Tech Glossary

accounting The ability that provides tracking of events.

authentication The steps that ensure that the individual is who they claim to be.

authorization The act of ensuring that an individual or element is genuine.

broker Attacker who sells knowledge of a vulnerability to other attackers or governments.

BYOD (bring your own device) The practice of allowing users to use their own personal devices to connect to an organizational network.

confidentiality Security actions that ensure only authorized parties can view the information.

cybercrime Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information.

cybercriminals A network of attackers, identity thieves, spammers, and financial fraudsters.

cyberterrorism A premeditated, politically motivated attack against information, computer systems, computer programs, and data that results in violence.

cyberterrorist Attacker whose motivation may be defined as ideology, or attacking for the sake of their principles or beliefs.

exploit kit Automated attack package that can be used without an advanced knowledge of computers.

Gramm-Leach-Bliley Act (GLBA) A law that requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.

hactivist Attacker who attacks for ideological reasons that are generally not as well-defined as a cyberterrorist's motivation.

Health Insurance Portability and Accountability Act (HIPAA) A law designed to guard protected health information and implement policies and procedures to safeguard it.

identity theft Stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain.

insiders Employees, contractors, and business partners who can be responsible for an attack.

integrity Security actions that ensure that the information is correct and no unauthorized person or malicious software has altered the data.

mitigation Addressing a risk by making it less serious.

Sarbanes-Oxley Act (Sarbox) A law designed to fight corporate corruption.

script kiddie An individual who lacks the advanced knowledge of computers and networks and so uses downloaded automated attack software to attack information systems.

state-sponsored attacker Attacker commissioned by governments to attack enemies' information systems.

threat A type of action that has the potential to cause harm.

threat agent A person or element that has the power to carry out a threat.

vulnerability A flaw or weakness that allows a threat agent to bypass security.

adware A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

backdoor Software code that gives access to a program or a service that circumvents normal security protections.

botnet A logical computer network of zombies under the control of an attacker.

computer virus (virus) A malicious computer code that, like its biological counterpart, reproduces itself on the same computer.

hoax A false warning.

impersonation An attack that creates a fictitious character and then plays out the role of that person on a victim.

keylogger Captures and stores each keystroke that a user types on the computer's keyboard.

logic bomb Computer code that lies dormant until it is triggered by a specific logical event.

macro A series of instructions that can be grouped together as a single command, often used to automate a complex set of tasks or a repeated series of tasks.

macro virus A computer virus that is written in a script known as a macro.

malware Software that enters a computer system without the user's knowledge or consent and then performs an unwanted—and usually harmful—action.

phishing Sending an e-mail or displaying a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information.

program virus A computer virus that infects executable program files.

ransomware Malware that prevents a user's device from properly operating until a fee is paid.

rootkit A set of software tools used by an attacker to hide the actions or presence of other types of malicious software.

social engineering A means of gathering information for an attack by relying on the weaknesses of individuals.

spam Unsolicited e-mail.

spear phishing A phishing attack that targets only specific users.

spim A variation of spam, which targets instant messaging users instead of e-mail users.

spyware A general term used to describe software that spies on users by gathering information without consent, thus violating their privacy.

Trojan horse (Trojan) An executable program advertised as performing one activity, but actually does something else (or it may perform both the advertised and malicious activities).

vishing A phishing attack that uses a telephone call instead of using e-mail.

worm A malicious program designed to take advantage of a vulnerability in an application or an operating system in order to enter a computer and then self-replicate to other computers.

zombie An infected computer that is under the remote control of an attacker.

ActiveX A set of rules for how applications under the Microsoft Windows operating system should share information.

Address Resolution Protocol (ARP) Part of the TCP/IP protocol for determining the MAC address based on the IP address.

arbitrary/remote code execution An attack that allows an attacker to run programs and execute commands on a different computer.

ARP poisoning An attack that corrupts the ARP cache.

buffer overflow An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

client-side attack An attack that targets vulnerabilities in client applications that interact with a compromised server or processes malicious data.

cookie A file on a local computer in which a server stores user-specific information.

denial of service (DoS) An attack that attempts to prevent a system from performing its normal functions.

distributed denial of service (DDoS) An attack that uses multiple zombie computers (even hundreds or thousands) in a botnet to flood a device with requests.

DNS poisoning An attack that substitutes DNS addresses so that the computer is automatically redirected to another device.

Domain Name System (DNS) A hierarchical name system for matching computer names and numbers.

man-in-the-middle An attack that intercepts legitimate communication and forges a fictitious response to the sender.

ping A utility that sends an ICMP echo request message to a host.

ping flood An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets.

privilege escalation An attack that exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining.

smurf attack An attack that broadcasts a ping request to all computers on the network yet changes the address from which the request came to that of the target.

spoofing Impersonating another computer or device.

SYN flood attack An attack that takes advantage of the procedures for initiating a TCP session.

zero day attack Attack that exploits previously unknown vulnerabilities, so victims have no time (zero days) to prepare or defend against the attacks.

antispyware Software that helps prevent computers from becoming infected by different types of spyware.

antivirus (AV) Software that can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus.

Bayesian filtering Spam filtering software that analyzes the contents of every word in an email and determines how frequently a word occurs in order to determine if it is spam.

Big Data A collection of data sets so large and complex that it becomes difficult to process using on-hand database management tools or traditional data processing applications.

blacklist Permitting everything unless it appears on the list; a list of nonapproved senders.

data loss prevention (DLP) A system that can identify critical data, monitor how it is being accessed, and protect it from unauthorized users.

firewall Hardware or software that is designed to prevent malicious packets from entering or leaving computers. Also called packet filter.

fuzz testing (fuzzing) A software testing technique that deliberately provides invalid, unexpected, or random data as inputs to a computer program.

host-based application firewall A firewall that runs as a program on a local system to protect it against attacks.

hotfix Software that addresses a specific customer situation and often may not be distributed outside that customer's organization.

log A record of events that occur.

mainframe A very large computing system that has significant processing capabilities.

OS hardening Tightening security during the design and coding of the OS.

packet filter Hardware or software that is designed to prevent malicious packets from entering or leaving computers. Also called firewall.

patch A general software security update intended to cover vulnerabilities that have been discovered.

pop-up blocker Either a program or a feature incorporated within a browser that stops pop-up advertisements from appearing.

service pack Software that is a cumulative package of all security updates plus additional features.

static environment Devices in which additional hardware cannot easily be added or attached.

whitelist Permitting nothing unless it appears on the list.

Cloudflare offers ddos solutions to major corporations. When their services aren't being used then the general public can use their beefed up dns server.

Pi hole allows you to setup your own private dns server which can filter what content comes into the network.

OSI Model - Open Systems Interconnection is a network protocol framework that uses 7 layers.

The 7 layers define the different stages that data must go through to travel from one device to another over a network.