cybersecurity

Welcome to the Cyber Security Information,Training & Reporting Platform

Report a cyberthreat

PLACE YOUR LOGO

Cyber Security Glossary

A-Z Cyber Security Glossary

A:

  1. Authentication: The process of verifying the identity of a user, device, or system.
  2. Antivirus: A software that protects a computer from viruses and other malicious software.
  3. Attack: An attempt to compromise the security of a computer system or network.
  4. Access control: The process of limiting access to a system or resource based on pre-defined security policies.
  5. Authorization: The process of granting or denying access to a system or resource based on pre-defined security policies.

B:

  1. Backup: A copy of data that can be used to restore the original data in case of data loss or corruption.
  2. Biometric: A form of identification based on the measurement of physical characteristics, such as fingerprints, facial recognition, and iris scans.
  3. Botnet: A network of infected devices (bots) that are controlled remotely and used to carry out attacks.
  4. Brute force: A method of breaking into a system by trying every possible combination of passwords or keys until the correct one is found.
  5. Buffer overflow: A security vulnerability that occurs when data exceeds the allocated space and overwrites adjacent memory locations.

C:

  1. Cryptography: The practice of converting data into a code to protect it from unauthorized access.
  2. Certificate Authority (CA): An organization that issues digital certificates to verify the identity of a website or an individual.
  3. Cloud computing: A model of delivering computing services over the internet.
  4. Cyber espionage: The use of the internet for stealing sensitive information from governments, corporations, and individuals.
  5. Cyberwarfare: The use of the internet for political or military attacks on a nation or organization.

D:

  1. Denial of Service (DoS): An attack that makes a system or network unavailable by flooding it with traffic.
  2. Data breach: The unauthorized release of sensitive information.
  3. Dark web: A hidden network of websites that can only be accessed using special software.
  4. Decryption: The process of converting encrypted data back into its original form.
  5. Domain Name System (DNS): A system that converts domain names into IP addresses.

E:

  1. Encryption: The process of converting data into a coded form to protect it from unauthorized access.
  2. Endpoint: A device that connects to a network, such as a laptop, smartphone, or printer.
  3. Ethical hacking: The use of hacking techniques to test the security of a system.
  4. Email spoofing: The creation of fake emails that appear to come from a different sender.
  5. Exploit: A piece of code that takes advantage of a vulnerability in a system.

F:

  1. Firewall: A system that controls incoming and outgoing network traffic based on pre-defined security rules.
  2. File integrity: The accuracy and completeness of data in a file.
  3. Phishing: A type of social engineering attack that tricks victims into revealing sensitive information.
  4. Fraud: The use of deception to obtain something of value, such as money or personal information.
  5. Forward secrecy: A property of secure communication systems where a compromise of the encryption key used in the past does not affect the security of past messages.

G:

  1. Grayware: Software that is not classified as malware, but may still cause unwanted behavior or harm.
  2. Guest account: A temporary account with limited privileges that is used by someone who does not have a permanent account on a system.
  3. Geolocation: The process of determining the physical location of a device based on IP address, Wi-Fi, or GPS.
  4. Gigabit Ethernet: A high-speed data transmission standard used for local area networks.
  5. Graphical User Interface (GUI): A type of user interface that uses graphics and icons rather than text-based commands.

H:

  1. Hashing: The process of transforming data into a fixed-length representation for secure storage or comparison.
  2. Honeypot: A decoy system or data used to distract and detect attackers.
  3. Hybrid cloud: A cloud computing environment that uses a combination of public and private clouds.
  4. Handshake: The initial exchange of information between two systems to establish a secure connection.
  5. Hardening: The process of securing a system by reducing its attack surface and increasing its resistance to attacks.

I:

  1. Incident response: The process of responding to a security incident, such as a data breach or a cyber attack.
  2. Intrusion detection: The process of identifying unauthorized access to a system.
  3. Intrusion prevention: The process of stopping unauthorized access to a system.
  4. IP address: A unique identifier for a device connected to a network.
  5. Identity and Access Management (IAM): The process of managing the identity of users and the access they have to a system.

J:

  1. Jellyfish attack: A type of denial of service attack that originates from multiple points of origin.
  2. Job control language (JCL): A type of programming language used to control and manage batch processing jobs.
  3. Jump host: A host that is used as an intermediary to access other systems in a network.
  4. JWT (JSON Web Token): A compact and self-contained way of transmitting information securely between parties.
  5. Java applet: A small program written in the Java programming language that runs within a web browser.

K:

  1. Key: A piece of data used to encrypt and decrypt data.
  2. Key management: The process of generating, storing, and distributing keys.
  3. Key derivation function (KDF): A mathematical function that derives a secret key from a password.
  4. Key escrow: The storage of encryption keys by a trusted third party.
  5. Keylogger: A type of malware that records every keystroke made on an infected device.

L:

  1. LAN (Local Area Network): A network that connects devices in a limited geographical area, such as a building or a campus.
  2. Log file: A file that records events that occur in a system.
  3. Logic bomb: A type of malware that triggers when certain conditions are met.
  4. Loopback address: A special IP address used for testing network configurations.
  5. Load balancing: The distribution of tasks or requests among multiple systems to improve performance and reliability.

M:

  1. Malware: Software that is designed to cause harm to a computer or a network.
  2. Man-in-the-middle (MitM) attack: A type of attack where an attacker intercepts and manipulates the communication between two systems.
  3. MD5: A widely used message digest algorithm for generating a hash value from a message.
  4. Multifactor authentication (MFA): An authentication method that requires more than one form of authentication, such as a password and a security token.
  5. Macro virus: A type of malware that uses macro commands in a document or spreadsheet to infect a computer.

N:

  1. Network: A group of connected devices that can communicate with each other.
  2. Network Address Translation (NAT): A technique used to map private IP addresses to public IP addresses.
  3. NIDS (Network Intrusion Detection): A system that monitors a network for signs of security incidents.
  4. Nmap (Network Mapper): An open-source tool used for network exploration, management, and security auditing.
  5. Non-repudiation: A property of secure communication systems that prevents a party from denying a previous communication or transaction.

O:

  1. Operating system (OS): The software that manages the resources of a computer and provides services to other applications.
  2. Online Certificate Status Protocol (OCSP): An internet protocol used to check the status of a digital certificate.
  3. Open source: Software whose source code is made available to the public, allowing anyone to use, modify, or distribute it.
  4. One-time password (OTP): A password that can only be used once and is typically used for two-factor authentication.
  5. OAuth (Open Authorization): An open standard for authorization that allows users to grant limited access to their resources without sharing their information.

P:

  1. Packet: A unit of data that is transmitted over a network.
  2. Packet filtering: A technique used to control incoming and outgoing network traffic based on predefined rules.
  3. Password: A secret string of characters used to authenticate a user.
  4. Patch: A software update that fixes security vulnerabilities or bugs.
  5. Phishing: A type of attack that attempts to trick users into revealing their sensitive information, such as passwords or credit card numbers.

Q:

  1. Quarantine: The isolation of a computer or a file that is suspected of being infected with malware.
  2. Query: A request for information from a database.
  3. Quantum computing: A type of computing that uses quantum mechanics to perform certain types of computation more efficiently than classical computers.
  4. Queue: A data structure that stores elements in a linear order, with operations to add elements to the end and remove elements from the beginning.
  5. Queue overflow: A type of attack that occurs when a queue or buffer is filled with too many elements, causing the system to crash or produce unexpected results.

R:

  1. RADIUS (Remote Authentication Dial-In User Service): A protocol used for remote user authentication and accounting.
  2. Ransomware: A type of malware that encrypts a victim’s files and demands payment in exchange for a decryption key.
  3. Reconnaissance: The initial stage of a cyber attack that involves gathering information about a target.
  4. Remote access: The ability to access a computer or a network from a remote location.
  5. Rootkit: A type of malware that hides itself and its activities from the operating system and antivirus software.

S:

  1. Sandbox: An isolated environment used to test or execute potentially harmful code.
  2. Security Information and Event Management (SIEM): A security solution that collects, analyzes, and correlates log data from multiple sources.
  3. Social engineering: A type of attack that uses psychological tactics to manipulate individuals into divulging confidential information.
  4. Spam: Unwanted or unsolicited electronic messages, such as email or instant messages.
  5. SQL injection: A type of attack that injects malicious code into a SQL statement, in order to compromise a database.

T:

  1. Two-factor authentication (2FA): An authentication method that requires two forms of authentication, such as a password and a security token.
  2. Threat: A potential danger or risk to a system or network.
  3. Trojan: A type of malware that disguises itself as a legitimate program but performs malicious actions in the background.
  4. Tunneling: The encapsulation of one protocol within another protocol, in order to bypass security mechanisms or to enable access to restricted resources.
  5. Type confusion: A type of vulnerability that occurs when a program processes data as the wrong type, leading to unexpected results or security exploits.

U:

  1. URL (Uniform Resource Locator): An address that specifies the location of a resource on the internet, such as a website or a file.
  2. UDP (User Datagram Protocol): A communication protocol used for transmitting data over a network.
  3. Unique Identifier (UID): A value that is used to identify a user, a device, or an object.

V:

  1. Virus: A type of malware that replicates itself and infects other programs or files on a computer.
  2. Virtual Private Network (VPN): A private network that uses public network infrastructure, such as the internet, to provide secure remote access to a network.
  3. Vulnerability: A weakness or gap in a system or network that can be exploited by attackers to cause harm or gain unauthorized access.
  4. VPN concentrator: A device used to manage and terminate VPN connections for a large number of remote users.
  5. Vulnerability assessment: The process of identifying, evaluating, and prioritizing the vulnerabilities in a system or network, in order to prioritize remediation efforts.

W:

  1. War dialing: The process of automatically dialing a large number of telephone numbers, in order to identify active modems or systems.
  2. Web application firewall (WAF): A firewall that is specifically designed to protect web applications from attacks, by inspecting and filtering incoming traffic.
  3. Whaling: A type of phishing attack that targets high-level executives or individuals with access to sensitive information.
  4. Wi-Fi: A wireless local area network (WLAN) technology that uses radio waves to provide wireless high-speed internet and network connections.
  5. WPA (Wi-Fi Protected Access): A security protocol used to secure Wi-Fi networks.

X:

  1. X.509: An ITU-T standard that defines the format of public key certificates.
  2. XSS (Cross-Site Scripting): A type of vulnerability that occurs when a web application allows user input to be embedded as script code, which can be executed by other users who view the same page.
  3. XML (Extensible Markup Language): A markup language used for exchanging structured data over the internet.
  4. XOR (Exclusive OR): A logical operation that returns true if exactly one of its operands is true, and false otherwise.
  5. XOR encryption: A symmetric encryption method that uses the XOR operation to encrypt and decrypt data.

Y:

  1. YARN (Yet Another Resource Negotiator): A cluster management system used in Apache Hadoop to manage the allocation of resources, such as CPU and memory, to applications.
  2. Yellow pages: A directory of businesses or individuals, typically sorted by category.
  3. Y2K (Year 2000): A potential problem that was predicted to occur in the year 2000, due to the use of two-digit date representations in computer systems, which could cause errors or failures.
  4. Yum: A package manager for Linux systems, used to manage software installations and updates.
  5. Yubikey: A type of security key that can be used for two-factor authentication or secure passwordless login.

Z:

  1. Zero-day: A security vulnerability that is unknown to the vendor or to the public, and can be exploited by attackers before it can be patched.
  2. Zero-knowledge proof: A type of proof that allows one party to prove to another party that they know a secret, without revealing the secret itself.
  3. Zonal OCR (Optical Character Recognition): A type of OCR that performs recognition on specific zones or regions of an image, rather than the entire image.
  4. Zsh: A shell for Unix-based systems, used as an alternative to the default bash shell.
  5. Zone-based firewall: A type of firewall that uses zones to group similar types of network interfaces and to enforce security policies based on the type of traffic passing between the zones.
     
     
en English
ar Arabiczh-CN Chinese (Simplified)nl Dutchen Englishfr Frenchde Germanit Italianpt Portugueseru Russiansn Shonaes Spanish

Test your cybersecurity Knowledge

/5
0
Created on

Uncategorized

Cyber

1 / 5

Category: Uncategorized

Which of the following should you do to restrict access to your devices and data?

2 / 5

Category: Uncategorized

What kind of cybersecurity risks can be mitigated by using a VPN?

3 / 5

Category: Uncategorized

Turning off the GPS of your device prevents any tracking of your location.

4 / 5

Category: Uncategorized

Cybercriminals access someone's system and encrypt their personal data and files. The user is unable to access data unless they pay cybercriminals to decrypt the files. It is known as

5 / 5

Category: Uncategorized

Which of these is an example of a phishing attack?

Your score is

The average score is 0%

LinkedIn Facebook Twitter VKontakte
0%