Neumetric

Glossary

Glossary
Glossary
Glossary
Glossary

Glossary

Information Security, Data Privacy, Governance, Risk, Compliance, Vulnerability Assessment & Penetration Testing

A

Term Description
Acceptable Use Policy
It is also known as Acceptable Usage Policy which is a Document that defines an Organisation's rules for how Employees can use the Organisation's technology & other resources. This Policy can cover things like email, internet access, & office supplies. It also generally includes a section on what constitutes unacceptable usage.
Access Control List [ACL]
It is a mechanism used to grant or deny permissions to Users, Programs or other Entities based on their Identity. The List is stored in a file, & consists of one or more rules. Each Rule has an Identifier, which can be a Username, Groupname or numeric identifier for special permissions. Each Rule also specifies whether the permission that follows is granted or denied. In most cases, this will be "Granted" or "Denied."
Advanced Encryption Standard [AES]
It is a Symmetric Key Encryption algorithm. It was adopted as the standard by the U.S. Government in 2001, & is now used worldwide to protect sensitive information such as Credit Card Data & Personal Records. It is a standard for encrypting information using Symmetric Key Cryptography. The Symmetric Key Encryption algorithm is the same for both the Sender & the Receiver, meaning that both Parties must know the Key to decrypt data. It uses a Block Cipher with a 128-bit Key Length & has been proven to be one of the strongest encryption methods available today.
Adware
It is software that is installed on a computer without an individual's knowledge or consent & then displays advertisements on that computer. Adware may be installed by a User, as with other types of malware, or it may be included in software that the User downloads. It can also be installed through a malicious link in an email or text message, or via exploit kits.
Anti-Malware
It is a program designed to protect your computer from malware. It can be installed on any computer & runs at intervals to check for viruses, spyware, & other malicious code. Anti-malware programs are often bundled with Antivirus software. These types of programs are often called "Antivirus" or "Anti-spyware" software, but those terms are misleading because there are many other types of malware (e.g., Rootkits) that these programs do not protect against.
Asymmetric Cryptography
It is a form of Encryption that uses a Public & Private Key Pair. The Public Key is used to encrypt the data, & the Private Key is used to decrypt it. The encryption method is based on mathematical functions & algorithms. The term “Asymmetric Cryptography” refers to two different keys that are mathematically related, but cannot be derived from each other. The asymmetry of the keys makes it impossible to derive the Private Key from the Public Key.
Audit
It is a process of evaluating the security of an Organisation's Systems, Networks & Infrastructure. An Audit will evaluate the effectiveness of Policies, Procedures & Standards that are in place within the Organisation. This evaluation can be conducted by internal staff or external consultants.
Audit Trail
It is a record of Events that shows the sequence of actions taken by a Person or an Automated Process, including the identification of who took each action & when it was taken. It includes the time & date of the change, who made it, & what changes were made. Audit Trails are used in computer forensics to reconstruct events & determine whether any crimes have been committed.
Authentication
It is the process of verifying that a User is who they say they are. This can be done through credentials, such as Passwords & Pins, or it can be done through biometrics (Fingerprints, Facial Recognition, etc.). Authentication helps prevent unauthorized access to Systems, Databases & Networks by verifying that the User has the correct information to access those Systems.
Availability
It refers to the ability of a System to be up & running. This means that it is able to provide its services to Users, who are able to access the System & use it as they need. A low level of Availability means that there are frequent interruptions in Service, while a high level of Availability means that there are few interruptions. It is usually measured in terms of Uptime, which is the length of time that a System is available for use without interruption.
Term Description
Back Door
It is a term used to describe a way of getting into a System that bypasses the normal Authentication Mechanism. In other words, it's a way to access a Computer Program or Network System without having to provide a Password or other Authorization Credentials. It can be installed by an Administrator or Developer for debugging purposes, but it may also be used maliciously by hackers or others who want unauthorized access to the System.
Baseline Security
It refers to the minimum level of security that a System needs in order to function properly. Baselines are standards that have been set by Organisations such as ISO & NIST, which provide guidelines for Businesses & Organisations to follow when creating their own Security Policies. Although baselines are not necessarily set in stone, they provide a good starting point for Organisations that want to improve their security.
Bastion Host
They are a type of Web Server that provides an additional layer of security for a Website by filtering all traffic to & from the Site. It is a server that acts as the main gateway to the Network. It filters all incoming & outgoing traffic, only allowing connections if they're valid or authorized. Placing this filter layer between a Network & the internet protects Systems & Networks from malware infections like Worms, Viruses, Keyloggers, etc., which may otherwise be able to penetrate the Firewall or other security measures.
Biometric
It is a term used to describe the measurement of biological metrics. It are a form of identification that uses physical traits such as Fingerprints or Facial Recognition to verify someone’s identity. It also includes Palm Print Scanners, Voice Recognition Systems, Iris Scanners & DNA Analysis.
Bit Error Rate [BER]
"It is a measurement of the amount of data that is lost during transmission across a Network. It is calculated by dividing the number of Bit Errors by the total number of Bits sent, & then multiplying by 100. Bit Error Rates are usually expressed as a percentage, & they can be either calculated from the perspective of the Sender or from the perspective of the Receiver."
Block cipher algorithm
It is a Cryptographic Algorithm that operates on fixed-length groups of Bits, called Blocks. The number of Bits in the Block is the Block Size. These Algorithms are designed to be more secure than Stream Ciphers & other traditional methods of Cryptography.
Blue Team
It is a term used in cybersecurity to refer to the team of people who are tasked with defending an Organisation's Systems & Data from malicious actors. These actors can be external, internal, or a combination of both. The Blue Team's job is to work alongside the Red Team, which is responsible for attacking their own Systems. This allows them to identify Vulnerabilities that would otherwise go unnoticed & therefore unpatched, as well as identify potential problems with their security controls (such as firewalls).
Botnet
Also known as "Robot Network," is a group of internet-connected devices that have been infected with malicious software & are being controlled by a third party without the Owners' knowledge. They are often used to send spam emails & distribute malware, but they can also be used to steal information from people's computers, engage in Distributed Denial-of-Service [DDoS] attacks, or even mine cryptocurrency.
Brute Force Attack
It is a method of hacking that involves trying every possible combination of characters in an attempt to find the correct Password, Username, or other piece of information. It is also known as a "guess & check" method of hacking.
Buffer overflow
It is a type of attack that happens when a program tries to put more data in an area of memory than it was designed to hold. This can happen because the program doesn't check for the size of the data being put into the buffer, or because it doesn't have any kind of boundary checks on its inputs.
Term Description
Certification Authority [CA]
It is a trusted third party that issues Digital Certificates to users or devices. These Certificates are used to prove the identity & authenticity of an individual or device, & can be used in a wide range of applications.
CIA
Confidentiality, Integrity, & Availability [CIA] are the three fundamental components of security in computer systems. Confidentiality controls who can access data & information. Integrity controls whether data is accurate & complete. Availability controls how quickly users can access data & information.
Clickjacking Attack
It is a type of attack is when a hacker manipulates the content of a Web Page in order to make it appear as if the User has clicked on something they have not. This can be done in a number of ways, but the most common method is by overlaying an HTML Element over the entire page. Hackers use such attacks to steal information, install malware, or redirect Users to other Websites that can be used for Ad revenue.
Cloud Security Alliance [CSA]
It is an Organisation that aims to help the world understand how to protect & secure data in the Cloud. The CSA works with Organisations to create Standards & Guidelines for best practices in Cloud security, & it provides tools & resources for Organisations that want to implement those practices.
Compliance
It is a term that refers to the degree to which an Organisation or individual meets the requirements of a specific Security Policy, Law, or Regulation. It can be achieved by implementing Policies, Procedures, and tools that help prevent cyber attacks and keep data safe.
Cookie
They are small files that store information about your activity on a Website. They are used to enhance your User Experience [UX] & can store data such as a language preference or login information.
Cryptanalysis
It is the study of techniques for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so.
Cryptography
It is the process of encoding or encrypting messages or information in such a way that only authorized parties can access it. It is a form of data security used to protect sensitive information from unauthorized access, typically by converting it into a non-readable format.
Cyber Security
It is the prevention of unauthorized access to, use or destruction of information or systems. It includes measures to protect electronic information & computer systems from theft or damage to hardware, software or information. It can be managed by an Information Security Management System [ISMS] which is a set of Policies, Procedures & Guidelines that are designed to protect data in all forms including paper documents, emails, images & video files.
Cyber Threat Intelligence [CTI]
It is the process of gathering & analyzing data about Adversary activity in cyberspace. The purpose of CTI is to provide actionable information that can be used to protect an Organisation's Network, Systems, & Data from cyber attacks. CTI provides companies with insight into their adversaries' Tactics, Techniques, & Procedures [TTPs], allowing them to identify malicious behavior before it has the ability to cause damage.
Term Description
DarkWeb
It is a part of the internet that is not indexed by Search Engines & is only accessible through special software, where a lot of illegal activities take place.
Data Backup
It is the process of creating a copy of data in order to be able to restore it in case of data loss.
Data Encryption
It is the process of encoding data to protect it from unauthorized access or theft.
Data Leakage
It is the unauthorized release of sensitive or confidential information.
Data Loss Prevention [DLP]
It is the process of identifying & preventing the unauthorized or accidental sharing of sensitive information.
Decryption
It is the process of decoding data that has been encrypted, typically using a Decryption Key.
Denial of Service [DoS]
It is an attack that aims to make a network resource or service unavailable to its intended users by overwhelming it with traffic or otherwise disabling it.
Device management
It is the process of securing, monitoring, & managing the devices connected to a network.
Disaster Recovery [DR]
It is the process of restoring systems & data after a disaster or major incident.
Domain Name System [DNS]
A hierarchical system used to translate Domain Names (such as www.example.com) into IP Addresses.
Term Description
Egress Filtering
It is a method of configuring Firewalls, Routers & other network devices to block or allow certain types of traffic to leave or enter a Network. It is a security measure that blocks transmission of data from the network to an external location. It prevents Users from accessing external servers from within the network, & it also ensures that any sensitive information contained within the network does not leave the area. It can also help to reduce the potential for data theft or malware attacks by blocking unauthorized communication between different networks.
Elliptical Curve Cryptography [ECC]
It is a Public Key Cryptography System that uses Elliptic Curves as the basis of its encryption. It's been around since the 1980s & has been very popular in recent years because it's fast & easy to implement, which makes it ideal for low-power devices (like your smart phone). The strength of ECC comes from the fact that it doesn't require the same computational power as other Public Key Cryptosystems; this means that Users can achieve the same level of security with computers that are less powerful than those used by other cryptosystems. A disadvantage of ECC is that it's not suitable for use with large numbers (like RSA), but it is used extensively by websites like Google & Facebook to encrypt User Data.
Encryption
Encryption is the process of using mathematical algorithms to encode data, as well as the process of decoding it. Encryption can be used to ensure that only authorized people can access certain information. Encryption can also be used to ensure the integrity & privacy of data, so that it cannot be tampered with or misused. Encryption is used to secure sensitive data, such as credit card numbers & Social Security numbers, & can also be used to protect information against unauthorized access by hackers.
End-to-End Encryption
It is a mechanism that ensures that all data is encrypted from the point of entry, through any intermediate processing, & to its final destination. The Encryption Key for this process must be held by the Sender & Receiver only—it is not shared with any third party. This means that even if a third party has access to the communication, they will not be able to read any of the messages.
Enterprise Architecture
It is a model of how an Organisation functions. It is the process of developing a set of plans for an Organisation's Infrastructure, Technology, & Workforce. It can be used to help the Organisation make decisions about how it will grow, what functions it will perform in the future, & how those functions will interact with each other. It helps businesses plan for the future, determine how to improve current processes & technologies, & identify areas where more funding or resources are needed to manage growth.
Ethernet
It is a networking technology that allows computers to communicate with each other over wires. It was originally created by Xerox PARC in the 1970s & has since become the standard for Wired Networks. This enables connection of multiple devices together through a Network Hub or switch to share files, printers, & other resources across those devices. Ethernet is a family of computer networking technologies for Local Area Networks [LANs]. It defines wiring & signaling standards for the physical layer, transmission of data on the medium, & Logical Link Control [LLC] for regulating access to the medium.
Event
It is a record of an action that was taken on a System or Network. Events can be triggered by a Human, such as when someone logs into the System, or they can be triggered by an automated process, such as when a Firewall detects & blocks an attack. Events are important because they provide information about what's happening on a Network at any given time, which can help in better understanding & responding to potential security risks.
Evidence
It is a piece of information that can be used to identify, prove, or disprove a claim. It can be a log file from a Device, an analysis of traffic on a Network, or even an image of malware that was running on a System. The type of evidence collected depends on the type of incident being investigated & the needs of the Organisation looking into it.
Exploit
It is a function or technique that takes advantage of a software or hardware vulnerability to allow an attacker access to a System. It can be used to gain unauthorized access to a computer, server, or other device on a network. It can be used for malicious purposes, such as stealing data or money from someone else's computer, or for benevolent purposes, such as fixing bugs in programs so they become more secure.
External Network
It is a network that is not owned by the Organisation. This includes networks such as the internet, which is available to everyone & anyone who wants to access it. The term is used to define any type of network that has access to a company's internal system. An external network can be a wireless network, or it can be other networks that are connected to one another.
Term Description
Failover
It is a process by which a computer system or network can automatically switch over to a Backup System or Network if the Primary System becomes unavailable. Failover primarily refers to computer systems & networks, but it can also refer to other processes such as fail-safe mechanisms in automobiles.
False positive
It is the term used to describe a result that indicates the presence of something when it actually isn't present. In a digital setting, this could mean that a program has detected an error in your code that isn't actually there. The opposite of a false positive is a true negative.
File encryption
It is the process of converting data into an unreadable format, so that only authorized individuals can access it. The data is stored in this format until it is decrypted, which means it is converted back into a readable format. The most common form of file encryption is done with a Password. When you encrypt a file in this manner, only people who know the Password can open & read it. Another form of file encryption involves converting files into another format that cannot be accessed without special software or an Encryption Key.
File protection
It is the process of protecting files from being deleted or modified by unauthorized Users. This can be done through Encryption, which is when a file is converted into an unreadable format that can only be decrypted by the Person or Program that has the Key to decrypt it.
File transfer protocol [FTP]
It is a network protocol used to transfer files between two systems over a TCP-based network. FTP uses separate control & data connections between the Client & Server, depending on the protocol version. FTP supports several features including listing, deleting, & moving files within a remote system; creating new directories or subdirectories; erasing remote files; setting up email services on the server; & setting up User Accounts.
Firewall
It is a security system that protects computer systems, networks & programs from attack by blocking incoming & outgoing traffic. The firewall can be set to allow only certain types of information to pass through it, or it can be configured to block all communications except those that you specify. They often work with proxy servers, which are computers that act as intermediaries between two computers communicating over the Internet. The proxy server converts data from one format to another so that the two computers can communicate with each other.
Firmware
It is a type of software that is loaded into a computer or other electronic device during the manufacturing process. It is usually embedded in the device's hardware & cannot be changed after it has been installed. The firmware in a device contains instructions for basic tasks such as memory management, power control, input/output functions, & data processing. The most common way to upgrade firmware is to flash new code onto the chip using specialized equipment or software.
Flaw hypothesis methodology
It is also known as fault tree analysis, which is a method of testing a system to determine its vulnerabilities. It works by first identifying all of the possible ways that a system could become vulnerable & then grouping them into Events. Each Event is then analyzed to determine which are most likely & which are least likely. Finally, this information can be used to help identify which problems should be addressed first.
Forensics
It is the process of collecting, examining & presenting evidence related to computer crimes. Forensic Experts use a combination of computer science knowledge & investigative skills to gather evidence, analyze it & present their findings in court. They are often called upon when computers or networks are suspected of being used for illegal activities.
Freeware
It is a type of software that can be downloaded to your computer for free. The word freeware is often used to refer to software that can be freely distributed & used by anyone, but some freeware comes with limited functionality or restrictions on its use.
Term Description
Gaining Access
It is the process of an attacker gaining unauthorized access to a system or network. This can occur through malware, phishing attacks, or even social engineering.
Gateway
It is a device that acts as a bridge between any two networks. The Gateway connects to an existing internet provider & then broadcasts Wi-Fi to the rest of the area where it is setup.
Global Information Infrastructure
It is a term used to describe the infrastructure that connects People, Organisations & Governments around the world. This includes everything from physical infrastructure like roads & bridges to digital infrastructure like data centers & communication networks.
Google Hacking Database
It is a collection of Google dorks & Advanced Search Queries that can be used to find Usernames, Passwords, Phone Numbers, & other sensitive information. To use the Database,it will need to be downloaded it in a text file format & then the queries need to be run on a local computer. The Database contains information on thousands of websites, including Banks, Government Agencies, Universities, & large Corporations. It also includes other publicly available data, such as Phone Numbers for Celebrities.
Governance
The purpose of governance is to protect the Company & its Assets. The Board of Directors is responsible for setting the Company's Policies & Procedures. They also appoint an Executive Management Team, which is responsible for implementing those Policies & Procedures. The Board of Directors will also oversee the management team's performance & make sure that the company is operating efficiently.
Governance Risk Management & Compliance
It is the process of ensuring that an Organisation's Governance Structure, Risk Management, & Compliance programs are effectively implemented. This ensures that the Organisation meets its obligations to Stakeholders, including Shareholders, Customers, Suppliers, Employees, & Society at large.
Graduated Security
It is a strategy that involves the use of multiple layers of protection, with the most stringent, least permissive layer at the outer perimeter. It is also known as a "Defense-in-Depth" model.
Gray Hat Hackers
They are computer hackers who know how to get around security systems, but don't actually cause damage. They use their hacking skills (without explicit permission to hack systems) for good, to find vulnerabilities in systems & fix them.
Guard System
It is a secure & reliable way to protect a Business. They are designed to detect smoke, fire, carbon monoxide & more. They provide an early warning when there is an emergency in the location where it is set up. They can also be used to monitor & record events such as doors opening, windows opening & closing, water leaks, movement within the protected area & more.
Guidelines
They are general rules or pieces of advice that help an Organisation accomplish its goals.
Term Description
Hardware Security Module [HSM]
It is a physical device or a software that provides cryptographic functions, such as Key Generation, Storage, & Management, for secure communication & data storage.
Hashing
It is a process of converting a Plaintext message into a fixed-length string of characters, known as a Hash Value or Message Digest. This can be used to verify the integrity of the message, as any changes to the message will result in a different Hash Value.
Honeypot
It is a trap set up to detect & defend against malicious activity on a network. They can be used to distract attackers, gather intelligence on their methods, & study their behavior.
Hybrid Attack
It is an attack that combines elements of multiple types of attacks, such as phishing & malware.
Hybrid Cryptography
It is a method of Encryption that combines the strengths of two or more Cryptographic Systems.
Hypertext Transfer Protocol Secure [HTTPS]
It is a protocol for secure communication over the internet, which encrypts the data being sent between a Web Server & a Web Browser using Secure Sockets Layer [SSL] or Transport Layer Security [TLS] protocols.
Hypervisor
It is a type of software that allows multiple virtual machines to run on a single Physical Host. This is commonly used in Cloud Computing & Virtualization, & allows for more efficient use of resources.
Term Description
Identity
It is a set of attributes assigned to an Entity. It's generally used to refer to a User, but it can also refer to things like a Device or a Service. Identity is important because it's the primary means of Authentication—that is, it's how we know who is who, & what they're allowed to do. It is also the set of characteristics that uniquely identifies a Person, Computer or other Entity in a Network.
Incident
It is a situation that occurs during the normal operation of a Computer System or Network, where an unexpected Event occurs, potentially causing harm to the System or Network. They can be either malicious or non-malicious in nature. Malicious incidents are often referred to as cyber attacks & are usually caused by individuals or criminal Organisations that are attempting to steal information from a Computer System or Network. Non-malicious incidents can be caused by human error, software errors, hardware failure, natural disasters & other unforeseen events.
Incremental backups
They are a type of backup that only backs up the data that's been changed since the last backup. They work by backing up only the files that have changed since the last time they were backed up. This means that, if you need to restore these files, it will be as easy as restoring the most recent incremental backup & then applying any additional changes to it. They are also good for data storage because they don't take up extra space on the hard drive when it is not needed. There is an option to choose which files needs to be backed up & only those will be stored in the incremental backup file.
Information Security
It is the practice of protecting information from unauthorized access and/or improper use. It encompasses a wide range of activities, including risk assessment, policy development, & the establishment of appropriate technical & operational safeguards. It can be applied to both computer systems & networks, as well as to physical documents in files & cabinets.
Ingress filtering
It is a security measure that protects a device or network against external attacks by filtering all incoming traffic. Incoming packets are checked to ensure they are legitimate & not part of an attack. This method is based on the assumption that most attacks will come from outside of the Organisation's Network, but some can also come from within. The goal is to prevent unauthorized access to an Organisation's Network by blocking traffic that does not originate from approved IP Addresses.
Input Validation
It is a process that checks the Input Data in order to prevent unwanted or unexpected content from being processed. Input validation is especially important when dealing with User-submitted data because it can never be sure what kind of information Users might try to send your program. It prevents malicious code from being executed by checking that the data received has no malicious commands or characters.
Integrity
It is the state of being whole, undivided, & uncompromised. It is a measure of how much an Entity's information has been changed or modified without the Entity's consent or knowledge. It refers to the protection of information from unauthorized alteration or modification. This usually means that any changes made to data are tracked & recorded in some way.
Internal Audit
It is the process of ensuring that an Organisation's systems, processes, & controls are working properly, & that they are in Compliance with all relevant laws & regulations. Internal Auditors are responsible for assessing the effectiveness of these systems, processes, & controls as well as any risks they may pose to the Organisation. Internal Audit is performed by an Internal Auditor who has been trained in this area.
Internet Protocol [IP]
It is the language of the Internet. It is a set of rules that computers use to communicate with each other. IP Addresses are the unique numbers assigned to each computer connected to the Internet. It is a protocol that defines how data is exchanged over a packet-switched network such as the internet. It is one of the core protocols of the Internet. Theys are used to identify hosts & subnets. Every device connected to the internet has an IP address, which is used for routing packets of information between devices.
Intrusion Detection System [IDS]
It is a software system or application that monitors network traffic to detect unauthorized access. It can be used for data security, as well as for detecting internal unauthorized access or malicious insiders. The main task of an IDS is to detect & alert on attacks, such as those coming from hackers or viruses. They are designed to detect malicious activity by analyzing the behavior of systems & networks. The most common types of IDSs include Network-based IDS, Host-based IDS, & Hybrid IDS.
Term Description
Jamming
It is defined as the intentional interference with communications signals, such as radio waves. It can be done by either transmitting noise or signals on the same frequency as a target transmitter, or by transmitting a signal that interferes with the operation of the target transmitter.
Jitter
It is the deviation of a signal from its ideal form. A high jitter level can result in degradation of the signal quality & performance, & therefore, it is important to minimize the amount of jitter that occurs within the system.
Jump Bag
It is a collection of tools & information that you can use to troubleshoot a problem. It's a kind of emergency kit for cyber security, & it's often used in the context of an Incident Response Team who might need to respond to a cyber attack.
Term Description
Kerberos
It is a Network Authentication Protocol that uses Symmetric Encryption to provide mutual Authentication between a Client & a Server. It is one of the core components of the Public Key Infrastructure [PKI], which allows users to securely access remote servers.
Kernel
It is the central core of a software program that manages the computer's resources. It allows for efficient & fast processing of data & programs by dividing them into tasks which can be executed concurrently.
Key
It is also known as a Cryptographic Key which is the secret value that is used to encrypt or decrypt data.
Key Escrow
It is a system that allows the holder of a Cryptographic Key to be able to recover it should they lose it or forget it. This is done by storing the key in a secure location, such as a bank vault or safety deposit box. The Key itself is not directly recoverable by anyone but the Holder. However, if the Holder loses their Key, they can request its return from the Escrow Agent.
Key Exchange
It is a method of communication that allows two parties to exchange Cryptographic Keys in a secure & authenticated manner.
Key Logger
It is a software that records the keystrokes of computer Users. It can record user actions such as Passwords, Credit Card Numbers & other confidential information.
Key Management System [KMS]
It is a system that manages Encryption Keys. It provides centralized management of the Cryptographic Keys & other related parameters used by the different cryptographic modules of a product or system. Each Cryptographic Module has its own unique set of Cryptographic Keys, which must be kept secret in order to protect the confidentiality & integrity of the information being protected by those Keys. It allows centralized management of those Keys, reducing the number of people who need to know them, while still providing flexible control over the use of those Keys.
Key Stretching
It is a process that can be used to improve the security of a Cryptographic Key. Key stretching involves applying a mathematical function to the Key in order to increase its length, making it more difficult for an attacker to guess the original value. The result is a longer Key that offers more security than would otherwise be provided by a shorter one.
KNOB Attack
It is a type of attack on the RDP Protocol. It stands for Keystroke-Recording Overlay Buffer [KNOB], & it allows an attacker to capture a User's keystrokes & store them in an overlay buffer. This can be used to steal Passwords, Private Keys, Credit Card Numbers, & other sensitive information.
Kubernetes
It is a Container Orchestration Platform that helps an individual manage Containers. It is designed to run on a distributed cluster of nodes & to make it easy to deploy, scale, & manage containerized applications.
Term Description
Least Privilege
It is a security principle that limits access to the minimum level of permissions & resources necessary to perform a task or job function.
Licensed Body
It is an Organisation that has been granted a license to provide a service or product, such as a software vendor.
Licensee
It is an Individual or Organisation that has been granted a license to use a product or service by the licensed body.
Link Encryption
It is a technique for encrypting data transmitted over a network connection to protect it from unauthorized access & tampering.
Local Area Network [LAN]
It is a computer network that connects devices within a limited geographical area.
Logic Bomb
It is a type of malicious software that triggers a harmful action when certain conditions are met.
Long-term Persistence
It is the ability of a threat actor to maintain access to a target over an extended period of time.
Term Description
MAC Address
It is a unique identifier assigned to a device's Network Interface Controller [NIC] by the manufacturer. It is used to identify the device on a network, & it cannot be changed by the User. The MAC address is also used to filter data packets based on the recipient's MAC address. It is a hexadecimal number & it is what helps a computer know where to send information to, & is used for both local & remote networks.
Macro Virus
They are computer viruses that run on Microsoft Office programs. They are written in Visual Basic for Applications [VBA], which is a programming language for Microsoft Office. They can spread through emails, documents, & files that contain Macros. When the Macro is opened, it will automatically run in the computer. This can cause serious damage to data & system files. They are usually bundled with other malware like Worms & Trojans to help them spread more quickly throughout a Network.
Malicious code
It is a software program (which can be either a Virus or a Worm) designed to cause damage to computer hardware, software, or data. It can infect computers through a variety of means, including email attachments, websites that host malicious code, or even USB drives.
Malware
It is a term used to describe malicious software, which is software designed to disrupt computer operations, gather sensitive information, or gain access to private computer systems. Malware can be attached to or embedded in files that Users download from the Internet & can also be hidden in websites or email attachments. It including Viruses, Worms, Trojan Horses, & Spyware. It is often used to steal information from a computer or network, or to cause damage to systems.
Man-in-The-Middle [MitM] Attack
It is a form of cyber attack that occurs when an attacker is able to intercept & manipulate network traffic. This can allow the attacker to steal information, alter the data, or insert false information into the transaction. These attacks work by placing the attacker between two communicating parties, who believe they are communicating directly with each other. The attacker then sits in between them & relays messages between them.
Mandatory Access Control [MAC]
It is a type of Security Policy that restricts the amount of access a subject has to an object based on the subject's clearance & classification. It does this by assigning each file a sensitivity label, which indicates what accesses are allowed for each User or Group of Users. For example, if an individual has a file that contains personal information about their customers, label "Private" may be assigned to it which indicates that only people with a clearance level of "High" or higher should be able to view it.
Masquerade Attack
It is a type of attack that disguises the identity of the attacker. It is used to mask the Sender's IP Address by using spoofed packets, which causes the target to think that the packet came from another computer or network. This allows the sender to hide their true identity & makes it difficult for security professionals to identify them. This attack is also a form of Social Engineering where the attacker attempts to disguise their identity, location, and/or intentions. An attacker may attempt to pose as someone else in order to gain information or resources. They may also attempt to disguise themselves as a different entity in order to achieve their goals.
MD5
MD5 is a hHsh Algorithm. It is used to verify the authenticity of data. A Hash Algorithm takes data & processes it through a mathematical formula that produces a unique value for each piece of data. This value can be used to determine whether the original data has been altered in any way. MD5 is a Cryptographic Hash Function which takes input data, & returns a 128-bit Message Digest. It's designed to be fast, but not very secure.
Media
It refers to any kind of physical device that can be used to store information. Examples include hard drives, CDs, flash drives & even paper documents. They can be encrypted or unencrypted & is often used as a way of protecting sensitive information.
Multi Factor Authentication [MFA]
It is a security measure that requires more than one piece of information to verify an individual's identity. It's typically used in conjunction with another form of authentication, like a password or PIN. The idea behind MFA is that even if someone steals an individual's password or PIN, they still won't be able to log in because they don't have access to the additional piece of information required for authentication. It can be something as simple as a one-time code sent via text message or email, or it can be something much more complicated like biometric verification (like scanning the individual's fingerprint).
Term Description
NAT
Network Address Translation [NAT]. It is a protocol that allows a single IP Address to be shared by multiple computers on a network. It works by assigning each computer on the network an internal IP address, then allowing them to share an external IP Address that is unique to the entire network.
Need-To-Know
It is a security practice that restricts access to information to the minimum required for the completion of a task. It has been used for many years in National Security, but it is also used by many Organisations as a way to ensure that only those people with a need for information are able to see it. The principle is based on the idea that only those who need to know specific information should be allowed access to it. This allows individuals & Organisations to keep sensitive information secure while still allowing those who need access do their jobs properly.
Netmask
It is also called a Network Mask which is a bit pattern used to identify the number of bits in an Internet Protocol [IP] Address that are used for the Network portion & the number of Bits in an IP Address that are used for the Host portion. The word "Netmask" is a portmanteau of "Network" & "Mask."
Network
It is is a group of devices that are connected by some kind of common communication medium. The devices can be anything from computers to phones to cars, & the medium can be any kind of physical connection, such as Ethernet cables or Wi-Fi signals.
Network Admission Control [NAC]
It, is a security framework that protects the network from traffic that can be harmful to the network. For example, this can include Malware & Viruses, but it can also include things like unauthorized access attempts.
Network Mapping
It is a process that helps an individual understand how a network is structured, who the key people are, & what their roles are. It can also help determine where the Organisation is lacking in resources or expertise. It's also a great way to make sure that everyone on the team understands where their responsibilities lie, so it is easy to delegate tasks & hold people accountable for reaching goals.
Network Sniffing
It is a technique that involves capturing network traffic in transit, & then decoding it to view its contents. This can be done by capturing the data at the hardware level, or by an intermediary device (such as a router) which captures the data before sending it out to the intended recipient.
Network Taps
They are a type of network device that is used to monitor or capture network traffic. They are typically installed between two devices in a network connection & allow the Operator to see all traffic passing through that point. This makes them useful for troubleshooting problems, analyzing traffic patterns, & detecting intrusions.
Non-repudiation
It is the process of ensuring that a message has been transmitted & received unaltered. Non-repudiation is necessary in cases where there is a need for accountability or proof of receipt, such as with digital purchases or communication between two parties. Non-repudiation requires at least two people: one to send the message & one to receive it. This can be done using Digital Signatures, which are unique codes used in Cryptography to verify a Sender's identity & ensure the integrity of a message.
Null Session
It is a type of attack that allows an attacker to access a remote computer without having to authenticate & is also known as Null Session Hack. The attacker can use Null Session to gain unauthorized access to a remote computer by exploiting the weaknesses in the security configuration of the remote system.
Term Description
OAuth
It is an Authorization Framework that provides secure delegated access to Consumer Data. It is a means of authenticating a User & allowing them to grant third-party access to their data, without sharing passwords or providing sensitive information to the third party.
Obfuscator
It is a tool that allows obfuscation of code while still maintaining accessibility. Obfuscation is the process of obscuring the functionality of code. Obfuscation makes it more difficult for reverse engineers to understand what the code does, but still allows the code to be executed by the same platform it was designed for.
Open Systems Interconnection [OSI]
This model is a conceptual framework for describing the functions required for communication between two endpoints, such as computers or other devices.
Open Systems Interconnection [OSI] Layers
It is a layered model that describes how data should be exchanged between computers and networks. It functions by breaking down information into separate elements and then reassembling them in the correct order. It is divided into seven layers: the Physical layer, the Data Link layer, the Network layer, the Transport layer, the Session layer, the Presentation layer, & the Application layer. Each layer has a specific set of responsibilities that it must carry out in order to operate correctly.
Operational Technology [OT]
It is a term used to describe the technology that supports day-to-day operations in an Organisation, from manufacturing to retail. It is also known as "Industrial Internet of Things" [IIoT], or simply "Industry 4.0."
Operations Security [OpSec]
It is a process for protecting information about a company's activities, location & other critical information from being discovered by an adversary. The term refers to the protection of information in operations, or intelligence data related to operational activities & the associated infrastructure. It does not apply to the protection of classified National Security information.
OS Discovery
It is an Open Source Discovery Tool for detecting & enumerating the Operating Systems running on a network. It uses a variety of methods to enumerate, including Pings, Hostname Lookups & Subnet Scans.
OSCP
OSCP stands for Offensive Security Certified Professional. It is a certification that you can get by passing the OSCP exam, which is an online course designed to teach you how to hack. The OSCP course is hosted on a website called "OffSec". The site offers other courses as well, including ones on Web Application Security & Network Penetration Testing.
Output Encoding
It is the process of converting a Binary File into human-readable text. This can be done on Command Line, or via a menu-driven interface.
Outside Threat
It is the most common form of threat to a company's security. It comes from outside sources & can include both physical threats (such as Employees stealing from the Company) & cyber threats (such as hackers breaking into a network).
Term Description
Packet
It is a unit of data that is transmitted over a network.
Packet filtering
It is a technique used by firewalls to control access to a network by examining & filtering incoming & outgoing network packets based on predetermined security rules.
Packet Sniffing
It is a act of intercepting & analyzing network traffic in order to gather information or detect malicious activity. This can be done through the use of a software tool known as Packet Sniffer.
Penetration Testing
It is a process of simulating an attack on a Computer System or Network in order to identify vulnerabilities & assess the effectiveness of security measures.
Phishing
It is a practice of tricking individuals into revealing Sensitive Information, such as passwords or credit card numbers, through the use of fake Websites or emails.
Physical security
These are measures taken to secure Physical Assets, such as Computers, Servers, & Network Equipment, from theft, damage, or unauthorized access.
Polymorphic malware
It is a malware that can change its code or signature to evade detection by security software.
Port
It is a communication Endpoint on a Computer that is used to transmit data over a Network.
Privacy
it is the state of being protected from unauthorized access to personal information or data.
Public Key Infrastructure [PKI]
It is a system for managing Digital Certificates & Public-Private Key Pairs, which is used to secure communication & data transfer over the Internet.
Term Description
Qaz
It is a Network Worm.
Quarantine
It is a technique used by firewalls to control access to a network by examining & filtering incoming & outgoing network packets based on predetermined security rules.
Term Description
Reconnaissance
It is the first phase of an attack, in which the hacker will attempt to gather information about a target. This information can range from identifying the Operating System & Softwares that are used by a particular target, to determining what kind of hardware is being used by their network. It can also include looking for User Accounts on the Network, as well as the location of any servers or other central hardware. The purpose is to gather as much information as possible about a target so that the hacker can plan their attack effectively.
Red Team
They are a group that simulates an attack to test the security of a System. They will try to circumvent any security measures that are in place, & they will also try to find weaknesses that can be exploited. They are usually made up of members who either have a lot of experience with cyber security or people who have no knowledge of it at all.
Remote Access
It is a method of accessing a Network or Computer from another location. It has been used for decades to help Employees work from home, but it has also become a common method for hackers to gain access to Private Networks & Systems.
Reverse Engineering
It is the process of taking apart a System & figuring out how it works. It can be done to find vulnerabilities that can be exploited by hackers, but it can also be used as a method of gaining access to proprietary or closed-source software.
Risk
It is the potential for a threat to occur & cause damage. In cyber security, it is the potential that the Company or Infrastructure will be breached by hackers, malware, or some other breach in security. It can be mitigated by using various levels of Encryption & Firewalls to protect against threats.
Risk Assessment
It is essentially a way of determining the likelihood that a breach will occur & what the potential consequences of that breach would be. It can be carried out on any kind of System, & they can involve any number of factors, including the importance of the Information contained in the system, how quickly it needs to be accessed, how many people have access to the System, & what kind of resources are available for dealing with breaches. Risk assessments are also useful for showing how much Risk is involved in each possible course of action when making decisions about security measures.
Root
It is a User Account with the highest level of permission on a computer system. A Local Root Account has full control over the System, including the ability to read any file & modify, delete, or create new files. A Remote Root Account can also be used to log into a remote computer & have complete control over it.
Root Cause Analysis [RCA]
It is a process that identifies the underlying causes of a problem, thereby increasing the likelihood of its resolution. In the context of cyber security, It can be used to identify & eliminate flaws within an Organisation's Cyber Security Infrastructure. The process involves identifying the symptoms, identifying the source of those symptoms (the root cause), & then eliminating that source.
Rootkit
These are malicious softwares designed to hide the presence of malware on a Computer. They typically enable an attacker to gain unauthorized access to a computer's Operating System, allow them to manage files, & perform other actions that are usually reserved for authorized Users.
Router
It is a device that connects one or more computer Networks. It routes traffic between networks, & therefore is where the term "router" comes from. They are often used to connect different types of network, such as Ethernet & Token Ring. These are often used to connect two or more networks via the Internet, but they can also be used for Private Networks.
Term Description
Secure Socket Layer [SSL]
It is a protocol that provides security for communications & data transactions on the web. It does this by using Public-Key Cryptography to authenticate communication partners & establish an encrypted link between Clients & Servers.
Secure Software Development Life Cycle [S-SDLC]
It is a software development process that is used to create secure software systems. This process consists of several stages, each of which addresses different aspects of security & software assurance. The S-SDLC process generally starts with requirements analysis, followed by design & implementation. During this stage, Developers should ensure that the System can be securely developed & deployed, as well as maintainable & manageable. The next step is to test the Application for vulnerabilities & reliability issues. After testing has been completed, the Application should be delivered to its Users safely in Production Environments.
Security Incident
It is an event that has a negative impact on the Confidentiality, Integrity, or Availability of a System. It may be caused by human error, malicious intent, or a combination of both. This may lead to the compromise of Sensitive Information and/or disruption to business operations.
Security Information and Event Management [SIEM]
It is a technology solution that provides real-time analysis of log data from Security Devices, Applications, Servers & more. It monitors & correlates Events across the entire IT Environment to identify suspicious activity as it occurs. It also provides actionable threat intelligence to help prioritize issues & respond quickly with remediation plans.
Security Policy
These are set of rules that determine how an Organisation will protect its Information Assets & the steps it will take to ensure the Confidentiality, Integrity, & Availability of those Assets. The purpose of a Security Policy is to establish a baseline for acceptable behavior & outline specific actions that Employees should take to protect both the Business & themselves from data breaches.
Security Posture
It is the way a company manages its security. It is a set of Policies & Procedures that guide how they approach security, & it is meant to protect their Information Resources. It includes things like how they manage their passwords, how they manage company devices (like laptops), who can access what data & for what purposes, etc. A Company that has a good security posture will help them make decisions about how to handle threats, vulnerabilities, & other risks to their Data.
Social Engineering
It is a type of hacking that relies on human interaction to gain access to Computer Systems, Information, & Networks. It is a subset of Social Engineering that involves tricking someone into revealing confidential information or performing actions they would not ordinarily perform.
Spam
It is a type of unsolicited email that a user receive without requesting it. It is often used to promote Products & Services, but can also be used for malicious purposes.
Spoofing
It is the act of falsifying network traffic in order to deceive a network or system. It is often used to make unauthorized transactions on Financial Markets.
Steganography
It is the practice of hiding information within digital images or other files, such as audio or video. The goal is to hide the existence & location of the hidden information from the person who does not have access to it.
Term Description
Threat
It is a potential danger or adverse situation that could result in harm to a system or network.
Threat Actor
They are individual or group that carries out cyber attacks or other malicious activity.
Threat Intelligence
It is the collection & analysis of Information about threats to an Organisation which are used to inform security decisions & strategies.
Tokenization
It is the process of replacing sensitive information with unique, non-sensitive tokens that can be used for authentication & authorization purposes.
Total Cost of Ownership [TCO]
It is a financial metric that measures the cost of a security solution over its entire lifespan, including acquisition, maintenance, & operation costs.
Traffic Analysis
It is the process of analyzing network traffic in order to identify patterns & anomalies that could indicate Security Threats.
Transmission Control Protocol/Internet Protocol [TCP/IP]
It is a Communication Protocol which is used to transmit data over the internet.
Transport Layer Security [TLS]
It is a Security Protocol that provides secure communication over the internet by encrypting data in transit.
Trojan
It is a type of malware that disguises itself as a legitimate application in order to gain access to a system.
Two-Factor Authentication [2FA]
It is an authentication process that requires two separate methods of authentication, such as a password & a security token.
Term Description
Unicast
It is a type of network communication in which a single message is sent to one destination. It differs from multicast, which sends a single message to multiple destinations, & broadcast, which sends a single message to all destinations.
Uniform Resource Identifier [URI]
It is a string of characters that identifies a resource on the Internet. The URI format is a sequence of terms separated by slashes, with each term representing a segment of the URI. The most common form of URI is the Uniform Resource Locator [URL], which is used to specify the location of files & other resources on the World Wide Web.
Uniform Resource Locator [URL]
It is the address of a resource on the Internet & is used to access the resource. The internet consists of many computers, each connected by a network. Each network has one or more servers that provide access to files. The server provides access to these files through URLs. This consists of a protocol name, such as http or ftp, & a domain name, such as www.example.com or ftp.example.com.
Unix
It is a family of multitasking, Multiuser Operating Systems that are used for a wide variety of Applications on computers ranging from Embedded Devices & Mobile Phones to Enterprise Servers & Mainframes. Among the many Unix-like Operating Systems, only a few are widely known & popular: Solaris, Linux, & BSD.
Unprotected share
It is a mechanism that permits a User to connect to File Systems and Printers on the same network.
User
This is a person who uses a computer or other device to interact with a System or Program. They are the people who interact with the Systems, including Employees & Customers.
User contingency plan
It is a set of instructions that helps a user to deal with a security breach. The goal is to minimize the damage caused by a breach, & to help them recover their system as quickly as possible.
User datagram protocol [UDP]
It is a Communication Protocol that is used to send data, such as voice or video, between two hosts on the Internet. Unlike TCP, it does not guarantee delivery of messages & does not retransmit lost packets. Instead of creating a virtual connection with an established, dedicated bandwidth, UDP sends information in packets. It also uses Port Nnumbers to identify which Applications are using the Network; this helps them to communicate with one another.
Term Description
Virtual Machine [VM]
It is a software implementation of a computer. It allows a User to run one or more Operating Systems on a single physical computer, even though the Operating Systems may be completely different from each other. These are often used for testing software or Operating Systems. They are also used to provide a Sandbox Environment for Applications that can't be installed directly on a User's computer because they are experimental or unstable.
Virtual Private Network [VPN]
It is a Private Network that uses the public internet to connect remote Users & Sites. It enables Users to send data across shared or Public Networks as if their computing devices were directly connected to the Private Network.
Virus
It is a type of malware that can infect a computer system & replicate itself. These are often spread through infected programs, email attachments, or by downloading files from the Internet. Viruses are often disguised as legitimate software updates or documents.
Voice firewall
It is a technology that prevents voice traffic from leaving or entering the network. It can be used to limit voice access to certain Users or groups of Users, & also to ensure that any voice data sent over the Internet is encrypted.
Vulnerability
It is a weakness in a system that can be exploited by an attacker to penetrate & gain control of the system. It may be caused by flaws in the design or implementation of a system, or it may be a consequence of its environment (for example, a flaw in the Operating System that allows an attacker to bypass authentication).
Term Description
Web Application Firewall [WAF]
It is a form of cyber-attack that uses a previously unknown vulnerability. In other words, it is an attack that exploits a security flaw before the programmer of the software has had time to issue a patch or fix. This can happen when hackers find a flaw in a program or system & use it to gain access to a computer or other devices.
Web Crawling
It is a technique used to gather information from websites. It can be used for searching, indexing, or data mining. It is generally automated & involves collecting information from other sites over the internet. The term web crawling refers to the process of retrieving pages from the World Wide Web [WWW].
Web of trust
It is a decentralized Peer-to-Peer Network that allows Users to determine the trustworthiness of other Users on the Network. This is accomplished by assigning a rating to each User that they can then use to determine whether or not they want to interact with them.
Web Server Security
It is the process of protecting a Web Server from unwanted intrusion & access, particularly by malicious Users. This is done by creating firewalls, implementing secure protocols, & other means. A secure Web Server prevents Users from accessing unauthorized information, such as private data or confidential information
Website Footprinting
It is the process of gathering information about a website's location, structure & other technical details. This information can be used to identify possible security weaknesses & aid in the process of conducting a more thorough penetration test against that site.
Whaling
It is a form of phishing that targets Executives, usually those in charge of procurement or financial departments. The goal is to trick the Executive into sending money to the attacker.
White Box Testing
It is a security testing method that examines the software from the perspective of its internal structure & workings, including the code & design documents. This approach differs from Black Box Testing, which focuses on the software's functionality rather than its internal structure.
Whois
It is the database of Internet Domain Names & associated information. It is a tool used to determine ownership & other information about a registered Domain Name.
Worm
They are a type of malware that spread from computer to computer via the internet. They are different from viruses because they do not require an infected file or program, & can therefore travel without being attached to other files. These often infect computers by exploiting security vulnerabilities in software or Operating Systems.
Term Description
X.25
It is an outdated networking standard used to provide data communication services over public data networks.
X.509 Certificate
It is a Digital Certificate used to verify the identity of a website or an individual, & to encrypt communication between parties.
XACML
eXtensible Access Control Markup Language [XACML] is an XML-based language used to describe access control policies for Web Services & Applications.
XML
Extensible Markup Language [XML] is a Markup Language used to encode data in a format that can be read & processed by computers.
XOR
Exclusive Or [XOR] is a logical operation that returns true if only one of its inputs is true, & false otherwise.
XOR Cipher
It is a Symmetric Encryption algorithm that uses the XOR operation to encrypt & decrypt data.
XOR-Encryption
It is a Symmetric Encryption technique that uses the XOR operation to encrypt & decrypt data, often used in Malware or Rootkits.
XPath
XML Path Language [XPath] is a language used to navigate & extract data from XML Documents.
XSRF
Cross-Site Request Forgery [XSRF] is a type of security vulnerability that allows attackers to trick a User into performing actions on a Website, such as making a purchase or changing their password, without their knowledge.
XSS
Cross Site Scripting [XSS] is a type of security vulnerability that allows attackers to inject malicious code into a web page viewed by other Users.
Term Description
Y2K
It refers to the potential for computer systems to be unable to distinguish between dates prior to & after the year 2000. This can cause problems with certain computer systems that use the two digits to store a single year.
YAK
It is a Ruby Cryptography Library that provides a simple API for common cryptographic tasks. It is built on top of OpenSSL, which makes it easy to access the full power of the underlying Library in a way that's understandable & well-documented.
Term Description
Zero Day
It is a vulnerability that is not known to the developer or vendor of the software. A Zero Day Exploit refers to a piece of software that takes advantage of this vulnerability. It can be used by Cyber Criminals or Government Agencies to gain access to computers or networks without having been detected by security measures.
Zero Day Attack
It is a form of cyber-attack that uses a previously unknown vulnerability. In other words, it is an attack that exploits a security flaw before the programmer of the software has had time to issue a patch or fix. This can happen when hackers find a flaw in a program or system & use it to gain access to a computer or other devices.
Zombies
It is a computer that has been infected with malware & is controlled remotely without the Owner's knowledge. It can be used to send spam emails, launch denial-of-service attacks, or host malicious software that steals sensitive data from other Computers.