fbpx
Lesson 1, Topic 1
In Progress

Glossary

Caroline October 13, 2024

Cybersecurity Terminologies & Concepts Terms

  • Attack Vector
    An attack vector is a path or method used by attackers to gain access to a system or network. Email attachments or phishing links can be attack vectors for spreading malware by hackers.
  • CIA Triad
    The CIA Triad is a model for managing information security that focuses on three main principles: Confidentiality (C), Integrity(I), and Availability(A). It involves ensuring that only authorised users can access data (Confidentiality), verifying that data remains accurate and unaltered (Integrity), and making sure data is accessible when needed (Availability).
  • Cybersecurity
    The practice of protecting computers, servers, networks, and data from digital attacks, theft, and damage. For example, using antivirus software and firewalls helps protect your computer from hackers.
  • Digital Forensics
    Investigation and analysis of digital devices and data to uncover evidence of cybercrimes. Key aspects of digital forensics include collecting digital evidence while preserving its integrity, analysing the data to uncover useful information or unauthorised activities, and presenting the findings clearly for legal or organisational use.
  • DDoS Attack
    A Distributed Denial of Service (DDoS) attack is a type of cyber-attack that overwhelms a website or server with traffic from multiple sources, rendering it unavailable.
  • Encryption
    Encryption is the process of converting data into a code to prevent unauthorised access.
  • Firewall
    A network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
  • Hackers
    Individuals who gain unauthorised access to systems or networks, often to exploit or manipulate them.
  • Hacktivist
    A hacktivist is someone who uses hacking to promote political or social causes. The hacker group called Anonymous, which has conducted various cyberattacks against governments, is a good example.
  • Information Security
    The broader field of protecting all forms of information (digital and physical) from unauthorised access, use, disclosure, disruption, modification, or destruction.
  • Insider Treats
    Risks posed by people within an organisation, such as employees or contractors, who may misuse their access to harm the organisation. For example, an employee leaking confidential company data to a competitor.
  • Malware
    Malicious software, or malware, is designed to harm or exploit devices and networks. Typical examples of malware include viruses, worms, and trojans, which can damage files or steal data.
  • Malware Analysis
    Process of examining malicious software to understand its behaviour and find ways to remove or prevent it. The two major types of malware analysis are Static Analysis and Dynamic Analysis. Static analysis involves examining the malware without actually executing it. This is done by analysing the code, file structure, and other attributes to understand how the malware works. Dynamic analysis involves running the malware in a controlled environment (such as a sandbox) to observe its behaviour and interactions with the system.
  • Man-in-The-Middle Attack
    An attack where an attacker secretly intercepts and potentially alters the communication between two parties.
  • Multi-factor Authentication
    A security process that requires two or more forms of verification before granting access to an account or system. For example, logging into an email account using a password and then confirming access through a code sent to your phone.
  • Penetration Testing
    The practice of testing a system or network for vulnerabilities by simulating an attack. It involves a security expert attempting to breach your company’s systems to identify weaknesses before they can be exploited by hackers.
  • Phishing
    Technique where attackers trick individuals into providing sensitive information, such as passwords, often through fake emails or websites.
  • Ransomware
    A type of malware that encrypts a user’s data and demands payment (ransom) to restore access. For example, Cryptolocker encrypts files on your computer and demands payment in cryptocurrency to unlock them.
  • Security Patches
    Updates released by software developers to fix vulnerabilities or bugs.
  • Social Engineering
    Manipulating people into divulging confidential information or performing actions that compromise security. For example, pretending to be IT support to trick someone into giving their password.
  • Threat Actor
    An individual or group that poses a potential threat to the security of information or systems. For example, a hacker trying to breach a company’s network.
  • Zero-day Exploit
    An attack that takes advantage of a previously unknown vulnerability in software, which has not yet been patched. For example, a hacker exploiting a new software flaw before the software developers release a fix.

Quick Links

Terms and Conditions
Privacy Policy

Linkedin-in
Instagram
Twitter
Youtube
Lateral Connect

© 2024 – Lateral Connect

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • Mention this member in posts
  • Invite this member to groups
  • Message this member

Please allow a few minutes for this process to complete.

Report

You have already reported this .