Cyber Security Glossary: Cyber Security Terms Listed From A to Z
Cyber Security Glossary: Cyber Security Terms Listed From A to Z
February 13, 2023, 71 min read
Table of Contents
How can you begin to protect yourself from cyber threats if you have no idea what those threats are or what countermeasures exist? An essential first step in utilising a comprehensive cybersecurity programme that has your back is arming yourself with knowledge.
Regarding cyber security, the solutions available often rely on technical terms or jargon to explain themselves, even though these issues have profound implications for you and your business. That’s why we sat down and included all the terms you’ve meant to learn more about.
Cyber Security A to Z: A Comprehensive Glossary of Essential Cyber Security Terms
Cyber security is a broad field that consists of many terms and definitions. By learning these terms, you can recognize the importance of information security. These terms will help you to understand cyber security and information security better.
In addition, by knowing these terms, you can find out how security strategies work behind. Are you ready to tackle anything and everything related to cyber security? If yes, read this post and get familiar with these tech words.
Become the Thesarus around you!
A – B
Access Control
Access Control ensures that system resources are only accessible to authorized users, preventing unauthorized access.
Access Control List (ACL)
An Access Control List (ACL) is a tool used to enforce access restrictions on a system by listing the users or entities authorized to access specific resources.
Access Control Service
An Access Control Service provides a layer of security that protects system resources from unauthorized access. It typically relies on mechanisms like Access Control Lists (ACLs) and tickets for implementation.
Access Matrix
An Access Matrix is a security model that organizes access permissions by listing subjects (users or processes) in rows and objects (resources) in columns, with each cell showing the specific privileges granted.
Account Harvesting
Account Harvesting refers to the practice of collecting legitimate usernames from a system to identify potential targets for unauthorized access.
ACK Piggybacking
ACK Piggybacking is the technique of sending an acknowledgment (ACK) within a data packet that is part of a larger communication, typically going to the same destination.
Active Content
Active Content refers to program code, such as Java or ActiveX, that is embedded in web page content. When a user accesses the page, the code is automatically downloaded and executed on their device.
Activity Monitors
Activity Monitors are tools designed to detect and block malicious actions on a system, helping to prevent malware infections by monitoring and intercepting suspicious activity.
Address Resolution Protocol (ARP)
ARP (Address Resolution Protocol) is used to map an IP address to a physical machine address (MAC address) within a local network. This mapping is maintained in an ARP cache and can be used to convert addresses in both directions.
Advanced Encryption Standard (AES)
AES (Advanced Encryption Standard) is a symmetric encryption algorithm being developed by NIST to provide a publicly available and secure method of encrypting data.
Advanced Persistent Threats
These kinds of stealthy threat actors could be harmful. These can gain unauthorized access to a computer network and remains undetected for an extended period. When an unauthorized user invades a network, the user might stay for an extended period and steal the data without harming the network.
Algorithm
An algorithm is a precise, step-by-step procedure designed to solve a problem or perform a computation, often executable by a computer.
Applet
An applet is a small Java program that runs within a web browser, providing an interactive user interface for web applications.
ARPANET
ARPANET (Advanced Research Projects Agency Network) was a pioneering packet-switched network developed in the 1970s by the U.S. government. It served as the foundation for what eventually became the modern Internet and was retired in June 1990.
Asymmetric Cryptography
Asymmetric Cryptography, also known as public-key cryptography, uses two keys—a public key and a private key—where each key serves a different purpose within the encryption and decryption process.
Asymmetric Warfare
Asymmetric warfare refers to situations where a smaller, less-resourced force can achieve significant impact through strategy, innovation, or leveraging advantages against a larger opponent.
Auditing
Auditing is the process of collecting and analyzing information about assets to verify compliance with policies, identify vulnerabilities, and ensure security.
Authenticator
An authentication check is performed before a user or device is granted access to a protected network or data. To put it another way, authentication is the process of verifying a user’s claimed identity. This guarantees that only those who should have access to protected systems do. To access data on a network, a user must first prove their identity by providing credentials kept in a secure location. If you use authentication, you can be sure you’re letting the right person in at the right time. However, this never happens by itself.
Autonomous System
An autonomous system is a collection of networks or a single network under common administrative control. It is also known as a routing domain and is assigned a globally unique identifier called the Autonomous System Number (ASN).
Attack Vector
Vectors of attack are the entry points through which hackers penetrate a system or network. An attack surface is the sum of all the potential entry points a hacker could use to compromise a system or network and steal information. The term “attack vector,” often used interchangeably with “attack vector,” describes the various entry points through which a hacker could compromise a system and steal sensitive information.
Backdoor
A backdoor is a malicious tool installed on a compromised system to provide an attacker with continued, unauthorized access, bypassing any security measures in place.
Bandwidth
Bandwidth refers to the capacity of a communication channel to transmit data within a specific time frame, typically measured in bits per second.
Banner
A banner is a message displayed to a user trying to connect remotely to a service, often containing system details, version information, or a warning about authorized use.
Basic Authentication
Basic Authentication is a simple web-based authentication method where the username and password are sent with each request to verify user identity.
Bastion Host
A bastion host is a highly secured system designed to withstand potential vulnerabilities and attacks, often positioned as a gateway to a protected network.
BIND
BIND (Berkeley Internet Name Domain) is a popular software for implementing Domain Name System (DNS), used to map domain names to IP addresses.
Biometrics
Biometrics refers to the use of an individual’s unique physical traits, such as fingerprints or facial recognition, for identity verification and access control.
Bit
A bit is the smallest unit of data in computing, representing a binary value of either “0” or “1” used to encode information.
Black Hat Hacking
These vulnerabilities could be sold by the hacker to other criminal enterprises. To distinguish malicious hackers from legitimate ones (white hats and grey hats), the term “black hat” has been coined. The white hats worn by the good guys and the black ones worn by the bad guys were a nod to the early Westerns that inspired these classifications.
Block Cipher
A block cipher encrypts data in fixed-size blocks, transforming plaintext into ciphertext one block at a time to ensure secure communication.
Blue Team
A Blue Team is responsible for defensive cybersecurity measures, including configuring firewalls, enforcing authentication protocols, managing patching programs, and strengthening both digital and physical security.
Boot Record Infector
A boot record infector is a type of malware that embeds malicious code into the boot sector of a disk, allowing it to execute before the operating system loads.
Border Gateway Protocol (BGP)
BGP is a routing protocol that enables autonomous systems (AS) to exchange internet routing information, playing a crucial role in directing traffic between internet service providers (ISPs).
Bot
A bot, short for “robot,” is a programme or script that executes predetermined automated actions. Malicious bots carry out activities that can be used to take over a computer remotely. These infected machines have been called zombies. Although taking over a single computer has benefits, the real value comes from amassing many zombie computers and connecting them so they can be controlled in unison to carry out massively destructive acts.
Botnet
A Botnet is a network of infected computers that can be directed and coordinated by a central command and control server. Internet Relay Chat (IRC) cybercriminals use bots to control user accounts and conduct illicit activity on public websites and forums. Learn more about Allot’s Home Security options (such websites may be operated directly by the “bot herder”), or they may be legitimate websites compromised for this purpose.
British Standard 7799
A comprehensive guideline for securing information systems, outlining management frameworks, security objectives, and control requirements for effective information security management.
Broadcast
The process of sending a single message to multiple recipients simultaneously, allowing one host to communicate with all hosts on a network.
Broadcast Address
A network address that enables the transmission of a datagram to all devices within a given network, typically used with UDP or ICMP protocols.
Browser
A software application that retrieves, interprets, and displays content from the World Wide Web, enabling users to access websites and online services.
Brute Force
A trial-and-error attack method in which every possible combination is systematically tested until the correct one is found, commonly used in password cracking and cryptanalysis.
Buffer Overflow
A security vulnerability that occurs when a program writes more data to a buffer than it can hold, potentially causing system crashes, data corruption, or exploitable security flaws.
Bug
A bug is a mistake in the computer program’s code that can cause unexpected results. In this context, “programme” refers to the microcode built into a microprocessor, so debugging discovers errors before end users find them. After the code has been written, the debugging process begins and continues iteratively as the individual pieces of code are assembled into a larger whole.
Brute Force Attack
This technique aims to guess a password (or the key used to encrypt a message) by exhaustively trying all possible permutations of the password or critical until success is achieved. Limiting the number of failed password attempts (say, to three before requiring a 15-minute wait to try again) is one way to make a system less vulnerable to Brute Force Attacks.
C-D
Cache
A high-speed storage mechanism designed to improve data retrieval efficiency. It can be a reserved section of memory or a separate fast-access storage device. Common types include memory caching and disk caching in personal computers.
Cache Cramming
A technique that deceives a browser into executing cached Java code from the local disk instead of the internet zone, allowing it to bypass security restrictions.
Cache Poisoning
An attack in which a name server stores and serves malicious or incorrect data, often used in DNS cache poisoning to redirect users to fraudulent sites.
Call Admission Control (CAC)
A security mechanism in voice networks that monitors and regulates inbound and outbound call activity through a voice firewall, enforcing predefined user policies.
CAPTCHA
CAPTCHA is short for a Completely Automated Public Turing test. It’s a challenging test to differentiate between humans and computers. Recognizing stretched letters or numbers and choosing a picture are some examples of CAPTCHA.
Certificate-Based Authentication
A security method that uses SSL and digital certificates to verify user identities and encrypt HTTP traffic, ensuring secure communication.
CGI (Common Gateway Interface)
A standard protocol that enables web servers to execute external scripts and generate dynamic responses based on user requests.
Chain of Custody
A crucial legal principle ensuring that digital evidence is properly handled, documented, and preserved according to the Federal Rules of Evidence.
An authentication method that uses a challenge-response mechanism, where each response is unique to prevent replay attacks and enhance security.
Checksum
A calculated value derived from a data set, used to detect errors or alterations by verifying data integrity during storage or transmission.
Cipher
A cryptographic algorithm designed for encrypting and decrypting data to ensure confidentiality and security.
Ciphertext
The encrypted version of a message, making it unreadable without the correct decryption key.
Circuit-Switched Network
A type of network where a dedicated, continuous physical connection is established between two endpoints for the duration of the communication session.
Client
A system or application that requests and utilizes services from another system, known as a server. In some cases, a server can also act as a client to another server.
Cloud Computing
A technology that relies on remote servers hosted by cloud providers to store, manage, and process data, reducing reliance on local hardware and infrastructure.
Cloud Security
Cloud security refers to policies, practices, and tools developed to protect an organization’s sensitive data from external and internal aggressors. As businesses adopt a digital transformation strategy and rely more heavily on cloud-based applications and services, they must ensure their data is safe in the cloud. In recent years, the phrases “digital transformation” and “cloud migration” have become commonplace in business contexts. Both terms have varying meanings depending on the organisation, but they all have one thing in common: a desire for change.
Clickjacking
Clickjacking, also called “deceptive layering” or “UI redressing,” is essentially an online trickery where someone deceives you into clicking something different from what you think you are clicking. Imagine it like a hidden trap set on a website.
Collision
An event where multiple systems attempt to transmit data simultaneously over the same network segment, causing interference.
Competitive Intelligence
The process of gathering and analyzing publicly available information about competitors to gain strategic business insights—operating within legal or ethically ambiguous boundaries.
Computer Emergency Response Team (CERT)
A specialized group that researches cybersecurity threats, assists organizations in responding to security incidents, and issues alerts about vulnerabilities and risks to improve overall security.
Computer Network
A system of interconnected computers and devices that communicate and exchange data through various networking protocols.
Confidentiality
The principle of restricting information access to only authorized individuals, ensuring sensitive data remains private and secure.
Configuration Management
The practice of establishing and maintaining a consistent system setup by tracking and controlling hardware, software, and network configurations.
Cookie
Cookies are small text files that contain identifying information about your computer and its activities on a network, such as a username and a password. HTTP cookies track users’ preferences and improve their online experience.
Corruption
A malicious or accidental action that modifies system functions or data, negatively impacting system operations.
Cost-Benefit Analysis
A decision-making process that evaluates the financial and security trade-offs of implementing countermeasures against potential risks.
Countermeasure
A reactive security measure designed to prevent, detect, or mitigate an exploit, such as firewalls, patches, intrusion prevention systems, and malware filters.
Covert Channels
A hidden method of communication that uses standard system operations to secretly transfer information between entities, often bypassing security controls.
Crimeware
Malicious software specifically designed to generate financial gain for cybercriminals by enabling activities like data theft, keylogging, or launching cyberattacks.
Cron
A Unix-based scheduling tool that automates recurring tasks by executing scripts or commands at predefined times.
Crossover Cable
A networking cable with reversed wire pairs, allowing direct device-to-device connections without the need for a switch or hub.
Cryptanalysis
The study and practice of analyzing cryptographic systems to identify weaknesses and decrypt information without access to the key.
Cryptographic Algorithm or Hash
A mathematical function used in cryptography for encryption, hashing, digital signatures, and secure key exchange.
Cut-Through
A network switching method that reads only a packet’s header before forwarding it, optimizing speed at the cost of error detection.
Cyber-Attack
A deliberate attempt to gain unauthorized access to, disrupt, steal from, or damage computer systems, networks, or data.
Cyber Security
When protecting sensitive company data, cyber security refers to the measures taken to prevent unauthorised access to or manipulation of a company’s information-carrying assets. To do so successfully, one must be well-versed in the various threats one may face, including viruses and other malicious objects. The core of any company’s cybersecurity strategy is made up of identity management, risk management, and incident management.
Computer Virus
A computer virus is a malicious code that spreads from host to host and replicates itself. Once it attaches itself to a legitimate file in a computer, it causes unexpected damage to software and data.
Cookies
Cookies are the pieces of information, such as a username and password, to recognize your computer. While there are different types of cookies, which are magic, and HTTP cookies, their target is personalization and tracking.
Daemon
A background process that runs continuously, typically starting at system boot, handling requests, and forwarding them to appropriate programs. Common in Unix-based systems, but also present in other operating systems under different names, such as services in Windows.
Data Aggregation
The process of combining multiple data sources to create a more comprehensive view, often used for analysis, pattern recognition, or decision-making.
Data Breach
Data breach describes unauthorized access to information. Because of network vulnerabilities, a significant amount of data can be nabbed through data breaches.
Data Custodian
An entity responsible for managing, storing, and protecting data while it is in use or being processed, ensuring compliance with security policies.
Data Encryption Standard (DES)
A symmetric-key encryption algorithm that uses a 56-bit key to encrypt and decrypt data. Once widely used, DES has been largely replaced by stronger encryption standards due to its vulnerability to brute-force attacks.
Data Mining
A process of analyzing large datasets to identify patterns, trends, or relationships, often used for business intelligence, marketing, and decision-making.
Data Owner
An individual or organization with ultimate authority and responsibility for data, including its classification, security, and access permissions.
Data Protection
Data protection is the process or strategy to secure pieces of information. In this way, loss, corruption, or compromise can be prevented. Also, this term covers the recovery period through information backup.
Data Warehousing
The process of consolidating multiple independent databases into a centralized repository to improve data management, analysis, and reporting.
Datagram
A self-contained unit of data that carries sufficient information to be routed independently from source to destination without relying on prior exchanges. Often synonymous with “packet,” datagrams are fundamental to connectionless communication protocols like the Internet Protocol (IP).
Day Zero (Zero Day)
The day a newly discovered vulnerability is made public. A “zero-day exploit” refers to an attack that takes advantage of this vulnerability before a security patch is available.
Decapsulation
The process of removing protocol headers from a data packet as it moves up through the layers of the networking stack, allowing the data to be processed by the appropriate application.
Decryption
The process of converting encrypted data (ciphertext) back into its original readable form (plaintext) using a decryption key or algorithm.
Deepfake
Deepfakes are synthetic media, meaning they are manipulated using artificial intelligence (AI) to create realistic video or audio recordings that never actually happened. They typically involve replacing a person’s face or voice with someone else’s, often with the goal of making it appear genuine.
Defacement
The unauthorized modification of website content, often to vandalize, spread misinformation, or embarrass the site owner.
Defense In-Depth
A cybersecurity strategy that employs multiple layers of security controls to protect against threats, ensuring that if one layer fails, others remain effective.
Demilitarized Zone (DMZ)
A subnetwork that serves as a buffer zone between an internal network and external networks (e.g., the internet). DMZs enhance security by isolating externally accessible services, reducing direct exposure of internal systems to threats.
Denial of Service (DoS)
A cyberattack that disrupts or degrades system operations, preventing legitimate users from accessing resources. Common methods include overwhelming a system with traffic or exploiting vulnerabilities.
Dictionary Attack
A password-cracking technique that systematically tries words from a predefined list, such as a dictionary, to guess a password, in contrast to brute force attacks that try all possible character combinations.
Diffie-Hellman
A cryptographic algorithm developed in 1976 by Whitfield Diffie and Martin Hellman, used to securely establish a shared secret key over an untrusted network. It enables encrypted communication but does not perform encryption itself.
Digest Authentication
A security mechanism in which a web client proves its knowledge of a password by sending an MD5 hash of the password instead of the plaintext password, reducing the risk of interception.
Digital Certificate
An electronic credential issued by a Certificate Authority (CA) that verifies an entity’s identity online. It includes the entity’s name, public key, expiration date, and the CA’s digital signature, enabling secure communications and authentication.
Digital Envelope
An encrypted message that includes both the encrypted content and the encrypted session key used to decrypt it, combining symmetric and asymmetric encryption for secure communication.
Digital Security
Digital security is a set of terms that define the resources to protect your assets, like online identity and data. This can be built and maintained through numerous tools like software, web services, and biometrics.
Digital Signature
A cryptographic hash of a message that uniquely identifies the sender and ensures the message has not been altered during transmission. It provides authenticity, integrity, and non-repudiation.
Digital Signature Algorithm (DSA)
An asymmetric cryptographic algorithm that generates a digital signature as a pair of large numbers. The signature is mathematically linked to the sender’s identity and the integrity of the signed data.
Digital Signature Standard (DSS)
A U.S. government standard specifying the Digital Signature Algorithm (DSA) for generating and verifying digital signatures using asymmetric cryptography.
Disassembly
The process of converting a compiled binary program back into human-readable source code, often used in reverse engineering and security analysis.
Disaster Recovery Plan (DRP)
A structured approach for restoring IT systems, data, and operations in the event of a disruption or disaster, ensuring business continuity.
Discretionary Access Control (DAC)
An access control model where users can determine access permissions for resources they own, such as setting document passwords or granting file access.
Disruption
An event or circumstance that interrupts or prevents the normal operation of system services, causing downtime or performance degradation.
Distance Vector
A routing protocol method that determines the best path to a network by measuring the cost of routes and sharing this information with neighboring routers.
Distributed Scans
A reconnaissance technique in which multiple source addresses are used to perform network scans, making detection and attribution more difficult.
Domain
A logical grouping of network resources or entities, identified by a unique name. On the internet, a domain represents a set of network addresses, while in enterprise systems, it refers to a collection of resources under centralized management.
Domain Hijacking
A cyberattack where an attacker takes control of a domain by interfering with its DNS settings, redirecting traffic, or altering ownership records.
Domain Name
A human-readable identifier that represents an organization’s presence on the internet. For example, in “www.example.com,” “example.com” is the domain name, helping users access websites without memorizing IP addresses.
Domain Name System (DNS)
A hierarchical naming system that translates human-readable domain names into numerical IP addresses, enabling users to access websites and online services easily.
DOS
Disk operating system, or DOS, refers to an OS booted directly from a disc. The term can also refer to a specific group of disc operating systems, most notably the Microsoft Disk Operating System (MS-DOS).
A Denial-of-Service (DoS) attack is an assault designed to prevent users from accessing a system or network. DDoS attacks succeed by overwhelming their targets with traffic or crashing them with malicious data. When a DoS attack occurs, legitimate users (such as employees, members, or account holders) are denied access to the service or resource they were counting on.
DDoS
Distributed denial-of-service (DDoS) attacks are another name for distributed network attacks. An attack of this type targets the limitations of a network resource, such as the servers hosting a business’ website, to overwhelm them and cause them to crash. A distributed denial of service (DDoS) attack aims to overcome the attacked website with so many requests that it cannot serve legitimate users.
Due Care
The practice of implementing a reasonable level of security and protection in line with industry best practices to mitigate risks and safeguard assets.
Due Diligence
The proactive process organizations follow to identify, assess, and mitigate risks by developing and implementing security measures to prevent fraud, abuse, and other threats, as well as detecting them if they occur.
DumpSec
A security auditing tool that extracts and displays detailed system information, including user accounts, file system structures, registry settings, permissions, password policies, and running services.
Dumpster Diving
A technique used by attackers to retrieve sensitive information, such as passwords and internal documents, by searching through discarded materials like trash bins, shredded papers, or old storage media.
Dynamic Link Library (DLL)
A collection of reusable program modules that can be loaded and executed by larger programs as needed, allowing efficient code sharing and enabling applications to communicate with specific hardware or software components.
Dynamic Routing Protocol
A networking protocol that enables routers to automatically discover and update routes by exchanging information with neighboring routers. Examples include RIP (Routing Information Protocol) and EIGRP (Enhanced Interior Gateway Routing Protocol). This process helps maintain optimal network paths without manual intervention.
E-F
Echo Reply
An Internet Control Message Protocol (ICMP) response sent by a machine that has received an Echo Request, confirming its availability and measuring network latency.
Echo Request
An ICMP message sent to a target machine to check its availability and round-trip time, commonly used in network diagnostics (e.g., via the ping command).
Egress Filtering
A security measure that monitors and restricts outbound traffic from a network to prevent data leaks and unauthorized communication.
Emanations Analysis
A technique used to intercept and analyze unintended electromagnetic signals emitted by electronic devices to extract sensitive data, often associated with TEMPEST attacks.
Encapsulation
The process of enclosing one data structure within another, such as wrapping network packets within additional protocol headers to facilitate secure transmission.
Encryption
The cryptographic process of converting plaintext into ciphertext, rendering data unreadable to unauthorized parties, ensuring confidentiality and security.
Ephemeral Port
A short-lived, dynamically assigned network port (above 1023) used temporarily by client applications to establish connections with servers, disappearing when the session ends.
Escrow Passwords
Passwords stored securely in a controlled environment, such as a safe or a password management system, for emergency access when authorized personnel are unavailable.
Ethernet
A widely used LAN (Local Area Network) technology defined by IEEE 802.3, utilizing coaxial cables or twisted-pair wiring and operating on a CSMA/CD (Carrier Sense Multiple Access with Collision Detection) protocol to manage network traffic.
Ethical hacking
“Ethical hacking,” also known as “penetration testing,” is the practice of gaining unauthorised access to a computer system or network to identify security flaws that could be exploited by a malicious actor, resulting in monetary or other types of loss. The people who do this seek to strengthen a system or network’s safety by exploiting security flaws to patch them. To better secure and defend systems from attacks by malicious users, ethical hackers may use the same methods and tools as malicious hackers, but only with permission from the authorised person.
Email Virus
An email virus is a malicious code it is spread through email. It is delivered through an email message and downloads an email attachment. While there are various email viruses, they aim to access unauthorized information.
Endpoint Security
Endpoint security is a comprehensive approach to protecting networks, systems, and data from external threats. It leverages advanced technologies such as endpoint protection, access control, and network security to detect and respond to threats in real-time.
Exponential Backoff Algorithm
A network congestion control technique that dynamically adjusts TCP timeout values, gradually increasing the delay between retransmission attempts when packets fail to send, preventing excessive traffic on overloaded network links.
Exposure
A security risk in which sensitive data is unintentionally or intentionally disclosed to an unauthorized entity, potentially leading to data breaches or other threats.
Extended ACLs (Cisco)
A more advanced type of Access Control List (ACL) on Cisco routers that filters network traffic based on multiple parameters, including source and destination IP addresses, port numbers, protocols, and connection states. Unlike standard ACLs, extended ACLs provide more granular control over traffic filtering.
Extensible Authentication Protocol (EAP)
A flexible authentication framework used in PPP (Point-to-Point Protocol) and wireless networks, supporting various authentication methods such as passwords, challenge-response, and certificate-based authentication.
Exterior Gateway Protocol (EGP)
A protocol designed to exchange routing information between different autonomous systems (AS) on the internet, allowing routers to determine optimal paths for data transmission between networks.
False Rejects
A situation where an authentication system incorrectly denies access to a valid user, often seen in biometric security systems.
Fast File System (FFS)
An improved version of the Unix file system designed for faster read and write access, using inodes and data blocks to optimize disk storage and retrieval.
Fast Flux
A botnet technique that rapidly changes DNS records to different IP addresses, making it difficult to track and mitigate malicious domains.
Fault Line Attacks
Exploiting weaknesses between system interfaces to take advantage of gaps in security coverage, often targeting integration points between applications or networks.
File Transfer Protocol (FTP)
A standard TCP/IP protocol used for transferring text and binary files across networks, commonly used for website file management and data exchange.
Filter
A mechanism that determines which network packets will be displayed (in sniffers) or blocked (in firewalls) based on predefined criteria.
Filtering Router
A specialized router that selectively allows or blocks packets based on security policies, commonly used as a firewall component to enforce access control rules.
Finger
A Unix-based protocol that retrieves user information from a remote system, such as login status, full name, and contact details, if available.
Fingerprinting
A reconnaissance technique where specially crafted packets are sent to a system to analyze its responses, allowing attackers or security professionals to identify the target’s operating system and network configuration.
Firewall
A firewall is a network security device that monitors the network traffic and manages the incoming or outgoing traffic, if necessary. There are various kinds of firewalls, all aiming to protect the network.
Firmware
Firmware is a form of software permanently embedded within a physical device. It functions independently of application programming interfaces (APIs), the operating system, and device drivers, providing the necessary instructions and guidance for the device to communicate with other devices or carry out a predetermined set of basic tasks and functions. Even the simplest devices would be useless without firmware. For this reason, it is typically kept as close to the device’s metal as possible on a Read-Only Memory (ROM) chip to prevent accidental deletion.
Fileless Malware
FM, also known as “non-malware” or “fileless infection,” is a type of malware that does not persist in any persistent storage medium, infecting only in-process and in-memory data structures and service areas. This is in contrast to the traditional memory-resident virus, which must come into physical contact with a non-volatile storage medium like a hard drive or a thumb drive to execute. Fileless malware, typically acquired through visits to malicious websites, does not take the form of a file that can be analysed by standard antivirus software. It hides in a computer’s RAM and is nearly impossible to track down. However, after a computer restart, everything should return to normal, as this malware is typically not designed to survive.
Firewall
A security system that monitors and controls incoming and outgoing network traffic, either through hardware or software, to block unauthorized access and protect resources from malicious attacks.
Flooding
A type of attack where a system is overwhelmed by excessive requests or data, potentially causing it to crash or become unresponsive by exceeding its processing capacity.
Forest
In Active Directory, a forest is a collection of one or more domains that share a common schema and configuration, and replicate data between each other.
Fork Bomb
A denial-of-service attack that continuously uses the fork() system call to create new processes, eventually exhausting system resources by filling up the process table, rendering the system unusable.
Form-Based Authentication
A method of authentication where users are prompted to enter a username and password into a web form, which is then validated against the system to grant access.
Forward Lookup
The process of using a domain name to resolve or find the corresponding IP address through DNS (Domain Name System) queries.
Forward Proxy
A server that acts as an intermediary between a client and the internet, forwarding client requests to the appropriate servers while often providing content filtering, caching, and security functions.
Fragment Offset
A field in the IP header that indicates where a fragment belongs in the sequence of fragments that make up a larger packet, ensuring correct reassembly upon arrival.
Fragment Overlap Attack
An attack exploiting the fragmentation mechanism in TCP/IP packets, where fragments overlap with incorrect offsets, causing the reconstructed packet to overwrite critical information like port numbers, potentially bypassing security controls.
Fragmentation
The process of dividing a large data file into smaller packets (fragments) for transmission, which are later reassembled at the destination to reconstruct the original data.
Frames
Units of data transmission in network communications, which consist of both the data being sent and the associated control information such as headers and trailers, to ensure proper delivery and protocol handling.
Full Duplex
A communication mode where data can be transmitted and received simultaneously, allowing for two-way communication without interference.
Fully-Qualified Domain Name (FQDN)
A complete domain name that specifies the exact location of a server within the domain hierarchy, including the hostname and the domain name (e.g., www.example.com).
Fuzzing
A technique used in security testing where random or unexpected inputs are provided to a program to identify vulnerabilities or defects that could lead to crashes or unexpected behaviors.
G-H
Gateway
A network device that serves as a bridge or entry point between different networks, often performing tasks like routing, traffic control, and security filtering to allow communication between different network segments.
gethostbyaddr
A DNS query used to resolve an IP address into a corresponding domain name, essentially performing a reverse lookup to determine which domain name is associated with a given IP address.
gethostbyname
A DNS query used to resolve a domain name into its corresponding IP address, enabling communication with the specific host on the network when the domain name is known.
GNU
A free and open-source operating system resembling Unix, which includes source code that can be freely copied, modified, and distributed. The GNU Project was launched in 1983 by Richard Stallman with the aim of creating a completely free operating system.
Gnutella
A decentralized peer-to-peer file sharing network that allows users to share files directly with each other. It functions as both a server for sharing files and a client for downloading files from other users.
Hardening
The process of securing a system by identifying vulnerabilities and weaknesses, then applying fixes and security measures to minimize potential threats and reduce the risk of attacks.
Hardware
Hardware is what makes the computer run. There are external and internal hardware tools. Some external devices are a keyboard, speaker, microphone, and such. And some internal tools are a CPU (central processing unit), RAM or a hard drive, sound card, video card, and so on.
Hacker
A hacker solves a technical problem by employing their knowledge of computers, networks, or other related fields. As a broader concept, it can describe anyone who illegally gains access to computer systems or networks. A hacker may steal data for malicious purposes like identity theft, or they may shut down a plan and hold it, hostage for financial gain.
Hash
The process of “hashing” the critical results in a string of characters. With the help of a hash function, a randomly generated hash code can be used to represent the original data. Hash algorithms are commonly employed to ensure that a hacker or virus has not altered a file’s contents.
Hijack Attack
A type of active wiretapping attack where the attacker takes control of an ongoing communication session or connection. This allows the attacker to manipulate or intercept the data being transmitted, often without either party being aware.
Honeypot
A honeypot acts as a deceptive trap, mimicking a legitimate computer system or network. Its purpose is to lure attackers into believing it’s a real target, allowing security professionals to observe their behavior, study their tactics, and learn how to better prevent future attacks.
Honeymonkey
An automated system designed to simulate a user browsing websites, typically set up to detect websites that exploit vulnerabilities in web browsers. It is also referred to as a “Honey Client.”
Hops
A hop is each exchange or transition a packet makes with a gateway on its journey to the destination. Each hop represents a point where the packet is forwarded.
Host
A host is any computer that has two-way access to other computers on the internet, or a computer with a web server that serves content for one or more websites.
Host-Based ID
Host-based intrusion detection systems (IDS) use information from operating system audit logs to monitor operations on the host where the IDS is installed. These operations are then compared to a predefined security policy, often leading to significant overhead as the system processes audit data to detect potential intrusions.
HTTP Proxy
An HTTP Proxy is a server that acts as an intermediary between HTTP clients and servers, relaying requests and responses between the two.
HTTPS
When used at the beginning of a URL (before the colon), HTTPS indicates that HTTP is secured with an encryption mechanism, usually SSL (Secure Sockets Layer), to ensure secure communication.
Hub
A hub is a networking device that transmits data received on one port to all other ports, essentially broadcasting the data to every connected device on the network.
Hybrid Attack
A Hybrid Attack is a type of password-cracking method that builds on dictionary attacks by adding numerals and symbols to common dictionary words, making the attack more effective against complex passwords.
Hybrid Encryption
Hybrid Encryption combines two or more cryptographic algorithms, typically using a mix of symmetric and asymmetric encryption, to leverage the strengths of both types of encryption.
Hyperlink
A hyperlink is an element in hypertext or hypermedia that links to related information located elsewhere. It can be activated by clicking on text, an image, or another visual element, directing the user to another page or resource.
Hypertext Markup Language (HTML)
HTML is the standard set of markup symbols or codes used to create web pages that are displayed in a web browser. It structures the content of a webpage, including text, images, links, and other elements.
Hypertext Transfer Protocol (HTTP)
HTTP is the protocol in the Internet Protocol (IP) suite used to transport hypertext documents across the internet. It is the foundation of data communication on the web.
I-K
IAM
IAM is an essential component of a comprehensive cybersecurity strategy, enabling organizations to protect their sensitive information, mitigate security risks, and ensure efficient and secure access to resources for authorized individuals.
identity and access management (IAM) plays a critical role in maintaining the confidentiality, integrity, and availability of an organization’s information assets by preventing unauthorized access, reducing the risk of data breaches, and supporting compliance with regulatory requirements. It helps streamline user provisioning and deprovisioning processes, simplifies access management across various systems and platforms, and provides audit trails for monitoring user activities.
Identity Check
Credentials presented by a requester for access are compared with those stored in the Personal Identity Verification (PIV) database linked to the PIV Card or a derived PIV credential to verify or disprove the claim of identity.
Identity Theft
Perpetrators of identity theft use stolen personal data to commit fraud and other offences. A criminal can execute various types of fraud using this stolen information after assuming the victim’s identity. Cybercriminals commit identity theft through complex methods of cyber attacks, such as social engineering, phishing, and malware. Theft of mail, rummaging through trash cans, and eavesdropping on phone calls are all examples of the more primitive methods that can lead to identity theft.
Incident
An incident refers to an adverse event or the threat of such an event occurring within an information system or network, which may affect its security, functionality, or integrity.
Incident Handling
Incident handling is a comprehensive action plan designed to address security events such as intrusions, cyber-thefts, denial of service attacks, fires, floods, and other disruptive incidents. It typically follows a six-step process: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned.
Incident Response
Incident response is a structured process for identifying, managing, and mitigating the effects of cybersecurity incidents. The goal is to minimize damage, recover normal operations, and prevent similar occurrences in the future.
Incremental Backups
Incremental backups only store files that have changed since the last backup, which helps save storage space and speeds up the backup process. When using dump levels, these backups will only capture files altered since the most recent lower dump level backup.
Inetd (xinetd)
Inetd (or Internet Daemon) is an application that controls various smaller internet services, such as telnet, FTP, and POP, by listening for requests and spawning the appropriate service.
Inference Attack
Inference attacks involve using seemingly unrelated pieces of information to make logical connections, enabling an attacker to deduce sensitive data or gain unauthorized access.
Information Security
Information security (InfoSec) is the practice of safeguarding information from unauthorized access, alteration, destruction, or disruption. It encompasses measures to ensure the confidentiality, integrity, and availability of data.
Information Warfare
Information warfare refers to the strategic competition between offensive and defensive forces over information resources, with the goal of influencing, disrupting, or controlling the flow of information.
Ingress Filtering
Ingress filtering involves filtering inbound traffic to prevent malicious or unauthorized data from entering a network, ensuring that only legitimate traffic is allowed.
Input Validation Attacks
Input validation attacks occur when an attacker sends abnormal or malformed input to an application, hoping to exploit weaknesses in the application’s input validation mechanisms and confuse the system.
Insider Threat
An insider threat occurs when a trusted computer systems user, such as an employee or contractor, risks a company by gaining unauthorised access to proprietary information that traditional, perimeter-based security measures would otherwise protect.
IP Address
When a device is connected to a network, it is given a unique identifier in the form of a set of numbers known as an IP address or Internet Protocol address. Computers use IP addresses for communication across the Internet and other networks.
IP Flood
An IP flood is a type of denial-of-service attack where a target host is overwhelmed with a large number of echo request (“ping”) packets, more than the system can process, causing it to slow down or crash.
IP Forwarding
IP forwarding is a configuration in an Operating System that allows a host to function as a router. A system with multiple network interfaces needs IP forwarding enabled to route traffic between them.
IP Spoofing
IP spoofing is the practice of altering the source IP address in an IP packet to make it appear as if it comes from a trusted source, typically used for malicious purposes like bypassing security measures or launching attacks.
ISO
The International Organization for Standardization (ISO) is a non-governmental, non-treaty body formed in 1947 that develops and publishes international standards for various industries. It consists of national standardization bodies as members and works to ensure consistency and quality in global practices.
Issue-Specific Policy
An Issue-Specific Policy addresses particular needs or issues within an organization, such as a password policy or a data retention policy, to manage and regulate those specific aspects effectively.
ITU-T
The International Telecommunication Union – Telecommunication Standardization Sector (ITU-T) is a UN-affiliated organization that focuses on developing international standards, known as “Recommendations,” for telecommunications. It comprises national postal, telephone, and telegraph authorities.
Javascript
Simply put, JavaScript (JS) is a scripting language widely deployed across the Web. It is commonly found within HTML code, where it serves to improve web pages. The JavaScript language is interpreted. There is no need to compile it because of this. With JavaScript, websites can have a more interactive and dynamic appearance.
Jitter
Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.
Jump Bag
A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.
Keylogger
Specifically designed to record every key you press on a computer or mobile device, keyloggers are a common security threat. These can be placed on your computer to secretly track your activity while you usually continue using your equipment. Criminals can use keyloggers to steal your information, but they are also used for legitimate purposes, like providing feedback during software development.
Kerberos
Kerberos is a network authentication protocol developed by the Massachusetts Institute of Technology (MIT). It uses symmetric cryptography (typically DES) and relies on a ticket-based system to provide secure authentication between client and server entities within a distributed network. This protocol ensures that users and services can securely verify their identities over potentially insecure channels.
Kernel
The Kernel is the central part of an operating system that controls and manages the system’s hardware resources and software operations. It provides essential services such as memory management, process scheduling, and system calls, ensuring the smooth functioning of the entire operating system. The kernel operates at the core level, while the shell, which interacts with the user, operates at the outermost level of the OS.
L-M
Lattice Techniques
Lattice Techniques involve using predefined security levels or labels (like classified, confidential, or secret) to determine and control access to information. These techniques are often used in security models like the Bell-LaPadula model, which restricts access based on users’ security clearances and the sensitivity of the data they’re trying to access.
Layer 2 Forwarding Protocol (L2F)
Layer 2 Forwarding Protocol (L2F) is a tunneling protocol originally developed by Cisco. It enables the encapsulation of Point-to-Point Protocol (PPP) frames within IP packets, allowing the creation of virtual private network (VPN) links over the Internet. This allows dial-up users to connect securely to a remote network while remaining transparent to the user.
Layer 2 Tunneling Protocol (L2TP)
Layer 2 Tunneling Protocol (L2TP) is a combination of two protocols—L2F and PPTP—that is widely used to create VPNs over the Internet. It extends PPP by providing tunneling capabilities, ensuring secure communication between clients and servers across public networks by encapsulating the PPP traffic into IP packets.
Least Privilege
Least Privilege is a fundamental security principle that limits user or application access to only the resources or actions necessary for their specific function. By reducing unnecessary permissions, the risk of misuse or compromise is minimized, making it an essential strategy for safeguarding systems and data.
Legion
Legion is a software tool designed to detect unprotected file shares across a network. It helps security administrators identify open file shares that may pose a security risk, allowing them to take corrective action to protect sensitive data from unauthorized access.
Lightweight Directory Access Protocol (LDAP)
Lightweight Directory Access Protocol (LDAP) is a protocol used to access and maintain distributed directory information services over a network. It enables users to locate and retrieve information such as user credentials, resources, and network devices, whether on the public Internet or within a private network.
Link State
Link State refers to a routing protocol where each router in a network maintains a complete view of the network topology. Routers exchange link state information, allowing each to compute the best possible routes to every destination using the information collected from all routers in the network.
List Based Access Control
List Based Access Control (LBAC) associates a list of users and their corresponding privileges with each object (like a file, database, or device). This method enables precise control over who can access specific resources, granting permissions based on users’ membership in the access list.
Loadable Kernel Modules (LKM)
Loadable Kernel Modules (LKM) are pieces of code that can be dynamically loaded into the kernel of an operating system while it is running. This allows for the addition of new functionality, such as device drivers or system features, without requiring a system reboot.
Log Clipping
Log Clipping is the act of selectively removing entries from system logs to hide evidence of a security incident or compromise. Attackers may use this tactic to cover their tracks and prevent detection after gaining unauthorized access to a system.
Logic Bombs
Logic Bombs are malicious pieces of code embedded in a system that trigger a specific action or event when certain conditions are met, such as a particular date or system state. These bombs often cause harm to a system or network once activated, making them a significant security threat.
Logic Gate
A Logic Gate is a fundamental component of digital circuits that performs logical operations on one or more binary inputs to produce a single output. Common gates include AND, OR, and NOT, which are used to build complex decision-making circuits in computers and other digital systems.
Loopback Address
The Loopback Address (127.0.0.1) is a special IP address used to refer back to the local machine. When data is sent to this address, it is returned to the same system, allowing programs to test network services and configurations without actually transmitting data over a network.
MAC Address
A MAC Address (Media Access Control Address) is a unique identifier assigned to network interfaces for communications on a local network. This address is hard-coded into the network interface card (NIC) and ensures the proper routing of data at the data link layer of the OSI model.
Malicious Code
Malicious Code refers to any software or code (such as a virus, Trojan horse, or worm) that is designed to damage, disrupt, or steal data from a system. This code often appears to be harmless or even useful but is actually crafted to execute harmful actions when activated by the user or system.
Malware
Malware is an umbrella term that is short for malicious software. Malicious activities harm computers, computer systems, networks, and devices. While there are numerous kinds of malware, the most common ones are adware, spyware, worm, ransomware, and malicious crypto-mining.
Mandatory Access Control (MAC)
Mandatory Access Control (MAC) is a security model where the system enforces access control rules based on predefined classification levels assigned to both users and objects (like files or resources). Unlike discretionary access control (DAC), users cannot change these rules, ensuring a stricter, more secure environment where only authorized entities can access classified information.
Man-in-the-Middle Attack (MitM)
A Man-in-the-Middle (MitM) Attack occurs when an attacker secretly intercepts and relays communication between two parties who believe they are communicating directly with each other. This attack allows the hacker to eavesdrop on, alter, or inject malicious content into the conversation, making it a serious privacy and security threat.
Masquerade Attack
A Masquerade Attack is a type of cyberattack where an entity impersonates another legitimate entity in order to gain unauthorized access to systems or data. The attacker “masquerades” as someone trusted, like a system or user, to carry out malicious actions without detection.
md5
MD5 (Message Digest Algorithm 5) is a widely used cryptographic hash function that produces a 128-bit hash value. While once commonly used for integrity checks, MD5 is now considered broken and insecure due to vulnerabilities that allow hash collisions (two different inputs producing the same hash).
Measures of Effectiveness (MOE)
Measures of Effectiveness (MOE) is a probability model that helps assess the impact of specific actions in a given environment. In information warfare, MOE is used to evaluate the ability to effectively attack or defend within the cyberspace, quantifying how successful strategies and tactics are in achieving their objectives.
Metadata
Metadata is information about information. It tells you what’s inside a sure thing. Metadata describes other data; for images, this might include the file size, colour depth, image resolution, creation date, and more. A text document’s metadata may include its length, creator, creation date, and synopsis.
N-O
NAT (Network Address Translation)
Network Address Translation (NAT) is a technique used to allow multiple devices within a private network to share a single public IP address. This process “translates” the private IP addresses of devices into a public IP address, commonly used by home or small business networks. NAT is also sometimes employed on servers as an additional security measure to help protect the internal network from direct exposure to the internet.
National Institute of Standards and Technology (NIST)
The National Institute of Standards and Technology (NIST) is a U.S. government agency under the Department of Commerce, responsible for developing and promoting measurement standards. Previously known as the National Bureau of Standards, NIST plays a critical role in advancing science and technology by establishing standards that help industries and researchers maintain consistency and reliability in measurement across various fields.
Natural Disaster
A Natural Disaster refers to catastrophic events caused by natural forces such as fires, floods, earthquakes, lightning, or extreme wind. These disasters can disable or severely damage system components, resulting in interruptions or loss of data, which requires specific disaster recovery and business continuity plans to address.
Netmask
A Netmask is a 32-bit number used to define the range of IP addresses within a particular network, subnet, or supernet. For example, a common netmask for a class C network is 255.255.255.0, which determines which part of the IP address refers to the network and which part can be used for hosts.
Network Address Translation
Network Address Translation refers to the process of modifying the IP address used within one network to a different one known in another network. This typically involves an internal network (“inside”) translating its private IPs to a public IP when communicating over the internet, helping preserve public IP address space and adding a layer of security.
Network Mapping
Network Mapping is the process of creating a detailed, electronic inventory of the systems and services on your network. This process helps administrators understand the network structure, identify vulnerable systems, and improve network management and security.
Network Taps
Network Taps are hardware devices that are inserted into network cables to capture and duplicate the data traffic passing through them. This data is then sent to another device or system for analysis, providing an effective way to monitor and troubleshoot network performance or security issues without disrupting the network.
Network-Based IDS (Intrusion Detection System)
A Network-Based IDS monitors network traffic within a specific network segment to detect suspicious activity or intrusions. By operating in promiscuous mode, it captures and analyzes all packets traveling across the segment. This system is effective for detecting attacks that target network traffic, but it can only monitor traffic on the segment to which it is connected.
Non-Printable Character
A Non-Printable Character is a character in a character encoding system (like ASCII) that does not have a visual representation or letter. Examples include control characters like Linefeed (ASCII 10) and Carriage Return (ASCII 13). These characters are often used for formatting or control purposes rather than displaying visible symbols.
Non-Repudiation
Non-Repudiation ensures that the sender of a message cannot deny having sent it, and that the message has not been altered. This is crucial for maintaining trust and accountability, particularly in secure communications, where digital signatures or encryption are often used to provide proof of origin and integrity.
NSA (Stands for the National Security Agency)
The United States Department of Defense’s National Security Agency (NSA) operates as a national-level intelligence agency under the supervision of the Director of National Intelligence (DNI). The National Security Agency (NSA) is a government agency that focuses on signals intelligence to monitor, collect, and process data on a global scale for use in intelligence gathering and counterintelligence operations (SIGINT). The NSA also watches U.S. communications networks and information systems. To do this, the agency employs a wide range of methods, the vast majority of which are covert. The NSA’s existence was not made public until 1975. About 32,000 people work for the National Security Agency.
Octet
An Octet refers to a sequence of eight bits, which is equivalent to one byte. In networking and data communication, the term “octet” is often used to emphasize the 8-bit length, especially when discussing IP addresses or binary data.
One-Way Encryption
One-Way Encryption is a cryptographic process that transforms plaintext into ciphertext in such a way that it cannot be reversed to retrieve the original data, even if the cryptographic key is known. The only way to recover the original data is through exhaustive or brute-force methods, making the process highly secure for protecting sensitive information.
One-Way Function
A One-Way Function is a mathematical function where it is easy to compute the output given an input. However, the reverse operation—determining the original input from the output—is computationally infeasible (except through brute-force methods). This makes one-way functions ideal for cryptographic applications like hash functions.
Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) is a link-state routing protocol used within an autonomous system to determine the shortest path for routing data between routers. Routers using OSPF maintain a database that holds information about all routers in the network, including link costs and states. This protocol helps optimize routing decisions and enables fast adaptation to network changes.
Open Source
Anything whose source code is freely available to the public and thus can be altered and distributed is said to be “open source.” It was first used to describe a methodology for developing software. However, nowadays, “open source” designates a more comprehensive set of values that we call “the open source way,” including the principles of open exchange, collaborative participation, rapid prototyping, transparency, meritocracy, and community-oriented development.
OSI
OSI (Open Systems Interconnection) is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven distinct layers. These layers guide product implementers in creating systems that work seamlessly together, ensuring interoperability across different technologies. While the OSI model isn’t always strictly followed, it serves as a valuable reference for understanding communication between devices in a network. The model is often used to explain and design network protocols, offering a shared vocabulary and structure for telecommunications education and discussion.
OSI Layers
The OSI Layers model divides the communication process between two endpoints in a network into seven hierarchical layers. These layers manage specific functions in the communication process, from physical transmission to application-level interactions. The seven layers are as follows:
Layer 7: Application Layer – This layer handles user interactions, including identification, privacy, authentication, and data syntax constraints.
Layer 6: Presentation Layer – Converts data formats to ensure compatibility between systems, such as transforming text into a user interface format.
Layer 5: Session Layer – Manages the establishment, coordination, and termination of communication sessions between applications.
Layer 4: Transport Layer – Ensures reliable data transfer, managing error checking and end-to-end communication.
Layer 3: Network Layer – Handles routing and forwarding of data packets between devices across different networks.
Layer 2: Data-Link Layer – Provides error detection and correction at the data link level and ensures smooth data transfer between devices on the same network.
Layer 1: Physical Layer – Transmits raw bit streams over physical mediums, including cables and wireless signals.
Overload
Overload occurs when a system component is subjected to a workload beyond its capacity, leading to performance degradation. This can hinder the system’s ability to function efficiently, causing delays, crashes, or instability. Overloading can occur in network bandwidth, CPU capacity, or any other resource, and it requires optimization or resource management to restore optimal performance.
P-Q
Padlock
A padlock icon in your web browser’s address bar signifies a secure connection (HTTPS) and encryption to protect your data when communicating with the website.
Patch Management
A Patch is an update or fix that adds new or changed code to an OS or programme. Most software companies, except open-source ones, do not release their code to the public. Patches, then, are typically small bits of binary code that are inserted into preexisting software (using an install program).
Payload
Payload refers to the actual data or information within a packet that is intended for the application. In network communication, the payload is the part of the packet that carries the meaningful content, excluding headers or control information used for routing and managing the transmission.
Penetration
Penetration involves gaining unauthorized access to a system or network by bypassing its security defenses. The objective is to infiltrate and potentially exploit vulnerabilities in the system’s security, often to gain access to sensitive data or control over the system.
Penetration Testing
Penetration Testing is a simulated cyberattack conducted to evaluate the security of a network, system, or application. The test involves attempting to exploit vulnerabilities to identify weaknesses and assess the effectiveness of security measures in place. It’s an essential practice for understanding the external perimeter security of a network or facility, helping organizations patch potential vulnerabilities before malicious actors can exploit them.
Permutation
Permutation refers to the rearrangement of the elements (such as letters or numbers) in a given set or text. In encryption, permutation is used to scramble or shuffle the original message while keeping the same characters, making it harder to decipher without the correct decryption method.
Personal Firewalls
Personal Firewalls are security software programs installed on individual computers to monitor and control incoming and outgoing network traffic. Unlike enterprise-level firewalls that protect an entire network, personal firewalls focus on safeguarding the security of a single device by filtering network traffic and blocking unauthorized access attempts.
Pharming
Pharming is a sophisticated type of Man-in-the-Middle (MitM) attack where a user’s session is redirected to a fraudulent or malicious website, often without the user’s knowledge. This is typically achieved by compromising a DNS server and altering URL mappings, directing users to counterfeit websites that appear legitimate. Once on the fake site, the attacker can steal sensitive information like login credentials, which can then be used to perform fraudulent transactions or further attacks.
Phishing
“phishers” attempt to trick users into giving up sensitive information by impersonating a trustworthy website. The theft of private information like passwords, credit card numbers, and bank account information is a part of this. Phishing emails often look like they came from a bank, provider, or online payment system. The phishing attempt aims to get the target to enter or update their personal information. Reasons such as “suspicious login to the account” or “password expiration” are frequently given.
Ping of Death
Ping of Death is a type of cyberattack that sends an oversized ICMP Echo Request packet (also known as a “ping”) with the intention of overwhelming the input buffers of the target machine. The excessive size of the packet can cause the system to crash or become unresponsive.
Ping Scan
A Ping Scan is a method of scanning a network to identify which machines respond to ICMP Echo Requests (ping). It’s used to determine active devices or hosts within a network by sending a simple ping to each device and checking for a reply.
Ping Sweep
Ping Sweep is an attack that sends ICMP Echo Requests (“pings”) to a range of IP addresses, aiming to identify which hosts are alive and responsive. The attacker can then probe these active hosts for potential vulnerabilities to exploit.
Plaintext
Plaintext is readable data that has not been encrypted. It is the original, unencrypted text that can be easily understood by humans before encryption into ciphertext or after decryption.
Point-to-Point Protocol (PPP)
Point-to-Point Protocol (PPP) is a protocol used for communication between two computers over a serial interface, typically for dial-up connections. It packages TCP/IP packets from a computer and forwards them to a server to be transmitted over the Internet.
Point-to-Point Tunneling Protocol (PPTP)
Point-to-Point Tunneling Protocol (PPTP) is a protocol that creates a secure “tunnel” over the public Internet, allowing private corporate networks to extend securely over the Internet. It facilitates virtual private network (VPN) connections and provides encryption and data security.
Poison Reverse
Poison Reverse is a technique used in routing protocols, particularly in distance-vector protocols like RIP, to prevent routing loops. When a route becomes unavailable, the router advertises the route as unreachable by setting its metric to infinity, effectively “poisoning” the route and informing other routers that it is no longer valid.
Polyinstantiation
Polyinstantiation is the practice of allowing a database to maintain multiple records with the same key. This is used to prevent inference attacks by ensuring that sensitive or classified data can be maintained in the same system without allowing unauthorized access or conclusions to be drawn based on available data.
Polymorphism
Polymorphism is a technique used by malicious software (malware) to change its underlying code to avoid detection by antivirus programs. This allows the malware to appear as different entities each time it runs, making it harder for security tools to recognize and block it.
Port
A Port is an integer that uniquely identifies an endpoint of a communication stream. It serves as a “doorway” for data to enter or leave a computer, ensuring that the correct process or service receives the data. Only one process per machine can listen on a given port number.
Port Scan
A Port Scan is a technique used to discover open ports on a computer or network. Hackers use port scanning to identify which services are running on a system and probe them for vulnerabilities. It involves sending requests to various ports and analyzing the responses to find open ports.
Possession
Possession refers to holding, controlling, and having the ability to use information or assets. In security, it often refers to the idea that having control over a piece of information (like a password or encryption key) can be an indicator of access or ownership.
Post Office Protocol, Version 3 (POP3)
POP3 is an Internet protocol used by email clients to retrieve emails from a server. When a user connects to their mail server, POP3 allows them to download their messages from the server to their local machine, typically removing them from the server once retrieved.
Practical Extraction and Reporting Language (Perl)
Perl is a high-level programming language with syntax similar to C and designed for text processing, system administration, and network programming. It’s widely used for tasks such as extracting data from files and generating reports.
Preamble
A Preamble is a signal in network communications used to synchronize timing between systems before data transmission begins. It ensures that systems recognize the start of the data transfer and can interpret the data correctly. The specific preamble used depends on the network communication technology.
Pretty Good Privacy (PGP)
Pretty Good Privacy (PGP) is a cryptographic program used to secure email communications and other data exchanges. It provides encryption, digital signatures, and data integrity, making it difficult for unauthorized users to read or tamper with the data.
Private Addressing
Private Addressing refers to the use of private IP address ranges reserved for internal networks, which are not routable over the public Internet. These address ranges, defined by RFC 1918, are 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255, and are commonly used in local area networks (LANs).
Private Data
When we talk about “Private Data,” we’re referring to information that is either personally identifiable or that falls into one of the (including credit or debit card information, bank account information, or user names and passwords).
Proxy Server
A proxy server acts as an intermediary between your device (computer, phone, etc.) and the internet. It essentially sits in the middle, directing your requests to websites and services you want to access, and then relaying the information back to you.
Public Key
A Public Key is the openly shared component of a pair of cryptographic keys used in asymmetric cryptography. This key can be distributed widely and is used to encrypt data or verify digital signatures, while the corresponding private key is kept secret by the owner.
Public Key Encryption
Public Key Encryption is another term for asymmetric cryptography, where two keys (a public key and a private key) are used for encryption and decryption. The public key encrypts the data, and only the corresponding private key can decrypt it, ensuring secure communications.
Public Key Infrastructure (PKI)
Public Key Infrastructure (PKI) is a framework that enables secure data and financial exchanges over untrusted networks like the Internet. PKI uses a combination of public and private cryptographic key pairs, certificates issued by trusted authorities, and directory services to authenticate identities, encrypt communication, and manage the lifecycle of digital certificates.
Public-Key Forward Secrecy (PFS)
Public-Key Forward Secrecy (PFS) is a property of key agreement protocols in asymmetric cryptography that ensures session keys are not compromised even if one of the private keys used in the process is later exposed. It provides additional security by ensuring that the compromise of long-term private keys does not affect past encrypted sessions.
QAZ
QAZ is a network worm, often associated with malware that spreads through computer networks. It exploits vulnerabilities in network systems to replicate and propagate itself, potentially causing disruptions or breaches in network security.
R-S
Ransomware
Malicious software that encrypts files or locks users out of their computers to demand payment is known as “ransomware.” To extort money from victims, the malware presents a message offering to fix the system or retrieve the data if payment is made. Cybercriminals behind a scam may try to appear more legitimate by disguising themselves as fair law enforcement. A ransom note claims that the victim’s computer has been locked down or their files have been encrypted because they are using pirated software or have downloaded pirated materials.
ReCAPTCHA
Google’s reCAPTCHA is a no-cost tool for preventing spam and other forms of abuse on websites. A “CAPTCHA” is a Turing test to distinguish between humans and automated software. This problem is trivial for humans to solve but very challenging for “bots” and other malicious software.
Reconnaissance
Reconnaissance is the initial phase of an attack where an attacker gathers information about potential targets. This phase involves mapping out networks, identifying new systems, and probing for vulnerabilities that can be exploited during the attack.
Reflexive ACLs (Cisco)
Reflexive ACLs on Cisco routers are a security feature that helps make the router function similarly to a stateful firewall. It works by making filtering decisions based on whether a connection is part of an already established communication session, enhancing security by controlling inbound traffic based on outgoing requests.
Registry
The Registry in Windows operating systems is a centralized database that stores critical system and application settings. It contains configuration information, options, and other details required for the operating system and its applications to function properly.
Regression Analysis
Regression Analysis in software testing refers to using automated tests to check for potential issues caused by new changes in the software. It ensures that previously working functionality continues to operate as expected after updates, often using a set of tests that simulate all possible inputs, sometimes including techniques like “fuzzing.”
Request for Comment (RFC)
A Request for Comment (RFC) is a formal document published by the Internet Engineering Task Force (IETF) that describes the standards, protocols, and technologies related to the Internet. RFCs began in 1969 and have evolved into official guidelines that shape the development of the Internet and its technologies.
Resource Exhaustion
Resource Exhaustion attacks aim to deplete a system’s finite resources, like CPU, memory, or bandwidth. These attacks can render a system or network unresponsive, causing denial of service (DoS) and making it unavailable to legitimate users.
Response
A Response refers to the data or information sent in reaction to a request or stimulus. In cybersecurity, it often refers to the actions taken after detecting an attack or breach, such as an alert or a remedial action.
Reverse Address Resolution Protocol (RARP)
RARP (Reverse Address Resolution Protocol) is used by a machine in a local network to request its IP address from a gateway server. The protocol allows a machine, which only knows its MAC address, to discover its corresponding IP address, enabling it to communicate over the network.
Reverse Engineering
Reverse Engineering is the practice of disassembling and analyzing a system or component to understand its design, structure, and functionality. In cybersecurity, it’s often used to uncover vulnerabilities or gain unauthorized access to systems.
Reverse Lookup
A Reverse Lookup is the process of identifying the domain name (hostname) associated with a given IP address. It uses the IP address to find the corresponding domain name, often used for troubleshooting or gathering additional information about a target.
Reverse Proxy
A Reverse Proxy sits between the client and the backend servers, handling incoming HTTP requests from users and passing them to the appropriate web server. It then returns the server’s response to the client, acting as a gateway that hides the identity and structure of backend systems.
Risk Assessment
A Risk Assessment is a systematic process of identifying potential risks, evaluating their impact, and determining the likelihood of those risks affecting an organization. It’s a crucial step in managing and mitigating security threats.
Risk Averse
Being Risk Averse refers to the tendency to avoid risks, even at the cost of potentially losing opportunities. For example, choosing a more secure but expensive communication method (like a phone call) over a less secure one (like email) to avoid the risks associated with the latter.
Rivest-Shamir-Adleman (RSA)
Rivest-Shamir-Adleman (RSA) is an asymmetric encryption algorithm developed in 1977. It is widely used for secure data transmission and relies on the mathematical difficulty of factoring large prime numbers to protect sensitive data.
Role-Based Access Control (RBAC)
Role-Based Access Control (RBAC) assigns permissions based on roles within an organization. Users are granted access to system resources based on their roles, ensuring that individuals only have access to the information necessary for their job functions.
Root
In Unix-based systems, Root is the administrative superuser account. This account has full access to the system and is used for performing critical system-level tasks, including managing files, permissions, and user accounts.
Rootkit
A Rootkit is a set of malicious tools designed to hide the presence of an intruder on a system. It allows attackers to maintain privileged access to a machine while concealing their activities from system administrators and security software.
Router
A Router is a networking device that forwards data packets between different networks based on IP addresses. It connects local networks to external networks, such as the internet, and is responsible for determining the best route for data to travel.
Routing Information Protocol (RIP)
Routing Information Protocol (RIP) is a distance-vector routing protocol used to determine the best path for data to travel across a network. It uses hop count as its primary metric, where each router informs its neighbors of its available routes.
Routing Loop
A Routing Loop occurs when two or more routers incorrectly route data back and forth in a loop, repeatedly sending the same packet without reaching its destination. This typically happens due to incorrect routing configurations and can cause network congestion and inefficiency.
RPC Scans
RPC Scans are used to identify which Remote Procedure Call (RPC) services are active on a machine. These scans can help an attacker determine vulnerabilities associated with specific RPC services.
Rule Set-Based Access Control (RSBAC)
Rule Set-Based Access Control (RSBAC) is a type of access control where actions are determined by a set of rules that apply to entities performing operations on objects. RSBAC is typically used in environments that require detailed security policies based on complex rules.
S/Key
S/Key is a security mechanism that generates one-time passwords using a cryptographic hash function. The client applies the MD4 hash function multiple times to the user’s secret key to generate a sequence of 64-bit passwords, reducing the number of hash applications with each successive authentication.
Safety
Safety in a business context refers to the practices and measures taken to protect people from harm, including employees, customers, and visitors. It involves creating a secure environment by preventing accidents, injuries, and other forms of physical or emotional harm.
Scavenging
Scavenging involves searching through leftover data or system residue to uncover sensitive or confidential information. This often occurs after data is deleted or moved, and can be a means of unauthorized access to valuable data.
Secure Electronic Transactions (SET)
Secure Electronic Transactions (SET) is a protocol developed for secure online credit card transactions. It ensures that all parties involved (customer, merchant, and bank) are authenticated with digital signatures, encryption ensures the privacy of data, and provides integrity and end-to-end security during the transaction process.
Secure Shell (SSH)
Secure Shell (SSH) is a cryptographic protocol used for secure remote login and file transfers over a network. It allows users to log into another machine, execute commands, and securely move files between machines.
Secure Sockets Layer (SSL)
Secure Sockets Layer (SSL) is a security protocol developed by Netscape to encrypt data being transferred over the internet. It uses public key cryptography to protect data, ensuring that sensitive information remains private during transmission between web servers and browsers.
Security Policy
A Security Policy is a document or set of rules and guidelines that defines how an organization or system will protect its resources and sensitive information. It outlines security practices, access controls, and procedures for safeguarding assets from potential threats.
Segment
A Segment is another term for a TCP packet. It refers to a unit of data sent over the network during a communication session between two devices.
Sensitive Information
Sensitive Information is any unclassified data that, if disclosed, altered, or destroyed, could negatively impact national security, operations, or the interests of a government or organization. It typically includes personal, financial, or proprietary data.
Separation of Duties
Separation of Duties is a security principle that ensures critical tasks and privileges are divided among multiple individuals or systems to reduce the risk of fraud, errors, or misuse. It ensures that no single person or system has full control over all aspects of a process.
Server
A Server is a system that provides resources, services, or data to other systems (clients) on a network. Servers process requests from clients and respond with the requested information or services.
Session
A Session is a temporary virtual connection established between two systems during which they exchange data. A session allows for a consistent flow of information between two hosts, often for the duration of a specific task or transaction.
Session Hijacking
Session Hijacking occurs when an attacker takes control of an active session between two systems. By stealing session tokens or other identifying information, the attacker can impersonate a user and gain unauthorized access to resources.
Session Key
A Session Key is a temporary encryption key used during a single communication session to encrypt data. In symmetric encryption, session keys are used for the duration of the session and are discarded afterward to ensure secure communication.
SHA1
SHA1 is a cryptographic hash function that generates a fixed-size, one-way hash value. It is often used in digital signatures, certificates, and other security applications, but has been deprecated due to vulnerabilities compared to newer algorithms like SHA-256.
Shadow Password Files
Shadow Password Files are system files in which user passwords are stored in an encrypted format. These files prevent unauthorized users from accessing plain-text passwords, ensuring that sensitive authentication data remains secure.
Share
A Share refers to a resource on a system (like a file or printer) that has been made accessible to other systems or users. Sharing allows other networked devices to access and use the resource.
Shell
A Shell is a command-line interface in Unix-based systems that allows users to interact with the operating system. It interprets and executes commands entered by the user, and can also provide scripting capabilities for automating tasks.
Signals Analysis
Signals Analysis involves monitoring and interpreting signals emitted by systems to gain indirect knowledge of transmitted data. These signals may carry data that was not intended to be communicated directly, and can be intercepted or analyzed for security purposes.
Signature
A Signature in cybersecurity refers to a distinctive pattern or characteristic found in network traffic that can be linked to a specific attack tool, exploit, or vulnerability. Signatures are used in intrusion detection systems to identify known threats.
Simple Integrity Property
The Simple Integrity Property ensures that a user cannot write data to a higher integrity level than their own. This helps maintain data accuracy by preventing users from making unauthorized modifications to more critical or trusted information.
Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) is a protocol used for managing and monitoring network devices such as routers, switches, and servers. It allows network administrators to monitor performance, receive alerts, and manage devices remotely.
Simple Security Property
The Simple Security Property ensures that a user cannot read data classified at a higher security level than their own. This prevents unauthorized access to sensitive information by restricting users to the data they are cleared to view.
Site Scripting
Site scripting refers to a type of security vulnerability known as cross-site scripting (XSS). It occurs when an attacker injects malicious scripts into a website or web application, which are then executed by the user’s browser. These scripts can be used to steal sensitive information, manipulate website content, or launch further attacks. XSS vulnerabilities typically arise when user input is not properly validated or sanitized before being displayed on a web page. By exploiting these vulnerabilities, attackers can trick unsuspecting users into executing malicious code, compromising their privacy and potentially gaining unauthorized access to their accounts or systems. Preventing site scripting requires proper input validation, output encoding, and adherence to security best practices when developing web applications.
Sandboxing
A sandbox is a networked, user-mimicking environment used for cybersecurity testing. To prevent harm to the host device or network, sandboxes are used to run malicious code.
Social Engineering
Rather than physically breaking into a system or using technical hacking methods, social engineering is gaining popularity to gain unauthorised access to resources by exploiting human psychology and manipulating users. Instead of searching for a security flaw in the company’s software, a social engineer might email an employee posing as someone from IT, hoping to trick him into giving up confidential information. Spear phishing is based on deception and social engineering.
Spoofing
An attempt by a malicious actor to gain unauthorised access to a system by masquerading as a legitimate user is known as a “spoof.” Any action taken to make an unknown message appear to come from a trusted source is considered spoofing. Emails, phone calls, and even websites can all be spoofed, or one can get very technical and have their computer fake their IP address.
SSL certificate
When protecting data transmitted between a web server and a browser, the industry standard is a Secure Sockets Layer (SSL) protocol. Netscape created SSL to facilitate secure data transfer over the Internet.
Software
Software is a set of instructions that orders the computer to run a certain way. All programs, procedures, and routines are determined in software. There are two types of it, which are system and application software.
Spyware
Spyware is malicious software that collects the data in your computer and sends it to third parties. It gathers information like passwords and usernames, credit card numbers, account PINs, harvested email addresses, and so on.
T-U
T1, T3
T1 and T3 are digital circuits that use Time-Division Multiplexing (TDM) to transmit multiple data streams over a single communication link. T1 typically carries 1.544 Mbps, and T3 can carry 45 Mbps, providing fast communication speeds for large-scale networking.
Tamper
Tamper refers to the act of intentionally altering a system’s logic, data, or control information to make it perform unauthorized or malicious functions. This could involve changing system configurations or corrupting data to break security or gain unauthorized access.
TCP Fingerprinting
TCP Fingerprinting is a technique used to determine the operating system of a remote machine by analyzing the unique characteristics in the packet headers of TCP communication. This can help identify potential vulnerabilities specific to that operating system.
TCP Full Open Scan
TCP Full Open Scan is a port scanning technique where a full three-way handshake is performed on each port to check whether it is open. This method can be detected more easily but provides more reliable results.
TCP Half Open Scan
TCP Half Open Scan involves performing only the first half of a three-way handshake, which helps determine if a port is open. It’s stealthier than a full open scan because it doesn’t complete the handshake, leaving less traceable evidence.
TCP Wrapper
TCP Wrapper is a software tool used to monitor and restrict access to network services based on the source of the connection. It provides basic access control for incoming network traffic and enhances security by allowing only authorized connections.
TCP/IP
TCP/IP (Transmission Control Protocol/Internet Protocol) is the foundation of internet communication, where TCP handles data packet transmission and ensures order, while IP takes care of routing and addressing. It’s used for all internet communications, from web browsing to private network setups.
TCPDump
TCPDump is a free network packet analyzer for Unix-based systems. It allows network administrators to monitor and capture network traffic, providing valuable insights into the data being exchanged over a network.
TELNET
TELNET is an application-layer protocol that allows users to remotely log into another machine over a TCP network. While it’s a simple way to access remote systems, it transmits data (including passwords) in plaintext, which makes it less secure than more modern protocols like SSH.
Threat
A Threat is a potential event or circumstance that could breach security and cause harm to a system or organization. It can be anything from cyberattacks to natural disasters or even insider threats.
Threat Assessment
A Threat Assessment involves identifying and evaluating the potential threats an organization may face. This process helps prioritize risks and guides security strategies to mitigate or prevent damage.
Threat Model
A Threat Model is a structured approach used to identify and describe threats to a system, focusing on the potential harm they could cause. It helps define the security measures necessary to protect against those threats.
Threat Vector
A Threat Vector refers to the method by which a threat gains access to a target system or network. It could be anything from phishing emails to malware or even physical access to a device.
Time to Live
Time to Live (TTL) is a field in an IP packet that determines how long the packet can circulate in the network before being discarded. It’s used to prevent packets from endlessly circulating if there is a routing loop.
Tiny Fragment Attack
A Tiny Fragment Attack exploits the way IP fragmentation is handled. By sending unusually small fragments, the attacker can bypass filtering systems that rely on inspecting entire packets, making it harder to detect malicious traffic.
Token Ring
A Token Ring is a type of local area network (LAN) where computers are connected in a ring or star topology, and a token is passed around the network to control data transmission. Only the machine holding the token can send data, preventing collisions.
Token-Based Access Control
Token-Based Access Control uses tokens to assign specific access privileges to users. Each token corresponds to a set of privileges, and users must present a valid token to access certain resources or services.
Token-Based Devices
Token-Based Devices generate a new password every minute or on some other time-based schedule. The user must have the physical token to log in, ensuring two-factor authentication and providing enhanced security.
Topology
Topology refers to the layout or structure of a computer network. It can be physical (the actual connections and devices) or logical (how the data flows through the network), with common types including bus, star, and ring topologies.
Traceroute (tracert.exe)
Traceroute is a diagnostic tool used to trace the path that data packets take from the source to a destination across the internet. It helps identify where delays or failures occur during the data transmission process.
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a set of rules that governs how data is sent over the internet. It ensures that data packets are delivered reliably and in the correct order, making it crucial for applications that require accurate data transmission, such as web browsing and email.
Transport Layer Security (TLS)
Transport Layer Security (TLS) is a cryptographic protocol designed to provide secure communication over a computer network. It ensures privacy and data integrity by encrypting data sent between clients and servers, replacing the older SSL protocol.
Trialware
One type of shareware is “trialware,” which is time-limited software. After that, it will no longer be valid. One must purchase a registration key or password to continue using the software. Software demos can be limited in time. An application’s trial period might end after 30 days, even if those days aren’t consecutive. Advanced trialware, or “demoware,” stops users from repeatedly installing trial versions without paying. It might do this by accessing previously installed data, such as a hidden file or Windows Registry entry. Please research shareware and wares.
Trojan
A computer virus is known as a Trojan or Trojan horse. It is malicious software disguised to look like other types of software, such as utilities, games, or even antivirus software.
Trunking
Trunking is the practice of connecting multiple switches together so they can share information about Virtual Local Area Networks (VLANs). This allows devices on different switches within the same network to communicate as if they were on the same switch.
Trust
Trust defines the level of permissions and actions that other systems or users are allowed to perform on remote machines. Trust relationships help manage access control and security, ensuring that only authorized users or systems can carry out certain operations.
Trusted Ports
Trusted Ports are ports numbered below 1024, which are typically allowed to be opened by privileged users, such as the root user in Unix-based systems. These ports often handle critical services, like HTTP, FTP, and DNS.
Tunnel
A Tunnel in networking is a secure communication channel established by encapsulating one protocol’s data packets inside another protocol’s packets. Tunnels are used to create point-to-point connections, often for securely transmitting data across networks that don’t natively support the required protocol.
UDP Scan
A UDP Scan is a technique used in network security to identify open UDP ports on a system. Unlike TCP, which establishes a connection before data transmission, UDP is connectionless, making it more difficult to scan. However, performing a UDP scan can still provide insights into a network’s security posture.
Unicast
Unicast is a communication method where data is sent from one host to a single destination host over a network. It contrasts with broadcast, where data is sent to all devices on a network, and multicast, where data is sent to a group of devices.
Uniform Resource Identifier (URI)
A Uniform Resource Identifier (URI) is the general term used to describe the names and addresses that identify resources on the internet. It encompasses both URLs (Uniform Resource Locators) and URNs (Uniform Resource Names).
Uniform Resource Locator (URL)
A Uniform Resource Locator (URL) is the specific address used to access resources on the World Wide Web. It is typically structured to specify the protocol (e.g., HTTP or HTTPS), followed by the domain name or IP address and the path to the resource, such as a webpage or file.
Unix
Unix is a powerful, multi-user, multitasking operating system originally developed in the 1970s at Bell Labs. Known for its simplicity and flexibility, Unix became widely used, especially in academic and server environments, and has influenced many modern operating systems, including Linux and macOS.
Unprotected Share
An Unprotected Share in Windows refers to a shared resource, like a file or printer, that is accessible by anyone without any form of authentication or restriction. This lack of protection can lead to unauthorized access, making it a security risk.
User
A User refers to any person, organization, entity, or automated process that interacts with a system, whether they are authorized or not. Users can have various levels of access depending on their roles or permissions within the system.
User Contingency Plan
A User Contingency Plan outlines alternative methods for continuing business operations if IT systems become unavailable. It ensures that critical tasks can still be performed during system outages, reducing downtime and maintaining business continuity.
User Datagram Protocol (UDP)
The User Datagram Protocol (UDP) is a communication protocol used on IP networks that provides minimal error-checking and is connectionless. It sends datagrams (packets) directly from one machine to another without guaranteeing delivery or sequencing, making it faster but less reliable than TCP. UDP is commonly used for applications like video streaming or online gaming where speed is more important than reliability.
V-Z
VPN(Virtual Private Network)
By connecting to a VPN, a user’s computer or another device can send and receive data across a public or shared network as if it were directly related to the private network. It’s the equivalent of a secret, coded doorway in cyberspace.
Virus
A Virus is a type of malicious software that is hidden within another program. It is self-replicating and spreads by inserting copies of itself into other programs or files. A virus cannot operate on its own; it relies on the host program to be executed in order to activate and carry out its malicious functions.
Vishing (Voice or VoIP Phishing)
Vishing refers to phishing attacks that occur over voice channels, whether via traditional phone systems or Voice over Internet Protocol (VoIP). In vishing, attackers try to trick individuals into revealing personal or financial information by posing as legitimate entities through phone calls.
Voice Firewall
A Voice Firewall is a device or system used in voice networks to monitor, alert, and control inbound and outbound voice traffic. It operates based on user-defined policies related to call admission control (CAC), as well as security threats at the application layer, to prevent unauthorized access and ensure secure communication.
Voice Intrusion Prevention System (IPS)
A Voice Intrusion Prevention System (IPS) is a security management system for voice networks designed to detect and prevent various types of attacks or abuses, such as toll fraud, Denial of Service (DoS), telecom attacks, and other malicious activities. It monitors voice traffic for suspicious patterns and attack signatures to proactively secure voice communications.
Vulnerability
h3>Vulnerability is a weakness in the network that can result in a cyber attack and data breaches. Because of the vulnerability, malicious activity can be installed, and unauthorized access can occur. There are different types of vulnerabilities: SQL injection, missing authentication, missing authorization, missing data encryption, and free upload of files.
War Chalking
War Chalking refers to the practice of marking public areas, such as sidewalks or buildings, with chalk to indicate the presence of wireless signals. These markings are used to show where people can access wireless networks, often for unauthorized use.
War Dialer
A War Dialer is a computer program designed to automatically dial a series of telephone numbers to identify lines that are connected to computer systems. Once identified, these numbers are cataloged for attackers (crackers) to later attempt to exploit the systems.
War Dialing
War Dialing is a technique used to identify vulnerable modems in a telephone exchange. It involves dialing a range of phone numbers to find modems connected to systems that may be susceptible to compromise, bypassing perimeter security.
War Driving
War Driving involves driving around in search of wireless access points (Wi-Fi networks) to find unsecured or open networks. Attackers may use this method to gain unauthorized access to a network.
Web of Trust
A Web of Trust is a decentralized system of trust based on individuals trusting others’ digital signatures. Over time, users build trust in others’ signatures and the signatures that those trusted individuals endorse, creating a network of trusted identities.
Web Server
A Web Server is a software process running on a host computer that responds to requests from client web browsers using the Hypertext Transfer Protocol (HTTP). It serves web pages and other resources to users accessing a website.
White Hat Hacking
White-hat hackers are computer experts who use their expertise for the greater good, such as by locating security flaws in systems so they can be patched, thereby protecting sensitive information from malicious parties.
Worm
One type of computer virus is the worm, which can replicate and spread itself throughout a network simply by connecting to other computers.
Zero-Day
A zero-day is a computer software vulnerability either unknown to those who should be interested in its mitigation or known, and a patch has not been developed. Until the vulnerability is mitigated, hackers can exploit it to adversely affect programs, data, additional computers, or a network.
Zero-Day Exploit
A previously unknown bug, flaw, or backdoor in software. An attack happens once this flaw is exploited, and attackers release malware before the spot can be patched.
Why Should Everyone Be Aware of Cyber Security Terms?
Cyber security has become essential to our digital lives as we rely increasingly on technology and the Internet for communication, commerce, entertainment, and more. However, not everyone is aware of this digital world’s potential risks and threats, which is why understanding cybersecurity terms and concepts is crucial. Here are ten reasons why everyone should be aware of cybersecurity terms:
Protect Personal Data: With the amount of personal data we share online, it is essential to know how to secure this information and prevent cybercriminals from gaining unauthorized access.
Prevent Identity Theft: Cybersecurity terms like phishing, spoofing, and social engineering can help people recognize hackers’ tactics to steal personal information and prevent identity theft.
Avoid Financial Loss: Cybercriminals can use various methods to steal financial information or extort money from people, and understanding cybersecurity terms like ransomware, malware, and data breaches can help individuals avoid financial loss.
Protect Business Information: In today’s digital age, businesses must protect their data from cyberattacks to prevent significant financial loss or damage to their reputation. Knowing cybersecurity terms can help companies to identify potential vulnerabilities and take the necessary measures to protect themselves.
Protect Critical Infrastructure: Critical infrastructure, such as power grids, transportation systems, and healthcare facilities, are increasingly interconnected and reliant on technology. Understanding cybersecurity terms and concepts is essential to ensuring these systems remain secure and operational.
Promote Online Safety: By being aware of cybersecurity terms, individuals can promote online safety and help prevent cyberbullying, harassment, and other forms of online abuse.
Stay Ahead of Cyber Threats: Cyber threats are constantly evolving. Awareness of cybersecurity terms and trends can help individuals and organizations avoid these threats and proactively protect themselves.
Comply with Regulations: Many industries and countries have regulations related to cybersecurity, and knowing the relevant terms and concepts is essential to comply with these regulations.
Enhance Career Prospects: In today’s job market, employers are looking for individuals with a good understanding of cybersecurity. Knowing the relevant terms and concepts can help individuals enhance their career prospects and stay competitive.
Stay Informed: With the rapid pace of technological change, staying informed about cybersecurity trends and developments is essential. Knowing the relevant terms and concepts can help individuals stay informed and take proactive measures to protect themselves and their organizations.
Cyber security is an essential aspect of our digital lives. Everyone should know cybersecurity terms and concepts to protect themselves, their businesses, and critical infrastructure from cyber threats.
What are the 5 Cs of Cyber Security?
Cyber security is an ever-evolving field, with new threats and vulnerabilities emerging every day. As a result, knowing where to start when protecting your organization’s digital assets can be challenging. That’s where the 5 C’s of cybersecurity come in. These five key concepts provide a framework for understanding the most critical aspects of cybersecurity and how they relate to each other. Let’s take a closer look at each of the 5 C’s:
Confidentiality: Confidentiality refers to the protection of sensitive information from unauthorized access. This could include personal information, financial data, or trade secrets. Confidentiality requires strong access controls, such as passwords, encryption, and other security measures.
Integrity: Integrity is about maintaining the accuracy and consistency of data. This includes preventing unauthorized modifications, ensuring that data is not corrupted, and maintaining the authenticity of the information. Organizations need to implement controls such as data backup and recovery, version control, and change management procedures to ensure integrity.
Availability: Availability refers to ensuring that information and systems are available when needed. This includes preventing downtime from technical failures or cyber-attacks. Ensuring availability requires robust backup and disaster recovery systems, redundant hardware and networks, and continuous monitoring for potential disruptions.
Authenticity: Authenticity is about verifying the identity of users, devices, and applications. This includes preventing unauthorized access, ensuring that unauthorized parties do not modify data, and maintaining the integrity of digital identities. Authenticity is achieved through strong authentication and access control mechanisms.
Non-repudiation: Non-repudiation refers to the ability to prove that a user performed an action or made a statement. This includes verifying that a transaction was authorized, that data was not altered, and that communications were not intercepted. Non-repudiation is achieved through digital signatures, audit logs, and other security mechanisms.
These 5 C’s of cybersecurity provide a framework for understanding the most critical aspects of cybersecurity. By focusing on confidentiality, integrity, availability, authenticity, and non-repudiation, organizations can build a robust security posture that protects against a wide range of cyber threats. By implementing these principles, organizations can better handle the ever-evolving threat landscape and keep their data and systems safe from cybercriminals.
What are the 7 Types of Cyber Security?
Cyber security is a vital aspect of modern-day technology. With the increasing number of cyber-attacks, organizations and individuals need to understand the various cybersecurity measures available to protect their digital assets. In this blog, we’ll discuss the seven types of cybersecurity measures that you need to know.
Network security
Network security is the practice of protecting computer networks from unauthorized access, misuse, and attacks. It involves securing the network infrastructure, including routers, switches, firewalls, and other network devices. Network security also protects network traffic and communication channels through encryption and other security measures.
Application security
Application security is securing software applications from various threats and vulnerabilities in the software’s design, coding, or implementation. It involves using different security techniques such as authentication, encryption, access controls, and input validation to ensure the application is secure from attacks such as SQL injection, cross-site scripting, and buffer overflow.
Information security
Information security is the practice of protecting data and information from unauthorized access, theft, and damage. It involves implementing various security measures such as access controls, encryption, backup and recovery procedures, and incident response planning to protect data and information.
Cloud security
Cloud security is securing data and applications stored in the cloud. It involves connecting the cloud infrastructure, including the servers, storage devices, and virtual machines, and implementing various security measures such as access controls, encryption, and intrusion detection and prevention.
Mobile security
Mobile security protects mobile devices such as smartphones, tablets, and laptops from various threats and vulnerabilities. It involves securing the device’s hardware and software, implementing access controls, and using different security techniques such as encryption and mobile device management.
Endpoint security
Endpoint security secures devices such as desktops, laptops, and servers from various threats and vulnerabilities. It involves connecting the endpoint devices, implementing access controls, and using different security techniques such as encryption, antivirus software, and intrusion detection and prevention.
Internet of Things (IoT) security
IoT security is securing internet-connected devices such as smart homes, wearable, and medical devices from various threats and vulnerabilities. It involves connecting the IoT devices and communication channels, implementing access controls, and using different security techniques such as encryption, intrusion detection, and prevention.
Understanding the various cybersecurity measures available is essential in protecting your digital assets. Implementing these measures can help prevent cyber-attacks and safeguard your data and information. Remember that cybersecurity is an ongoing process that requires continuous monitoring and updating to ensure your digital assets remain secure.
Conclusion
Cyber security is a field that includes many branches. Thus, it consists of various terms and sets of words. By recognizing them and understanding their meanings clearly, building a solid cybersecurity strategy is possible. For a solid plan, you should know about information security basics and malicious activity types. In this way, you can be more prepared for threats. Recognition and awareness are keys to a better information security system.
You can build a cyber security culture in the office by training the employees about these terms. Creating this culture requires time and energy. However, once built, it is highly effective to prevent data breaches. That’s why every company needs to make a strategy for that and apply it. This way, the network’s vulnerability can be decreased even though cyber crimes become increasingly dangerous daily.
We’ll be updating our glossary regularly, so stay tuned. Feel free to get in touch to talk about how we can partner up to boost your cyber security brand. Don’t be shy! Just say “hi,” that’s nice too.
CONTACT US NOW!
The Global Cyber Security Network team is here to help! Get in touch, and we’ll happily answer all your questions.
●What are the differences between software and hardware?
While hardware is a set of physical devices to run the computer, the software is a programming code. Computers need hardware to run. However, they can run without software. The main difference is that the hardware is physical, but the software is virtual.
●What are the types of email viruses?
Some types of email viruses are direct action, resident, keyloggers, polymorphic, boot sector, and multipartite. To avoid these viruses, you should always be careful when clicking a link or downloading an attachment that was sent through an email.
● What are the differences between digital and cyber security?
The most fundamental difference between digital and cyber security is their protection coverage. Digital security protects the online presence. However, cyber security covers all areas, like networks, computer systems, and other devices. So, it offers both generalized and specified protection.
● What are the reasons for data breaches?
There are some common reasons for data breaches that need to be avoided by everyone. Some are drive-by downloads, system vulnerabilities, weak security measures, and targeted malicious activities. By building a solid cyber security strategy, data breaches can be prevented.
Credit card fraud isn’t just a common type of fraud, it’s an entire field of numerous different types of fraud that all fall under this umbrella term....
People trust websites and apps to protect their personal information when they log in. Many people believe that encryption and strong passwords are su...
Securing your online accounts has become more crucial in today's digital landscape. As cyber threats
READ MORE
Read It First Every Month
Subcribe to our monthly newsletter and join others to receive exclusive cyber security
content and tips directly to your inbox. Access our exclusive content now!
