A potential danger or harmful event that could negatively affect the CIA of the network or data

The likelihood and potential impact of a harmful event happening to the network or data.

A code, sequence of commands, or piece of software designed to take advantage of weakness in the system.

a specific method or pathway used by an attacker to gain unauthorized access to a computer system

A weakness or flaw in a system, application, or network that could be taken advantage of by an attacker

Employing multiple layers of security controls, each designed to detect and prevent attacks at different stages

Every access must be authenticated and authorized before being granted access to resources

The process of reducing the attack surface of devices, systems or networks.

users should only have access to the minimum resources necessary to perform their intended tasks

Assigning different jobs to different servers.

Enables organizations to administer and maintain portable devices and drives and even wipe them, if stolen.

The process of identifying threats and vulnerabilities and then defining countermeasures to prevent them.

Physical security measure that prevents unauthorized access by using an enclosed space with two interlocking doors

Ensures that no party in a communication can later deny their participation or the authenticity of their actions

A physical security device designed to prevent theft or unauthorized removal of electronic devices like laptops, desktops

The protection from unauthorized access. Part of the CIA triad.

Determines which resources a user can access after successfully authentication. Part of the AAA framework

Maintaining the accuracy and trustworthiness of data. Part of the CIA triad

Ensuring that authorized users can access data and systems when they need them. Part of the CIA triad.

Records user activity and resource usage. Part of the AAA framework

A numeric code used for "what you know" factor of authentication and access control

Requires users to prove their identity using two or more distinct authentication factors before gaining access

A physical card with an embedded chip that can be used for "what you have" factor of authentication

Unique biological or behavioral characteristics based on the "what you are" authentication factor

Physical device or software app, that generate unique codes for "what you have" factor of authentication

Uses specific database language statements run for the purpose of getting or changing information in a

database

An injection of a bogus destination for an IP address

Type of ransomware that prevents access to files.

The overloading of a reserved space for data that can overwrite other parts of memory or grant unauthorized access

An on-path attack where a Trojan horse installed on a victim's computer can modify web transactions.

isolates a computer or network from other networks, particularly the internet, to protect sensitive data

creates a complete copy of all data, including files, folders, and evvven the operating system, to a different location

Copies all changes made since the last full backup

only backs up changes made since the previous backup

having backup systems and processes in place to ensure continued operation and data integrity in the event of a failure or cyberattack.