Across
- 5. A private, secure computer network contained within an organization that is accessible only to its employees and authorized members.
- 8. An authorized, simulated cyberattack against an organization's computer system to evaluate its security weaknesses and identify exploitable vulnerabilities.
- 9. A standardized set of rules and formats that govern how computers and network devices exchange data and communicate with each other.
- 10. Short for "malicious software"; any program or code designed to disrupt, damage, steal data from, or gain unauthorized access to computer systems.
Down
- 1. A weakness, flaw, or bug in a system's design, implementation, or internal controls that can be exploited by cyberthreats to gain unauthorized access.
- 2. A form of social engineering where attackers disguise themselves as trustworthy entities (via email, SMS, or fake websites) to trick individuals into revealing sensitive information.
- 3. A specific type of malware that encrypts a victim's files, rendering them inaccessible, and demands a ransom payment in exchange for the decryption key.
- 4. The practice of storing and maintaining organization data for a specified period to meet business, legal, or regulatory compliance requirements.
- 6. User authentication information—such as usernames, passwords, biometrics, or security tokens—used to verify identity and grant access to systems.
- 7. The guarantee that data is accurate, complete, and has not been altered, tampered with, or destroyed by unauthorized users during storage or transmission.
