unknown to the vendor and has no patch available at time of attack.