A-Z Cyber Security Terminology

Photo by Mimi Thian on Unsplash

These are the basic Cybersecurity terminologies every one should be aware of.

A

• Attack — attempt to avoid security services
• Adware — Adware refers to any piece of software or application that displays advertisements on your computer.
• Authentication — Authentication is a process that ensures and confirms a user’s identity.
• Anti-Virus Software — Anti-virus software is a computer program used to prevent, detect, and remove malware and virus.
• Advanced Persistent Threat (APT) — An advanced persistent threat is an attack in which an unauthorized user gains access to a system or network without being detected.

B

• Back door — A backdoor is a hidden method of bypassing security to gain access to a computer system without the user knowing it.
• Baiting — Online baiting involves enticing a victim with an incentive.
• Black hat — Black hat hacker refers to a hacker that violates computer security for personal gain or malice.
• Bug — A bug refers to an error, fault or flaw in a computer program that may cause it to unexpectedly quit or behave in an unintended manner.
• Brute Force Attack — Brute force attack is an activity which involves repetitive successive attempts of trying various password combinations to break into any website.
• Botnet — A botnet is a collection of devices, which may include PCs, servers and mobile devices, that are infected and controlled by a common type of malware.

C

• Cookie — Cookies are small files which are stored on a user’s computer. Cookies provide a way for the website to recognize you and keep track of your preferences.
• Clickjacking — Clickjacking, also known as a UI redress attack, is a common hacking technique in which an attacker creates an invisible page or an HTML element that overlays the legitimate page.
• Cracker — The proper term to refer to an unauthorized attacker of computers, networks and technology instead of the term “hacker.”
• CVE (Common Vulnerabilities and Exposures) — An online database of attacks, exploits and compromises operated by the MITRE organization for the benefit of the public. It includes any and all attacks and abuses known for any type of computer system or software product. Often, new attacks and exploits are documented in a CVE long before a vendor admits to the issue or releases an update or patch to resolve the concern.
• Cyber Warfare— Cyber warfare typically refers to cyber-attacks perpetrated by one nation-state against another.

D

• Data Breach— A data breach is a confirmed incident where information has been stolen or taken from a system without the knowledge or authorization of the system’s owner.
• DoS attack — A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
• Decryption — Decryption is a process that transforms encrypted information into its original format.

E

• Exploit — A malicious application or script that can be used to take advantage of a computer’s vulnerability.
• Encryption — Encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext.

F

• Firewall —A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

H

• Honeypot — A decoy system or network that serves to attract potential attackers. It is a false system that is configured to look and function as a production system.
• Hacking — Hacking refers to an unauthorized intrusion into a computer or a network.

I

• IP Address — An IP address is an identifying number for a piece of network hardware. Having an IP address allows a device to communicate with other devices over an IP-based network like the internet.
• Identity theft — Identity theft is a crime in which someone uses personally identifiable information in order to impersonate someone else.

K

• Keystroke logger — A keystroke logger is software that tracks or logs the keys struck on your keyboard.

L

• LAN (Local Area Network) — An interconnection of devices (i.e., a network) that is contained within a limited geographic area (typically a single building).

M

• Malware— Malware is shorthand for malicious software and is designed to cause damage to a computer, server, or computer network.
• Multi-Factor Authentication— Multi-Factor Authentication (MFA) provides a method to verify a user’s identity by requiring them to provide more than one piece of identifying information.

P

• Phishing — Phishing is a method of trying to gather personal information using deceptive e-mails and websites.
• Packet Sniffer — Software designed to monitor and record network traffic.
• Patch — a regular system update that is designed to cover security blunders that have been discovered.
• Proxy Server — A proxy server is another computer system which serves as a hub through which internet requests are processed.
• Pen Testing — Pentesting, also known as penetration testing in web, mobile, or API or network to check its security. The objective is to penetrate the application or network security defenses by looking for vulnerabilities.

R

• Rootkit — Rootkits are a type of malware designed to remain hidden on your computer.
• Ransomware — A type of malicious software designed to block access to a computer system until a sum of money is paid.

S

• Scam — A scam is a term used to describe any fraudulent business or scheme that takes money or other goods from an unsuspecting person.
• Spam — Spam is slang commonly used to describe junk e-mail on the Internet.
• Smishing — Smishing is any kind of phishing that involves a text message.
• Spoof (spoofing) — The act of falsifying the identity of the source of a communication or interaction. It is possible to spoof IP address, MAC address and email address.
• Social engineering — An attack focusing on people rather than technology, is the art of manipulating people, so they give up confidential information.
• Spyware — Spyware is a type of software that installs itself on a device and secretly monitors a victim’s online activity.

T

• Two-Factor Authentication — Two-factor authentication (2FA), often referred to as two-step verification, is a security process in which the user provides two authentication factors to verify they are who they say they are.
• Tailgating — Tailgating involves someone who lacks the proper authentication following an employee into a restricted area.
• Traffic — Web traffic is the amount of data sent and received by visitors to a website.
• Trojan — A Trojan is also known as Trojan horse. It is a type of malicious software developed by hackers to disguise as legitimate software to gain access to target users’ systems.

V

• VPN (Virtual Private Network) — A virtual private network gives you online privacy and anonymity by creating a private network from a public Internet connection. VPNs mask your Internet protocol (IP) address, so your online actions are virtually untraceable.
• Vulnerability — A vulnerability refers to a flaw in a system that can leave it open to attack.
• Virus — A computer virus is a malicious software program loaded onto a user’s computer without the user’s knowledge and performs malicious actions.

W

• Worm — A computer worm is a malware computer program that replicates itself in order to spread to other computers.
• Whaling — Whaling is a specific form of phishing that’s targeted at high-profile business executives and managers.
• White hat — White hat hackers perform penetration testing, test in-place security systems and perform vulnerability assessments for companies.

Z

• Zombie — A term related to the malicious concept of a botnet. The term zombie can be used to refer to the system that is host to the malware agent of the botnet, or to the malware agent itself.
• Zero-Day — Zero-Day refers to a recently discovered vulnerability that hackers can use to attack systems.

Thanks for reading!

I hope you got to learn something new.

If you liked it, please give it a clap and follow me for more blogs on cybersecurity related stuff!

If there is anything more to be added, please feel free to reach out and let me know at chittuluri19@gmail.com.