Reconnaissance, or information gathering, is the first phase of a targeted attack. The attacker learns as much as possible about the target (e.g., their job, colleagues, interests) to make the subsequent attack, such as spear phishing, more believable.

The key length, measured in bits (e.g., 128-bit, 256-bit), determines the number of possible keys. A longer key length means there are exponentially more possible keys, making a brute-force attack (trying every key) computationally infeasible.

A firewall is a crucial component of network security. Its primary function is to act as a barrier between a trusted internal network and an untrusted external network (like the internet). It achieves this by monitoring incoming and outgoing network traffic and filtering it based on a set of predefined security rules. These rules determine which traffic is allowed to pass through and which is blocked, thereby preventing unauthorized access, malware, and other cyber threats from entering or leaving the network. While encryption (option a) is a security measure, it's not the primary role of a firewall. Boosting network speed (option c) is handled by network optimization tools, not firewalls. Assigning IP addresses (option d) is typically the role of a DHCP server or network administrator.

A DMZ is a buffer zone that contains public-facing servers, such as web and email servers. These servers are accessible from the internet, but they are isolated from the internal corporate network by a firewall. This way, if a public server is compromised, the attacker does not have direct access to the internal network.

To be considered true MFA, the verification methods must come from at least two of the three distinct factor categories (knowledge, possession, inherence). A password and a security question are both knowledge-based factors, so this is just a layered form of single-factor authentication.

A false negative is a failure of detection. It is a highly dangerous situation where a real intrusion or attack occurs, but the security system does not generate an alert, allowing the attack to proceed unnoticed.

The teardrop attack exploits a vulnerability in the TCP/IP fragmentation reassembly process. By sending mangled and overlapping IP fragments, the attacker can cause the receiving operating system to panic or crash when it tries to put them back together.

A blockchain is a chain of blocks, where each block contains a cryptographic hash of the previous block. This creates an immutable and tamper-evident ledger, as changing any data in a previous block would change its hash, which would break the chain.

A software firewall (or host-based firewall) runs on a specific endpoint and protects only that machine. A hardware firewall (or network firewall) is a dedicated appliance that sits at the edge of a network, protecting all the devices behind it.

Authenticator apps generate time-based one-time passwords (TOTP) directly on the device and are not vulnerable to SIM swapping or SMS interception attacks, which makes them significantly more secure than SMS-based 2FA.