A digital certificate, issued by a Certificate Authority, is like a digital passport. It contains information like the owner's name, the public key, the certificate's expiration date, and the digital signature of the CA, which vouches for the certificate's authenticity.

This is a highly targeted form of spear phishing known as BEC or CEO fraud. The attacker uses social engineering, impersonation, and a sense of urgency to trick an employee into bypassing normal security procedures and making an unauthorized financial transaction.

A firewall acts as a critical barrier between a trusted internal network and an untrusted external network, such as the internet. It works by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules. Firewalls can be implemented as dedicated hardware appliances or as software running on a server or individual computer, making them a versatile tool for preventing unauthorized access and mitigating various cyber threats.

A basic packet-filtering firewall makes its decisions based on information in the network and transport layer headers, such as source and destination IP addresses, ports, and the protocol type (TCP, UDP, ICMP).

An IDS is a passive monitoring tool, like a security camera. It watches network traffic and system logs, and if it detects something suspicious that matches a known attack signature or an anomaly, it generates an alert for a security administrator to investigate.

This question describes the 'Possession' authentication factor. This factor validates a user's identity based on a physical item they possess, such as a smartphone (for software tokens or push notifications), a hardware security key (like a YubiKey), a smart card, or a one-time password (OTP) token. These items are typically unique to the user and are required to complete the authentication process. Let's look at why the other options are incorrect: * **Knowledge (Something you know)** refers to information only the user should know, like a password, PIN, or security question answer. * **Inherence (Something you are)** refers to biometric factors, such as fingerprints, facial recognition, or iris scans. * **Location (Somewhere you are)** is an additional context-aware authentication factor that verifies the user's geographical position, often used in conjunction with other factors, but it's not one of the primary 'Something you know/have/are' categories.

Salting is a crucial security measure for password storage. By adding a unique salt to each password before hashing, it ensures that two users with the same password will have different hashes. This prevents attackers from using pre-computed "rainbow tables" to crack the hashes.

Shoulder surfing is the act of looking over someone's shoulder to see what they are typing. This makes knowledge-based factors like passwords and PINs, which must be visibly entered, the most vulnerable to this type of attack.

In cybersecurity, a race condition vulnerability can be exploited by an attacker who influences the timing of events to bypass a security control. For example, an attacker might try to use a gift card twice by sending two simultaneous requests before the system can update the balance.

A hash function creates a unique, fixed-length "digital fingerprint" of a piece of data. It's a one-way process; you cannot reverse the hash to get the original data. Hashing is used to verify data integrity and to store passwords securely.