Type
Crossword
Description

Is a technique that is used to exploit a vulnerability in any application attack
gaps in a security program that can be exploited by threats to gain unauthorized access to an asset. Vulnerability
potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability. risk
People, property, and information that needed to be protected asset
Anything that can exploit a vulnerability, intentionally or accidentally, and obtain, damage, or destroy an asset threat
Occurs when the system is vulnerable to attacks intrusion
process to retrieve vital data from a crashed system or data storage devices recovery
Occurs when a user/machine is discovered trying to access unauthorized data detection
the action of stopping any form of attack from happening prevention
the process of determining what rights and privileges a particular entity has authorization
Is the process of determining and assigning privileges to various resources, objects or data access control
the process of tracking recording system activities and resource access accounting
the part of accounting in which a security professional examines logs of what was recorded. auditing
Are physical or virtual objects, such as smart cards, ID badges, or data packets, that store authentication information• tokens
Are authentication schemes based on the identification of individuals by their physical characteristics biometrics
the science of hiding information cryptography
the original message plaintext
the encoded message ciphertext
info used in cipher only to sender/receiver key

Cyber Security Crossword

Type
Crossword
Description

any software program in which advertising banners are displayed while the program is running. Adware
designed to detect and destroy computer viruses. Antivirus
an attempt by hackers to damage or destroy a computer network or system. Attack
a method, often secret, of bypassing normal authentication in a product back door
refers to the process of making copies of data or data files to use in the event the original data or data files are lost or destroyed. backup
refers to the process of making copies of data or data files to use in the event the original data or data files are lost or destroyed. Blended threat
are similar to worms and Trojans, but earn their unique name by performing a wide variety of automated tasks on behalf of their master (the cybercriminals) who are often safely located somewhere far across the Internet. bots
are small files that Web sites put on your computer hard disk drive when you first visit cookie
body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access cyber security
made possible by using algorithms to create complex codes out of simple data, effectively making it more difficult for cyberthieves to gain access to the information encryption
a network security system, either hardware- or software-based, that controls incoming and outgoing network traffic based on a set of rules. firewall
someone who seeks and exploits weaknesses in a computer system or computer network. hacker
global system of interconnected computer networks that use the Internet protocol suite internet
a local or restricted communications network, especially a private network created using World Wide Web software. intranet
used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system. malicious code
the activity of defrauding an online account holder of financial information by posing as a legitimate company. phishing
software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive. spyware
any malicious computer program which is used to hack into a computer by misleading users of its true intent trojan horse
a piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data virus
a standalone malware computer program that replicates itself in order to spread to other computers. worm

Cybersecurity Worksheet

Type
Matching Worksheet
Description

Something or someone that may result in harm to asset threat
Probability of a threat exploiting a vulnerability risk
A weakness that threatens the confidentiality, integrity, or availability (CIA) of an asset Vulnerability
Tool or technique that takes advantage of a vulnerability Exploit
Process of identifying, assessing, and reducing risk to an acceptable level Risk management
Security feature designed to restrict who has access to a network, IS, or data. Access control
The process of generating, recording, and reviewing a chronological record of system events to determine their accuracy Audit
Transforming data into scrambled code to protect it from being understood by unauthorized users Encryption
Readable text Plaintext
Encrypted text Ciphertext
Software or hardware device that controls access to a private network from a public network (Internet) by analyzing data packets entering or exiting it Firewall
The ability of an IS to continue to operate when a failure occurs, but usually for a limited time or at a reduced level Fault tolerance

Cyber Security Crossword

Type
Crossword
Description

process of confirming the correctness of the claimed identity authentication
approval, permission, or empowerment for someone or something to do something authorization
cryptanalysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, one-by-one brute force
encrypted form of the message being sent ciphertext
stripping one llayer's headers and passing the rest of the packet up to next higher layer decapsulation
TCP/IP protocol specifying the transfer of text or binary files across the network File Transfer Protocol
pseudo IP address that always refer back to the local host and never sent out to a network (127.0.0.1) loopback address
software appearing to perform a useful function but actually tricks a user into executing malicious logic (e.g. Trojan horse) malicious code
prove that a user sent a message and the message has not been altered non repudiation
sequence of eight bits octet
e-mails that appear to originate from a trusted source to trick a user into entering valid credentials on a fake website phishing
gaining unauthorized logical access to sensitive data by circumventing a system's protections penetration
type of input validation attack where SQL code is inserted into application queries to manipulate the database SQL injection
basic communication language or "protocol" of the Internet TCP/IP
hidden, self-replicating section of computer software that inserts itself and becomes part of the another program virus

INFO Security Crossword

Type
Crossword
Description

a software update designed to fix a particular problem or vulnerability <5 char> patch
the 's' in ______ stands for 'secure' and indicates that communication with a webpage is encrypted <5 char> HTTPS
The activity of copying files or databases so that they will be preserved in case of equipment failure or other catastrophe <6 char> backup
any data classified as personal, private or sensitive information <4 char> PPSI
function of one way encryption that is normally used to check integrity of data <4 char> hash
hardware or software mechanisms to prevent unauthorized users from accessing a computer network <8 char> firewall
malicious software that is inserted into a system, usually covertly, with the intent of compromising the victim's data <7 char> malware
a piece of digital information generated by a web server and saved in your computer after visiting a website <6 char> cookie
a weakness of a system or facility holding information which can be exploited to gain access or violate system integrity <13 char> vulnerability
an internet scam that targets unsuspecting users through email <8 char> phishing
a type of malware designed to block access to a computer system or data until a sum of money is paid <10 char> ransomware
this horse can stampede your security defenses for the bad guys and make you look sheepish too <6 char> trojan
your password is like a ____, use it regularly, change it often and do not share it with anyone else <10 char> toothbrush
a ________ is a program and/or device that monitors data travelling over a network. These programs/devices can be used both for legitimate network management and for stealing information off a network <6 char> snifer
____ is the scrambling of data into a secret code that can be read only by software set to decode that information <10 char> encryption
spoofing, tampering etc are examples of a security _____ <6 char> threat
a way of injecting malicious scripts into web pages <18 char> crosssitescripting
a ransomware crypto worm that attacked running microsoft windows operating systems, in May 2017 <8 char> wannacry
this malware targets microsoft windows based system and prevents it from booting <5 char> petya
group of experts that handle computer security incidents CERT

Crossword - Exercise 1

Type
Crossword
Description

A basic security mechanism that consists of a secret word or phrase that must be used to gain access to an account Password
An attempt by hackers to damage or destroy a computer network or system. Attack
Someone who seeks and exploits weaknesses in a computer system or computer network. Hacker
The process of confirming the correctness of the claimed identity Authentication
e-mails that appear to originate from a trusted source to trick a user into entering valid credentials on a fake website Phishing
The body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access Cyber Security
A standalone malware computer program that replicates itself in order to spread to other computers. Worm
Are small files that Web sites put on your computer hard disk drive when you first visit Cookies
A technology that allows us to access our files through the internet from anywhere in the world. Cloud
Appears at the beginning of the web-link of a secured website HTTPS
Irrelevant or unsolicited messages sent over the Internet, typically to a large number of users, for the purposes of advertising, phishing, spreading malware, etc. Spam
A data classification mode that describes certain data or document as a secret Reporting
A government agency in Qatar that handles all reported incidents related to cyber attacks QCERT
The art of manipulating people to get access to sensitive information Social Engineering
A software that is a type of utility used for scanning and removing harmful software from your computer Antivirus
Any software program in which advertising banners are displayed while the program is running Adware
The use of electronic communication to bully a person Cyberbullying
A phone call tactic in which individuals are tricked into revealing critical financial or personal information Vishing
A software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive Spyware
Similar to worms and Trojans but earn their unique name by performing a wide variety of automated tasks on behalf of their master (the cyber criminals) who are often safely located somewhere far across the Internet. Bots

Quartz Security: Crossword puzzle for National Cyber Security Awareness Month 2017

Type
Crossword
Description

a list of entities that are blocked or denied access/privilege BLACKLIST
the unauthorized access and disclosure of sensitive information released outside of an unauthorized organization DATA BREACH
specialized techniques for gathering, retaining and analyzing data as evidence for investigations FORENSICS
an act of pretending to be from a reputable organization to deceive individuals into providing sensitive information PHISHING
a list of organizations that are considered trustworthy or allowed access/privilege WHITELIST
ensuring information with sensitive data remain hidden, inaccessible to unauthorized users. DATA PRIVACY
a type of malware that requires some type of payment to either remove the malware by the hacker, or retrieve files that have been encrypted by the hacker. RANSOMWARE
a type of digital currency Bitcoin
The practice and process designed to help protect one or an organizations networks, computers, programs and data from unauthorized access. cybersecurity
Medical history information, laboratory results, insurance information and other healthcare data an entity collects to identify an individual Personal health Information
The name of the leader who you would report security incidents to Charlie Pierce
The name of the leader who you would report privacy incidents to Kelly Skifton
The name of our Chief Information Officer who oversees the IT Infrastructures at Quartz Marybeth Bay
Duo-Security is considered what type of authentication when logging in remotely? Multifactor
Name of the form used to submit requests for: Hardware/Software, Security, Telecom or Facilities (Badging only) IT Request Form
To report a compliance incident, who do you contact? compliancehotline
Quartz policy and procedure S014 outlines what type of policy? ACCEPTABLE USE
The process of taking an unencrypted message or data and applying a mathematical function to it, to produce an encrypted message ENCRYPTION
What process do you need to go through for approval before files can be exchanged externally? externaldatareview
You are required to wear this item at all times while on Company premises badge
When a person tags along with another person who is authorized to gain entry pass a certain checkpoint piggyback

Knowledge About Virus Crossword

Type
Crossword
Description

The malicious computer program that spread and do harm to computer, which can be launch through infected program or by the use of infected disk or USB drive virus
The malicious computer program is hidden under the useful application, and later cause harm to the computer trojan horse
A standalone malicious computer program that replicates, spread, and do harm to other computers through exploiting vulnerabilities worm
An attempt by hackers to damage or destroy a computer network or system attack
A software that cause harm to computer malware
A software that encrypts data and require payment to decrypt it ransomware
A software that display advertisement according to information stolen from the spyware adware
A software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive spyware
A software that tracks the key struck on the keyboard keylogger
A technology that get into the operating system to hide a malicious program component rootkit
A software that is designed to detect and destroy computer viruses antivirus
The process of making copies of data to guarantee accessibility when the original data are lost or destroyed backup
The ability to ensure reliable access of information whenever needed availability
The ability to ensure the authenticity of information—the information is trustworthy and accurate integrity
The ability to ensure authorized people can get access to the information only confidentiality
A text message tactic in which individuals are tricked into revealing critical financial or personal information Smsishing
A phone call tactic in which individuals are tricked into revealing critical financial or personal information vishing
The activity of defrauding an online account holder of financial information by posing as a legitimate company phishing
Someone who seeks and exploits weaknesses in a computer system or computer network hacker
Computer robot that performs a wide variety of automated tasks bot
a method, often secret, of bypassing normal authentication in a product back door
Bundles of malicious programs that combine the functionality of different types of malware blended threat
A way of virus propagation in which the malicious code is place in the medium (e.g. CD, DVD…), and will be read by the computer first before the operating system (OS) is read. master boot record
A way of virus propagation in which the malicious code overwrites or inserted in the executable file file infection
A way of virus propagation in which the malicious code is hidden in an automated input sequence macro infection
The technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access cyber security

InfoSec-Crossword

Type
Crossword
Description

Action that might compromise the security Threat
Filters network traffic firewall
Person who exploits a computer system for a reason hacker
Malware that passes information about a computer user’s activities to another entity spyware
Synonym: Tailgating piggybacking
Action of verifying the user's identity authentication
Information is not made available to unauthorized individuals or processes confidentiality
Type of social engineering Baiting
Unauthorized entry into the security mechanisms of a system by an external group Intrusion
Unsolicited bulk commercial email messages spam

IT&S Cyber Security Crossword Puzzle

Type
Crossword
Description

A software that is designed and destroy computer viruses Antivirus
Do not leave your laptop or computer ___________________ Unattended
A ___________ is a hardware of a software that helps keep hackers from using your computer and it watches for outside attempts to access your system and blocks communication that you don't permit Firewall
Email scam or attempt to trick you into giving your password or personal information Phishing
The state of being free from danger and threat Security
A ___________ is often an email that gets mailed in chain letter fashion describing some devasting. highly unlikely type of virus. HOAX
Choose a password that is easy for you _______________ but hard for you someone to guess. Remember
Also known as malicious software any; any program or file that is harmful to a computer user Malware
Passwords should should always be at least this many characters long. Eight
A _______ assessment is the process by which risks are identified and the impact of those risks determined Risk
Applied to data to protect it from unauthorized use in case of theft or loss. Encryption
Always _______your computer when you leave your desk Lock
To protect personal information, avoid sending it via Email
_________________ is a software that gathers computer user information and transmits it to the creator of the software without the explicit knowledge or informed consent of the user SPYWARE
A collection of information that is organized so that it can easily be accessed, managed and updated Database
Never share your _________ with another person Password

Connected Security Crossword

Type
Crossword
Description

Authentication, authorization and ______________ accounting
An attempt to exploit vulnerabilities in hardware and software attack
Process of changing data into a form that can be read only by the intended receiver encryption
Security gateway positioned between two networks firewall
Designed to disrupt computer operation, gain access to private systems, or gather sensitive information malware
An attempt to acquire sensitive information by masquerading as a trustworthy entity phishing
Set of rules defining access to your network Policy
The designated threat level of an attack Severity
Private, secure path through an otherwise public network Tunnel
A collection of computers compromised by malicious code and controlled across a network botnet
A method of protecting information and communications through the use of codes Cryptography
The unauthorized transfer of information from an information system exfiltration
A technique to breach the security of a network or information system exploit
An unauthorized act of bypassing the security mechanisms of a network or information system Intrusion
A recognizable, distinguishing pattern signature
A characteristic or weakness that renders an organization or asset open to exploitation Vulnerability
Term given for the smallest unit of information transmitted across networks Packet
A person or object that presents a danger Threat
The act of abiding by and adhering to a set of standards, rules, and laws compliance
With Juniper Connected Security, you can see, automate and _________________ protect