A network of private computers infected with malicious software and controlled without their owners' knowledge, often used to send spam messages, is called...
Botnet
100
An attack that exploits a vulnerability which doesn’t yet have a remedy is called...
Zero-day Attack
100
An attack where every possible combination of letters, numbers, and characters is used to crack a password is called…
Brute Force
100
The best defense against ransomware is…
Regular Backups
100
Unsolicited email is called…
Spam
200
When you are working in a public place, you need to be wary of people seeing what you are working on. These people are often called…
Shoulder Surfers
200
Malware which is contained in a valid program and usually offers the promise of something you might be interested in, such as a screen saver or photograph, but is designed to give hackers access to your computer or files, is called…
Trojan or Trojan Horse
200
Passwords should be long and strong. What are the 4 types of characters which make up a strong password?
The hardware and/or software solution which guards the computer by maintaining traffic inside the network and keeping malicious traffic out is called…
Firewall
200
The most common type of social engineering attack which occurs when an attacker, masquerading as a trusted entity, tricks a victim into opening an email, instant message, or text message, is called...
Phishing
300
The use of personality, knowledge of human nature, and social skills to steal information or gain access to systems is called...
Social Engineering
300
Malicious software that tracks and reports where you go on the Internet and what you type on your keyboard is called…
Spyware
300
At most, how many times should you reuse the same password?
None
300
The name of the networking technology used to secure everything between your computer and the target network, especially useful in maintaining privacy on public hotspots, is called…
VPN (Virtual Private Network)
300
The process of using publicly available information such as on Linked In or Facebook to target an attack against a specific individual or organization is called…
Spear Phishing
400
The physical procedure where an unauthorized person gains access to a location by simply following an authorized user into a facility is called...
Piggybacking or Tailgating
400
A type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless money is paid is called...
Ransomware
400
An attempt to crack passwords by using well-known words or phrases is called…
Dictionary Attack
400
The process of encoding information in such a way that only authorized parties can read it is called…
Encryption
400
Information that can be used on its own or with other information to identify, contact, or locate an individual is called…
Personally Identifiable Information (PII)
500
A malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, is called…
Insider Threat
500
Many people type web addresses into a search engine instead of the browser's address bar. This can lead to clicking on a link to a bad site where malicious software can be installed, an attack called…
Drive-by Download
500
A security process which requires users to provide multiple different authentication factors to verify their identity is called...
Multifactor Authentication (MFA) or Two Factor Authentication (2FA)
500
The process of evaluating vulnerabilities and threats, identifying countermeasures, and applying mitigating actions to reduce risk to an acceptable level is called...
Risk Management
500
A document which lays out practices that a user must agree to for access to a corporate network or the Internet is called…