Across
- 3. A network security device that monitors and filters incoming and outgoing traffic.
- 8. A method used to take advantage of vulnerabilities.
- 9. Endpoint Detection and Response, tools for endpoint threat detection and response.
- 10. Security Operations Center, a centralized team for monitoring and responding to security incidents.
- 11. A one-way function to generate a fixed-size representation of data.
- 12. Data Loss Prevention, tools to prevent data exfiltration.
- 14. The likelihood of a threat exploiting a vulnerability with impact.
- 15. Command and Control infrastructure used by attackers to communicate with compromised systems.
- 16. A potential cause of an incident that could harm a system or organization.
- 19. Open Source Intelligence, information gathered from publicly available sources.
- 22. Mean Time to Detect, the average time to identify a security incident.
- 24. A security event compromising the confidentiality, integrity, or availability of information.
- 26. A record of events or actions on a system or network.
- 28. Isolating suspicious files or programs to observe their behavior.
Down
- 1. Mean Time to Respond, the average time to respond to and remediate an incident.
- 2. Malicious software such as viruses, worms, or ransomware.
- 4. Isolating suspicious files or processes to prevent harm to systems.
- 5. Management The process of updating software and systems to address vulnerabilities.
- 6. A vulnerability unknown to the vendor, exploited before a fix is available.
- 7. Virtual Private Network, encrypting data over untrusted networks.
- 13. The part of malware that performs the malicious action.
- 15. Cloud Access Security Broker, tools that enforce security policies for cloud services.
- 16. Tactics, Techniques, and Procedures used by threat actors.
- 17. Remote Monitoring and Management, tools for remote administration of client systems.
- 18. Advanced Persistent Threat, a sophisticated and long-term cyber attack.
- 20. A social engineering attack to steal sensitive information via deceptive emails or websites.
- 21. Indicator of Compromise, data points that signal malicious activity.
- 23. Demilitarized Zone, a subnet adding security for external-facing services.
- 25. A protocol for collecting and organizing log messages across a network.
- 27. Security Information and Event Management, a tool for log aggregation and analysis.