Search Results

A hardware device designed to monitor and protect computer networks from suspicious, malicious, and prohibited network activity. IDS' can be configured to adhere to a security policy created by an organization by the network admin. IDS use signature patterns ...

A type of monitor that produces image by moving liquid crystals that block or allow light to pass through them. Features Light is provided to the monitor via a backlight on the flat panel display. A polarizing glass filter is placed both in front of and behin...

A set of procedures defining how evidence is handled after a security breach in an enterprise settings. This is usually listed out in an organizations security policy. #XIV

aliases: PCI DSS The legal standards for financial data storage at enterprise levels. There are 12 requirements under 6 categories that an organization needs to adhere to if they want to be able to process card payments. Legislation Sarbanes-Oxley-Act-of-...

A congressional act that forces public companies to be transparent in regards to creating and maintaining financial records. Often abbreviated as the SOX Act. #XIV

A Congressional act that forces companies that offer loans, investment advice, or loans to adhere to certain rules when storing customer data securely, and how to properly share customer data. The GLBA is enforced by the Federal Trade Commission, so this is ta...

A hardware piece on a computer where an electrical connector can be used to link the device to other devices. A logical communication channel that network nodes use to send and receive data on. A list of the ports and their protocols can be found here. #III

The act of sending malicious messages intended to fool and/or manipulate a victim into giving up sensitive information or to perform actions that will result in a compromised system. #XIV

A specific type of phishing that targets high-value individuals within an organization, such as the CEO. #XIV

A type of phishing where the attacker researches the target extensively to craft a personalized message designed to fool the target and the target specifically. #XIV

A social engineering attack where the attacker gains access to a secured place simply by closely following an authorized person. #XIV

A type of social engineering that allows the attacker to gain critical and/or sensitive information simply by looking over the shoulder of a target and viewing their computer screen. #XIV

A social engineering attack where the attacker attempts to gain access to secured data by pretending to be a verified, authorized person. #XIV

A type of social engineering attack where the attacker configures a rogue access point designed to mimic the legitimate network. The attacker can then kick off targets from the actual network, and when the clients attempt to reconnect, they will instead connec...

A type of social engineering attack where the attacker attempts to gain secured data or information over the phone. #XIV

aliases: DoS DDoS A type of web server threat that overwhelms the target server with loads of data it cannot handle, causing it to shut down. Denial of Service attacks can target a network, specific apps or services, or even the underlying systems used to ...

A type of web server attack where the attacker exploits misconfigured input fields, inputting malicious code that, when processed, will be executed by the server and grant the attacker unauthorized access to the web server.

A type of web server attack where the injects malicious SQL code into an input field in order to manipulate the underlying SQL database.