Glossary
| Term | Description | Articles |
|---|---|---|
| ARP | Address Resolution Protocol, a network protocol used to map an IP address to a physical MAC address on a local network. It can be exploited in attacks like ARPspoofing. | Read More > |
| AES | Advanced Encryption Standard, a symmetric encryption algorithm used to secure data. It is widely used due to its speed and high level of security. | |
| Authentication | The process of verifying the identity of a user or device. Methods can include passwords, biometric data, or multi-factor authentication. | |
| Authorization | The process of determining what an authenticated user is allowed to do. It defines access levels and permissions for resources. | |
| Antivirus | Software designed to detect, prevent, and remove malware, including viruses, worms, and trojans. It helps to protect systems from various cyber threats. | |
| Adware | Software that displays unwanted advertisements, often in the form of pop-ups or banners. It can be intrusive and may collect user data for targeted advertising. | |
| Anonymity | The state of being unidentifiable online, often achieved through tools like VPNs, Tor, or anonymizing proxies to protect privacy and evade tracking. |
| Term | Description | Articles |
|---|---|---|
| Binary | A form of data representation using only two states, typically 0 and 1. In cybersecurity, binary files may contain executable code, malware, or data. | |
| Botnet | A network of compromised computers controlled remotely by an attacker, often used for sending spam or launching Distributed Denial-of-Service (DDoS) attacks. | |
| Black Hat | Refers to a hacker who uses their skills for malicious purposes, such as unauthorized access to networks or systems to steal data or cause harm. | |
| Blue Team | A group responsible for defending an organization against cyber threats by monitoring, detecting, and responding to security incidents. | |
| Buffer Overflow | A vulnerability that occurs when a program writes more data to a buffer than it can hold, potentially allowing an attacker to execute arbitrary code. | |
| Blockchain | A decentralized, distributed ledger technology used to record transactions in a secure and immutable manner, commonly associated with cryptocurrencies. | |
| Brute Force Attack | A method of gaining unauthorized access to a system by systematically trying all possible passwords or keys until the correct one is found. |
| Term | Description | Articles |
|---|---|---|
| CTI | Cyber Threat Intelligence, the collection and analysis of information about potential threats to help organizations protect against cyber attacks. | |
| CDN | Content Delivery Network, a system of distributed servers that deliver web content to users based on their geographic location, improving website speed and security. | |
| Checksum | A value used to verify the integrity of data, calculated by applying a mathematical algorithm to the data’s contents. If the data changes, the checksum will be different. | |
| CIA Triad | A fundamental model in cybersecurity that stands for Confidentiality, Integrity, and Availability. It serves as a framework for assessing and implementing security policies. | |
| Cyber Kill Chain | A model used to understand the stages of a cyber attack, from initial reconnaissance to data exfiltration, helping organizations detect and respond to threats. | |
| CTF | Capture the Flag, a type of cybersecurity competition where participants solve security-related challenges to capture “flags” as proof of successful exploits. | |
| Cryptography | The practice of securing information by transforming it into an unreadable format using encryption algorithms, ensuring confidentiality and integrity. | |
| Confidentiality | The principle of protecting sensitive information from unauthorized access, ensuring that only authorized parties can view the data. | |
| CVE | Common Vulnerabilities and Exposures, a publicly accessible database that lists known software vulnerabilities, providing unique identifiers for each. | |
| Cybersecurity | The practice of protecting systems, networks, and programs from digital attacks, which typically aim to access, change, or destroy sensitive information or disrupt services. | Read More > |
| Term | Description | Articles |
|---|---|---|
| Digital Forensics | The process of collecting, analyzing, and preserving digital evidence from electronic devices to investigate cyber crimes and security incidents. | |
| Default Gateway | A network device, often a router, that serves as an access point or routing path for devices in a local network to connect to external networks. | |
| DHCP | Dynamic Host Configuration Protocol, a network management protocol used to automatically assign IP addresses and other network configurations to devices on a network. | |
| DNS | Domain Name System, a system that translates human-readable domain names (e.g., example.com) into IP addresses that computers use to identify each other on the network. | Read More > |
| Data | Information that is processed, stored, or transmitted in a digital format, often targeted in cyber attacks for unauthorized access or theft. | |
| DDoS | Distributed Denial-of-Service, an attack where multiple compromised systems are used to flood a target, such as a server or website, with traffic, causing it to become unavailable. | |
| DoS | Denial-of-Service, an attack that aims to make a computer or network resource unavailable to its intended users by overwhelming it with excessive requests or data. | |
| Digital Signature | A cryptographic mechanism used to verify the authenticity and integrity of digital data, often used in emails, documents, and software distribution. | |
| DLP (Data Loss Prevention) | A strategy and set of tools designed to prevent sensitive data from being accessed, shared, or stolen by unauthorized individuals. | |
| DNS Spoofing | A cyber attack where an attacker corrupts the Domain Name System data to redirect a user to a malicious website, usually without the user’s knowledge. |
| Term | Description | Articles |
|---|---|---|
| Ethernet | A widely used networking technology for local area networks (LANs), which uses physical cables to connect devices and enable data transmission. | |
| Encryption | The process of converting plaintext data into a coded form (ciphertext) to prevent unauthorized access, ensuring data confidentiality and integrity. | |
| Exfiltration | The unauthorized transfer or theft of data from a system, often carried out by attackers after gaining access to a network. | |
| Exploit | A piece of code, software, or technique that takes advantage of a vulnerability in a system or application to perform malicious actions. | |
| Exposure | The state in which sensitive data is accessible to unauthorized individuals, increasing the risk of data breaches or cyber attacks. | |
| Evil Twin Attack | A type of wireless attack where an attacker sets up a rogue Wi-Fi access point that mimics a legitimate network, tricking users into connecting and potentially stealing their data. |
| Term | Description | Articles |
|---|---|---|
| Firewall | A network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. | |
| Frame | A data packet structure used in network communications that includes the data being transmitted as well as control information for routing and error handling. | |
| FTP | File Transfer Protocol, a standard network protocol used to transfer files between a client and server over a network, often unsecured and vulnerable to attacks. | |
| Firmware | Low-level software that is embedded in hardware devices, providing control and communication functions. It can be a target for attacks if vulnerabilities are present. |
| Term | Description | Articles |
|---|---|---|
| Ghostware | A type of malware or cyber attack technique designed to be stealthy and leave little to no trace of its presence on a compromised system, making detection and analysis difficult. |
| Term | Description | Articles |
|---|---|---|
| Host Address | The unique identifier assigned to a device on a network, usually an IP address, which allows it to communicate with other devices. | |
| Host | A computer or other device that communicates with other devices on a network, serving as a source or destination for network traffic. | |
| HTTP | Hypertext Transfer Protocol, a protocol used for transmitting web pages over the internet. It is not secure, as data is transferred in plaintext. | |
| HTTPS | Hypertext Transfer Protocol Secure, an extension of HTTP that uses encryption (SSL/TLS) to secure the transmission of data over the internet. | |
| Hacker | An individual skilled in computer systems who uses their knowledge to gain unauthorized access to systems, either for malicious purposes (black hat) or ethical reasons (white hat). | |
| Hash Function | A cryptographic algorithm that converts input data of any size into a fixed-size string, often used for verifying data integrity. | |
| Honeypot | A decoy system or network designed to attract attackers and gather information about their techniques and behavior for security analysis. | |
| Humint | Human Intelligence, the collection of information from human sources, often used in cybersecurity for gathering insights on potential threats or social engineering attacks. |
| Term | Description | Articles |
|---|---|---|
| IDS | Intrusion Detection System, a security tool that monitors network or system activity for malicious behavior or policy violations. | |
| IPS | Intrusion Prevention System, a security tool that not only detects but also actively prevents or mitigates identified threats in a network. | |
| IP | Internet Protocol, a set of rules that govern the format of data sent over the internet or a local network, and the addressing of devices. | |
| ISP | Internet Service Provider, a company that provides access to the internet for individuals and organizations. | |
| ICMP | Internet Control Message Protocol, used for sending error messages and operational information in network communications, commonly utilized by tools like ping. | |
| Incident Response | The process of identifying, managing, and mitigating security incidents to minimize damage and restore normal operations. | |
| Integrity | The principle of ensuring that data is accurate, consistent, and protected from unauthorized modification. | |
| InfoSec | Information Security, the practice of protecting information from unauthorized access, disclosure, alteration, and destruction. | |
| IoT | Internet of Things, a network of connected devices that communicate and exchange data over the internet, often targeted due to weak security measures. | |
| Impersonation | A cyber attack technique where an attacker pretends to be a legitimate user or entity to gain unauthorized access or information. |
| Term | Description | Articles |
|---|---|---|
| Jailbreaking | The process of removing restrictions imposed by the manufacturer on a device, typically used to bypass iOS limitations, allowing users to install unofficial apps and gain full access to the file system. | |
| JWT | JSON Web Token (JWT) is a compact, self-contained token format used for securely exchanging information between parties. It can be signed or encrypted to verify the integrity of the data. |
| Term | Description | Articles |
|---|---|---|
| Keylogger | A software or hardware tool that records keystrokes made on a keyboard. It is often used by cyber attackers to steal passwords and other sensitive information. |
| Term | Description | Articles |
|---|---|---|
| LAN | Local Area Network (LAN) is a network that covers a small geographical area, enabling devices to communicate with each other. It is commonly used in homes, schools, and offices. | |
| Linux | An open-source, Unix-like operating system widely used for security and server solutions. Users can customize their systems for different needs using various distributions (distros). | |
| Load Balancers | A device or software solution that distributes network traffic across multiple servers. Load balancing is used to ensure high availability and scalability. | |
| Logging | The process of recording events and activities in applications or systems. It is essential for security audits, debugging, and analysis. |
| Term | Description | Articles |
|---|---|---|
| Metadata | Data that provides information about other data, such as details about file size, creation date, or author. In cybersecurity, metadata can sometimes reveal sensitive information unintentionally. | |
| MAC | Media Access Control (MAC) refers to a unique identifier assigned to a network interface for communication on the physical network segment. It is used for network security and device identification. | |
| MitM | Man-in-the-Middle (MitM) attack is a form of eavesdropping where the attacker intercepts and possibly alters the communication between two parties without their knowledge. | |
| Monitoring | The process of continuously observing and tracking system activities, network traffic, or application performance to detect and respond to anomalies or security incidents. | |
| Memory Leak | A software issue where a program fails to release memory that is no longer needed, leading to a gradual decrease in available memory and potential system instability. |
| Term | Description | Articles |
|---|---|---|
| Network | A collection of interconnected devices and systems that communicate with each other, typically using protocols like TCP/IP, for data sharing and resource utilization. | |
| Network Address | An identifier assigned to a device on a network to enable communication. Examples include IP addresses used for internet connectivity and MAC addresses for local network identification. | |
| NIST (National Institute of Standards and Technology) | A U.S. federal agency that develops and promotes standards, guidelines, and best practices in various fields, including cybersecurity, to enhance the security and resilience of the digital infrastructure. | |
| NAT (Network Address Translation) | A method used in networks to map multiple private IP addresses to a single public IP address, allowing devices on a local network to access the internet while hiding their private addresses. | |
| Nmap | A network scanning tool used for network discovery and security auditing. It allows administrators to identify open ports, services, and potential vulnerabilities on a network. |
| Term | Description | Articles |
|---|---|---|
| OSPF | Open Shortest Path First (OSPF) is a routing protocol used in Internet Protocol (IP) networks to determine the most efficient path for data packets. It is widely used in large enterprise networks. | |
| OSI | The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes the functions of a network into seven layers, from physical transmission to application-level interactions. | Read More > |
| Term | Description | Articles |
|---|---|---|
| Ping | A network utility used to test the reachability of a host on an IP network. It measures round-trip time for messages sent from the originating host to a destination. | |
| Protocol | A set of rules and conventions used for communication between network devices. Protocols define how data is transmitted and received over a network. | |
| Port Forwarding | A technique used to allow external devices to access services on a private network by mapping an external port to an internal IP address and port. | |
| Port | A logical endpoint in networking that is used to identify specific processes or types of network services. Ports are often associated with IP addresses to facilitate communication. | |
| Packet | A small unit of data transmitted over a network. It contains both the data being sent and control information, such as the source and destination addresses. | |
| Phishing | A type of cyber attack where an attacker impersonates a trusted entity to trick individuals into providing sensitive information, such as passwords or credit card numbers. | |
| Penetration Testing | A simulated cyber attack performed to evaluate the security of a system, network, or application by identifying vulnerabilities that could be exploited by an attacker. | |
| Public Key Infrastructure (PKI) | A framework of policies, technologies, and procedures used to manage digital certificates and public-key encryption, enabling secure communication over networks. | |
| Payload | The part of a transmitted data packet or exploit that contains the actual data intended for delivery or malicious code intended for execution. | |
| Proxy Server | An intermediary server that acts as a gateway between a client and a destination server, used to improve security, performance, or anonymity in network communications. |
No Matching Terms Found
Please browse other tabs or enter different key words
| Term | Description | Articles |
|---|---|---|
| Router | A network device that forwards data packets between computer networks, directing traffic based on IP addresses. Routers connect different networks and manage traffic to ensure efficient communication. | |
| RIP | Routing Information Protocol (RIP) is a distance-vector routing protocol used in small to medium-sized networks to determine the best path for data transmission. It uses hop count as a routing metric. | |
| RDP | Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft, allowing users to connect and control a remote computer over a network connection. | |
| Ransomware | A type of malicious software that encrypts a victim’s data, demanding payment (usually in cryptocurrency) for the decryption key. It is a common form of cyber extortion. | |
| Red Team | A group of cybersecurity professionals who simulate real-world attacks on an organization’s infrastructure to test its defenses and improve its security posture. | |
| Rootkit | A type of malicious software designed to gain unauthorized root or administrative access to a computer system while hiding its presence. Rootkits can be used to manipulate system functions and evade detection. |
| Term | Description | Articles |
|---|---|---|
| SOC | Security Operations Center (SOC) is a facility where an organization’s information systems are monitored, analyzed, and defended against security threats in real-time. | |
| SIEM | Security Information and Event Management (SIEM) is a system that collects, analyzes, and correlates security data from various sources to detect threats and respond to incidents. | |
| Switch | A network device that connects multiple devices within a local area network (LAN) and uses MAC addresses to forward data to the correct destination. | |
| Subnetting | The process of dividing a network into smaller subnetworks, which helps optimize performance, improve security, and manage network traffic more efficiently. | |
| Subnet Mask | A 32-bit number used in IP networking to divide an IP address into network and host portions, defining the range of addresses in a subnet. | |
| Server | A computer or system that provides resources, data, services, or programs to other computers, known as clients, over a network. | |
| SMB | Server Message Block (SMB) is a network protocol used for sharing files, printers, and other resources between computers in a network. | |
| SSH | Secure Shell (SSH) is a protocol that provides a secure method for remote access to another computer over an unsecured network, using encryption to protect data. | |
| Subdomain | A domain that is part of a larger domain, often used to organize different sections of a website, such as “blog.example.com” under “example.com.” | |
| Second-Level Domain | The main part of a domain name, located directly to the left of the top-level domain (TLD). For example, in “example.com,” “example” is the second-level domain. | |
| Spyware | Malicious software designed to secretly gather information about a user or organization without their consent, often used for data theft or surveillance. | |
| Social Engineering | A manipulation technique used by attackers to deceive individuals into divulging confidential information or performing actions that compromise security. | |
| Spear Phishing | A targeted phishing attack aimed at a specific individual or organization, often using personalized information to increase the likelihood of success. | |
| Sandboxing | A security technique used to isolate programs or processes in a separate environment to prevent them from affecting the rest of the system. | |
| Secure Socket Layer (SSL) | A protocol used to secure communications over a computer network by encrypting data transmitted between a web server and a browser. | |
| Supply Chain Attack | A cyber attack that targets an organization’s suppliers or partners to compromise their systems, gaining access to the primary target’s network or data. | |
| Session Hijacking | A type of attack where the attacker takes over a user’s active session with a website or application, often by stealing the session token. |
| Term | Description | Articles |
|---|---|---|
| TCP | Transmission Control Protocol (TCP) is a core Internet protocol that establishes and maintains reliable communication between devices over a network, ensuring data is transmitted accurately and in the correct order. | |
| TLD | Top-Level Domain (TLD) is the last segment of a domain name, such as “.com,” “.org,” or “.net.” It indicates the highest level in the domain name system hierarchy. | |
| Threat | Any potential danger or malicious activity that could exploit a vulnerability to cause harm to a system, network, or organization. Threats can be intentional (e.g., hackers) or accidental (e.g., software bugs). | |
| Trojan Horse | A type of malicious software disguised as legitimate or useful software, which, once executed, can perform harmful activities on the target system, such as stealing data or enabling remote access. | |
| Two-Factor Authentication (2FA) | An authentication method that requires two different forms of verification to confirm a user’s identity, typically combining something the user knows (password) with something they have (a code sent to their phone). | |
| TLS (Transport Layer Security) | A cryptographic protocol that ensures secure communication over a computer network by encrypting the data transmitted between a client and a server. It is the successor to SSL (Secure Socket Layer). |
| Term | Description | Articles |
|---|---|---|
| URL | Uniform Resource Locator (URL) is a reference to a resource on the internet, specifying its location and the protocol used to access it, such as “https://example.com”. | |
| URI (Uniform Resource Identifier) | A string that identifies a resource on the internet either by location, name, or both. It includes URLs as a subset, providing a more generic way to specify resources. | |
| UDP | User Datagram Protocol (UDP) is a communication protocol used for transmitting data over a network with minimal error checking, offering faster, but less reliable, data transfer compared to TCP. |
| Term | Description | Articles |
|---|---|---|
| VLAN | A Virtual Local Area Network (VLAN) is a network configuration that allows for the logical separation of devices within a physical network, improving security and network management. | |
| VPN | A Virtual Private Network (VPN) is a service that encrypts internet traffic and hides the user’s IP address, providing privacy and security when accessing the internet. | Read More > |
| Virtual Hosts | In web server configuration, virtual hosts allow multiple domain names to be served by a single server, enabling separate websites to share the same server resources. | |
| Virus | A type of malicious software that replicates itself and infects computer systems, often causing damage or compromising data integrity. | |
| Vulnerability | A weakness or flaw in a system, network, or application that could be exploited by a threat actor to gain unauthorized access or cause damage. | |
| Vishing | A type of social engineering attack in which the attacker uses voice communication, such as phone calls, to deceive individuals into providing sensitive information. | |
| Vulnerability Assessment | The process of identifying, classifying, and prioritizing security vulnerabilities in systems, networks, or applications to mitigate potential threats. |
| Term | Description | Articles |
|---|---|---|
| WAF | A Web Application Firewall (WAF) is a security solution that monitors, filters, and blocks HTTP traffic to and from a web application to protect against various cyber threats. | |
| Webserver | A server that hosts websites and delivers web content to users over the internet or an intranet, processing requests for web pages. | |
| WAN | A Wide Area Network (WAN) is a telecommunications network that extends over a large geographic area, connecting multiple local networks. | |
| Worm | A type of malware that replicates itself to spread across computers and networks, often causing harm by consuming bandwidth or compromising data. | |
| Whitelist | A security mechanism that allows only specified, approved entities (such as IP addresses, email addresses, or applications) to access a system or network. | |
| WPA (Wi-Fi Protected Access) | A security protocol developed to secure wireless networks by providing encryption and authentication mechanisms, replacing the less secure WEP. |
| Term | Description | Articles |
|---|---|---|
| XSS (Cross-Site Scripting) | A web security vulnerability that allows an attacker to inject malicious scripts into web pages viewed by other users, potentially leading to data theft or session hijacking. | |
| XML (eXtensible Markup Language) | A markup language used to encode documents in a format that is both human-readable and machine-readable, commonly used for data exchange between systems. | |
| XOR (Exclusive OR) | A logical operation used in computing and cryptography that returns true if one of its operands is true and the other is false, but not both. |
No Matching Terms Found
Please browse other tabs or enter different key words
| Term | Description | Articles |
|---|---|---|
| Zero-Day Exploit | A cyber attack that targets a software vulnerability unknown to the software vendor, leaving no time (“zero days”) for the vendor to develop a patch. | |
| Zero Trust Security | A security model that assumes no user or system should be trusted by default, enforcing strict verification for access to resources, regardless of whether the user is inside or outside the network. | |
| Zombie | A compromised computer or device that is remotely controlled by an attacker, often used as part of a botnet to conduct malicious activities such as DDoS attacks. |