1/13				14
		2
																						16
3
			4
		5													15
			7												6
	8
9
					10
					11
		12

Across

1. A type of cyber attack that floods a computer network with excessive traffic in order to disrupt normal operations.

2. Elevated permissions and rights granted to select users within an organization, increasing the risk of insider threats.

3. A type of DDoS attack that uses amplification techniques to magnify the volume of traffic sent to a target, making the attack more effective.

4. In asymmetric encryption, a key that is publicly available and used for encryption.

5. A type of malware that disguises itself as a legitimate program but performs malicious activities in the background.

6. The process of converting plaintext into ciphertext using an encryption algorithm and a key.

7. A method of social engineering where an unauthorized person follows an authorized individual to gain access to a restricted area.

8. A policy that governs the appropriate use of the internet and outlines the rules for accessing and using online resources.

9. A secure network connection that allows remote users to access a private network over the internet securely.

10. The act of confirming the identity of a user or device, with the purpose of granting access to a network or system.

11. The process of filtering and validating user input before using it in an application.

12. Security risks posed by individuals within an organization, such as employees or former employees.

Down

13. A cryptographic mechanism that ensures the authenticity and integrity of digital messages or documents.

14. Software designed to detect and remove malicious software, such as viruses, from computer systems.

15. Where an attacker systematically tries all possible combinations of passwords in order to gain unauthorized access to a system.

16. The process of identifying and assessing security vulnerabilities in a network infrastructure to address and mitigate potential risks.

🖶