Across
- 6. Virtual private connection over public networks
- 7. Restricting distribution based on sensitivity
- 8. Detects, blocks, and responds on endpoints (abbr.)
- 11. Legal framework protecting personal information
- 12. Network barrier enforcing traffic rules
- 13. Targeted, well-researched phishing attack
- 16. Manipulating people to bypass security
- 17. Program that demands payment to restore data
- 19. Authentication standard for phishing resistance
- 23. Application for generating/storing credentials
- 25. Principle: assume breach and verify explicitly
Down
- 1. Backups that enable restoration after attacks
- 2. Small software flaw exploited by attackers
- 3. Process of reporting an event to Security
- 4. Transforming data to unreadable form
- 5. Attack where criminals pose as executives
- 9. Practice of updating systems to fix flaws
- 10. Limiting access to only what’s needed
- 14. Protects data in transit on untrusted networks
- 15. Malicious software
- 18. Deceptive emails designed to steal information
- 20. Policy prohibiting unapproved tools
- 21. Security model emphasizing continuous verification
- 22. Second factor for identity verification
- 24. Preventing unauthorized data exfiltration (abbr.)