Across
- 3. A systematic examination of security controls and configurations to identify issues and ensure compliance.
- 5. A validation method that uses vulnerability scanning tools again to check the effectiveness of previous remediation efforts
- 6. A remediation action that involves dividing a network into smaller, isolated sections to contain threats.
- 10. A single virtual or physical host that is configured to appear vulnerable and/or attractive to potential attackers to lure them in
- 12. A network composed of multiple deception hosts, which is more difficult for attackers to detect.
- 14. A method of ensuring application security by analyzing source code or binary code without executing the application
Down
- 1. The initial phase of a penetration test involving intelligence gathering on the target system or network
- 2. The method of isolating or restricting access to compromised or suspicious systems or data to contain and limit the impact of a security incident.
- 4. A cybersecurity practice that involves simulating cyberattacks to proactively identify vulnerabilities in a system.
- 7. A bait file intended to be accessed by malicious actors, which sends an alarm and indicates unauthorized activity in a system
- 8. The abbreviation for tools designed to prevent unauthorized access, use, or transmission of sensitive data.
- 9. The abbreviation for a comprehensive solution that centralizes log and event data to quickly respond to incidents
- 11. Fictitious words or records added to legitimate databases whose presence indicates stolen data, serving as a passive detection method.
- 13. A network protocol that collects IP traffic flow information for analysis and monitoring to provide insight into network traffic patterns.