Cybersecurity Glossary

A

  • Access Control: A security technique that limits access to resources in a computing environment to authorized users.
  • Antivirus: Software designed to detect and remove malicious software, such as viruses, worms, and trojans.
  • Authentication: The process of verifying the identity of a user or device before granting access to a system.

B

  • Backdoor: A method of bypassing normal authentication to access a system, often left intentionally for maintenance but can be exploited by attackers.
  • Botnet: A network of compromised computers controlled by a hacker to conduct malicious activities like DDoS attacks or spamming.
  • Brute Force Attack: A trial-and-error method to crack passwords or encryption keys by trying many combinations until the correct one is found.

C

  • Cyber Attack: An attempt to damage, disrupt, or gain unauthorized access to a computer system or network.
  • Cryptography: The practice of securing information by converting it into unreadable formats, like encryption, to prevent unauthorized access.
  • Cross-Site Scripting (XSS): A type of attack where malicious scripts are injected into otherwise benign and trusted websites.

D

  • Data Breach: An incident where sensitive, confidential, or protected information is accessed or disclosed without authorization.
  • DDoS (Distributed Denial of Service): An attack that overwhelms a system with traffic, causing it to crash or become unavailable.
  • Digital Certificate: A digital form of identification that verifies the identity of the holder for secure online communication.

E

  • Encryption: The process of encoding data to prevent unauthorized access. Only those with the decryption key can read the information.
  • Endpoint: A device (e.g., computer, mobile, tablet) connected to a network that can be exploited by an attacker.
  • Exploit: A piece of code or a technique used to take advantage of a vulnerability in software, hardware, or network systems.

F

  • Firewall: A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
  • Forensics: The practice of investigating cybercrimes by collecting, preserving, and analyzing digital evidence.
  • Firmware: A type of software that is embedded in hardware devices, controlling their basic functions. Often a target for exploits.

G

  • Gateway: A network point that acts as an entrance to another network, often secured to control data traffic.
  • Gray Hat Hacker: A hacker who may sometimes break laws or ethical standards but without the malicious intent typical of a black hat hacker.

H

  • Honeypot: A decoy system or network resource deployed to attract attackers and detect, deflect, or analyze hacking attempts.
  • Hashing: Transforming data into a fixed-size string or number, which is unique to the input data and used for verifying data integrity.
  • HTTPS (Hypertext Transfer Protocol Secure): An extension of HTTP for secure communication over a computer network, encrypted using TLS/SSL.

I

  • IDS (Intrusion Detection System): A device or software application that monitors network or system activities for malicious activities or policy violations.
  • IoT (Internet of Things): A system of interrelated devices connected to the internet, which often have security vulnerabilities that can be exploited.
  • IP Address Spoofing: The act of sending IP packets from a false address to mislead the recipient about the source.

K

  • Keylogger: A type of malware or software that records keystrokes made by a user, typically used to steal passwords and other sensitive data.
  • Kerberos: A network authentication protocol that uses secret-key cryptography to authenticate client-server applications.

L

  • Logic Bomb: A piece of malicious code embedded in a software system that triggers destructive actions under specific conditions.

M

  • Malware: Malicious software designed to harm, exploit, or otherwise compromise devices, systems, or networks (e.g., viruses, worms, trojans).
  • Man-in-the-Middle Attack (MITM): An attack where an unauthorized party intercepts and possibly alters the communication between two parties.
  • Multi-Factor Authentication (MFA): A security process that requires multiple forms of identification before granting access to a system.

N

  • Network Security: Practices and tools used to protect the integrity, confidentiality, and availability of a network and its data.
  • NAC (Network Access Control): Security solutions that control access to network resources by enforcing security policies.
  • Nonce: A random number or value used once to ensure that old communications cannot be reused in replay attacks.

O

  • Obfuscation: The deliberate act of making code, messages, or files more difficult to interpret or understand by masking its contents.
  • Open Source Intelligence (OSINT): Information collected from publicly available sources for use in security analysis or threat intelligence.
  • OpSec (Operational Security): The process of protecting critical information by identifying, controlling, and protecting sensitive data.

P

  • Penetration Testing (Pen Test): An authorized simulated attack on a computer system to evaluate its security and identify vulnerabilities.
  • Phishing: A form of social engineering where attackers send fake emails or messages to trick users into providing sensitive information.
  • Privilege Escalation: A technique used to gain elevated access to resources that are typically protected from an application or user.

R

  • Ransomware: A type of malware that encrypts a victim’s data and demands payment (a ransom) to restore access.
  • Rootkit: Malicious software designed to hide the existence of certain processes or programs from normal detection methods.
  • Red Team: A group of security professionals who simulate attacks to test and improve the defense capabilities of an organization.

S

  • Sandboxing: A security practice of isolating running programs to prevent them from affecting the overall system.
  • Spyware: Malicious software that secretly collects information about a user’s activities without their knowledge or consent.
  • SQL Injection: A type of attack where malicious SQL code is inserted into an input field to execute commands and access data in a database.

T

  • Two-Factor Authentication (2FA): A security process that requires two forms of identification (e.g., password and SMS code) to access a system.
  • Trojan Horse: A type of malware disguised as legitimate software but designed to take control of or harm a user’s system.
  • Threat Intelligence: The process of collecting, analyzing, and using information about potential attacks and security risks.

V

  • Virus: A type of malware that attaches itself to a host file or program and spreads to other files or systems when executed.
  • Vulnerability: A weakness or flaw in a system, software, or hardware that can be exploited by attackers.
  • VPN (Virtual Private Network): A service that encrypts your internet connection and hides your IP address, enhancing privacy and security.

W

  • Worm: A type of malware that self-replicates and spreads without the need for a host file, often causing damage to systems or networks.
  • Whaling: A type of phishing attack targeted at high-profile individuals such as executives or public figures.
  • White Hat Hacker: A cybersecurity professional who uses their skills to find and fix security vulnerabilities ethically.

Z

  • Zero-Day Exploit: A cyberattack that targets a software vulnerability that is unknown to the vendor or not yet patched.
  • Zombie: A compromised computer that is remotely controlled by an attacker, often used as part of a botnet.