Glossary

It is a key consideration in risk management strategies, where risks are weighed against the benefits and costs of mitigating them.

It can be categorized as low, medium, or high, depending on the level of skill, resources, and tools required to carry out the exploitation.

An Access Control List (ACL) is a set of rules that determine which users or system processes are granted access to objects.

An Access Point (AP) is a network device that enables wireless connectivity to a Local Area Network (WLAN).

This prevents unauthorized users from attempting brute force attacks to guess a password.

APTs often aim to steal sensitive data, sabotage systems or conduct cyber espionage rather than cause immediate damage.

It typically operates by scanning files and system activities to identify potential threats.

It helps ensure that all assets are properly secured, maintained, and accounted for.

Common attack vectors include phishing emails, malware, and vulnerabilities in software.

Common methods include passwords, biometrics, and multi-factor authentication (MFA).

It controls what actions an authenticated user can perform within a system.

It is one of the core principles of information security, along with confidentiality and integrity.

Backdoors can be intentionally built by developers or placed by attackers, and can be installed in both software and hardware.

Biometric Authentication is an access control method verifying identity and managing system permissions.

A birthday attack is a cryptographic attack that exploits mathematical principles from the birthday paradox to identify collisions in hash functions.

Blacklists prevent suspicious entities from accessing networks and systems. Discover how this cybersecurity measure blocks malicious activity.

Their role is to protect against, detect, and respond to cyber threats in real-time.

A botnet is a network of compromised computers or devices that are controlled remotely by an attacker.

Brute Force Attack is a cybersecurity threat targeting systems and data through various exploitation methods.

A bug bounty is a program offered by organizations that rewards individuals for finding and.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a challenge-response.

A Certificate Authority (CA) is an entity responsible for issuing and managing digital certificates that verify the authenticity and identity of websites.

Clickjacking is a type of attack where a malicious actor tricks a user into clicking on an invisible or disguised element on a web page.

Cloud Access Security Broker is a security mechanism protecting networks and systems from unauthorized access.

It allows users to access resources on-demand without managing physical hardware.

Cross-Site Scripting (XSS) is a web security vulnerability that enables attackers to inject malicious scripts into web pages viewed by unsuspecting users.

DNS spoofing (or DNS cache poisoning) is a type of attack where an attacker alters.

Only authorized users with the decryption key can convert the data back into its original form.

Data Loss Prevention (DLP) refers to security measures that aim to prevent the unauthorized access,.

A Denial of Service (DoS) attack is an attempt by an attacker to disrupt the normal functioning of a network.

It is issued by a trusted Certificate Authority (CA) and binds the public key to the identity of the key owner.

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service.

The Domain Name System (DNS) translates human-readable domain names (e.

Doxxing (or doxing) refers to the act of publicly revealing or broadcasting private information about.

No user interaction is required for the infection to occur.

Eavesdropping Attacks is a cybersecurity threat targeting systems and data through various exploitation methods.

Endpoint Detection and Response (EDR) is a security solution that monitors and analyzes endpoint activities to detect.

It involves securing these devices from malware, unauthorized access, and other cyber threats.

Ethical Hacking involves cybersecurity practices and activities with specific methodologies and implications.

An exploit is a piece of code or a technique used by attackers to take advantage of a vulnerability in software or hardware.

A false positive occurs when a security system incorrectly identifies benign activity as malicious, triggering an alert or blocking a legitimate action.

File Integrity Monitoring (FIM) is a security technology that tracks and monitors changes to files and systems to detect unauthorized modifications.

It acts as a barrier between trusted internal networks and untrusted external networks.

It is used in tasks like natural language processing, image generation, and autonomous code creation.

A grey hat hacker operates in the space between ethical white hat and malicious black hat practices.

The resulting hash is unique to the original data and is often used for data verification and integrity checks.

A honeypot is a decoy system or network set up to attract cyber attackers.

Incident response refers to the organized approach taken by an organization to address and manage.

An insider threat occurs when someone within an organization, such as an employee, contractor, or.

The Internet of Things (IoT) refers to the network of physical devices, vehicles, appliances, and.

An Intrusion Detection System (IDS) is a security solution that monitors network traffic or system activities for malicious behavior or policy violations.

An Intrusion Prevention System (IPS) is a security solution that not only monitors network traffic.

A keylogger is a type of malware or software that records the keystrokes entered by a user.

The principle of least privilege dictates that users, systems, and applications should be granted the.

Malvertising (malicious advertising) involves injecting malicious code into online advertisements to spread malware or direct.

It includes viruses, worms, ransomware, spyware, and other harmful programs.

Man-in-the-middle (MitM) Attack is a cybersecurity threat targeting systems and data through various exploitation methods.

Multi-Factor Authentication (MFA) is an access control method verifying identity and managing system permissions.

Network Access Control (NAC) is a security solution that restricts unauthorized devices from accessing a network by enforcing security policies.

Onion routing is a method of anonymizing internet communication by encrypting messages in layers and.

Overflow Attack is a cybersecurity threat targeting systems and data through various exploitation methods.

It can be used by network administrators for legitimate purposes or by attackers to intercept sensitive information.

Common types include brute force, dictionary, and credential stuffing attacks.

Patch management is the process of managing software updates, including identifying, testing, and installing patches.

Penetration testing, or pen testing, is the practice of simulating real-world attacks on a system.

Phishing is a social engineering attack in which an attacker poses as a legitimate entity to trick individuals into providing sensitive information.

Privilege escalation is a type of attack in which an attacker gains elevated access to a system.

Public Key Infrastructure (PKI) is a framework that provides cryptographic key management and digital certificate.

Quid Pro Quo Attack is a cybersecurity threat targeting systems and data through various exploitation methods.

Ransomware is a type of malware that encrypts a victim’s data or locks them out of their system.

Red teams use offensive tactics to exploit vulnerabilities and assess the security posture.

It helps prioritize security measures based on the likelihood and impact of potential threats.

A rootkit is a type of malicious software designed to provide unauthorized users with root-level access to a computer or network.

SMS phishing, or smishing, is a type of phishing attack where an attacker sends fraudulent.

SQL injection is a type of web application attack where an attacker inserts malicious SQL statements into an input field.

It ensures the confidentiality and integrity of data transmitted between a web server and a browser.

Security Awareness and Training is a security mechanism protecting networks and systems from unauthorized access.

SIEM systems collect and aggregate data to help detect and respond to potential threats.

Session hijacking occurs when an attacker intercepts or takes over an active session between a.

Social engineering is a type of cyberattack that relies on manipulating human behavior to trick.

Spear phishing is a targeted form of phishing attack aimed at a specific individual or organization.

Spoofing is a type of attack in which an attacker pretends to be another entity.

Spyware is a type of malware that secretly monitors and collects data from an infected device.

This type of attack can affect hardware, software, or services.

It involves manually and systematically identifying suspicious activities or potential threats.

It involves monitoring threat actors, malware, and vulnerabilities to stay ahead of attacks.

The token has no exploitable value and can only be mapped back to the original data through a secure system.

A Trojan horse is a type of malware that disguises itself as legitimate software to trick users into downloading and executing it.

Typosquatting (or URL hijacking) is a type of cyberattack where attackers create fraudulent websites with URLs that are similar to legitimate sites.

URL interpretation involves understanding how URLs are structured and how attackers can manipulate them in.

User Interface (UI) spoofing is a type of cyberattack where attackers manipulate the appearance of.

A Virtual Private Network (VPN) is a secure tunnel between two or more devices that.

Voice phishing, or vishing, is a type of phishing attack conducted over the phone.

A vulnerability is a weakness or flaw in a system.

A vulnerability assessment is the process of identifying, evaluating, and prioritizing security vulnerabilities in systems,.

Common types include SQL injection, cross-site scripting (XSS), and denial of service (DoS) attacks.

Whaling is a specific type of phishing attack that targets high-profile individuals within an organization.

Worms exploit vulnerabilities in software or networks to propagate quickly.

These scripts can steal session cookies, redirect users to malicious sites, or deface websites.

Attackers exploit these vulnerabilities before the vendor is aware of the issue, giving them a critical window of opportunity.