Media Access Control (MAC) Address
A Media Access Control (MAC) Address is a hardware identification number that is uniquely assigned to each device on a network. The MAC address is manufactured into every network card, …
Lightweight Directory Access Protocol (LDAP)
A Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. The networks …
Zero Day Vulnerabilities
A Zero Day Vulnerability is a security flaw that is unknown to the software vendor or the business it is found in and there isn’t a patch released yet for …
Responsible Disclosure
Responsible Disclosure refers to the best practice followed by most security researchers of not disclosing a critical vulnerability in a software product until a vendor patch or fix has been …
Revenge Porn
Revenge Porn is sexually explicit images or videos of a person posted online without that person’s consent especially as a form of revenge or harassment. Revenge Porn is typically seen …
Privileged User
A Privileged User is a user of a computer who is authorized to bypass normal access control mechanisms, usually to be able to perform system management functions. Cybersecurity governance policies …
Command and Control (C&C) Server
A Command and Control (C&C) Server is a computer being controlled remotely by a cyber criminal that is used as a command center to send commands to systems that have …
Honeypot
A Honeypot in cybersecurity refers to a strategy used to catch cyber criminals in the act of trying to exploit a vulnerability and compromise a company. A honeypot can be …
Computer Emergency Response Team (CERT)
A Computer Emergency Response Team (CERT) is a group of security experts who respond to cybersecurity incidents. These teams work on many unique cybersecurity incidents involving malware, viruses, and cyber …
Internet Message Access Protocol (IMAP)
Internet Message Access Protocol (IMAP) is a standard email protocol, first widely deployed in the 1980s, that stores email messages on a mail server, but allows the end user to …
Transport Layer Security (TLS)
Transport Layer Security (TLS) is a security protocol made for privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between …
Information Dissemination
Dissemination of Information refers to the distributing of a company’s or customer specific information to the public, whether through printed or electronic documents, or other forms of media. “Dissemination of information” …
Information Resources Management (IRM)
Information Resources Management (IRM) is the planning, budgeting, organizing, directing, training, and control associated with an organization’s information. The term encompasses both information itself and the related resources, such as personnel, …
Packet Sniffing
Packet Sniffing is the practice of gathering, collecting, and logging the packets that pass through a computer network, regardless of how the packet is addressed. In this way, every packet …
Network Based Intrusion Detection System (NIDS)
A Network Based Intrusion Detection System (NIDS), or Network Based IDS, is security hardware that is placed strategically to monitor critical network traffic. Traditional Network Based IDS analyzes passing network …
Backdoor
A Backdoor in the world of cybersecurity refers to the strategy used to get around normal security measures and gain privileged user access on a computer system, network, or software …
SQL Slammer Virus
The SQL Slammer Virus, also known as the Sapphire Virus, is malware in the form of a worm that caused a Denial of Service on many internet hosts in 2003, and …
Morris Worm
The Morris Worm goes down in history as the first worm in existence. This self repeating computer program that was written by Robert Tappan Morris, a student at Cornell University, …
Stuxnet
Stuxnet is a computer worm that was uncovered in 2010, which many people believe was in development since at least 2005. Stuxnet was targeting supervisory control and data acquisition (SCADA) …
Crypto-Mining or Cryptojacking
Crypto-Mining, also known as Cryptocurrency Mining, is a process in which transactions of various forms of cryptocurrency are verified and added to the blockchain digital ledger. Each time a cryptocurrency transaction …
Brute Force Attack
A Brute Force Attack is a strategy used by hackers trying to break into your data, password, or network. In this attack a computer, or its Graphics Processing Unit (GPU) will …
Zombie
A zombie is the term for a computer that is infected and being used remotely by a bot. A bot, short for “robot”, is a type of software application or …
Secure Shell (SSH)
Secure Shell (SSH) is a cryptographic network communications protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network …
Password Cracking
Password Cracking refers to the various methods hackers use to learn exactly what password you use to protect one of your computer accounts. This can be accomplished by recovering passwords …
Reverse Engineering
Reverse Engineering occurs when you take a finished product and working backwards to determine how it was constructed or engineered. By breaking a product or piece of software down into …
Melissa Virus
The Melissa Virus is malware that was was deployed in late March of 1999. A programmer by the name of David Lee Smith took over an America Online (AOL) account …
Reverse Intent
Reverse Intent the name given to a common hacker technique of flip-flopping a piece of security knowledge to identify a potential weakness. For example, identifying the version of Bind running …
Separation of Duties
Separation of Duties involves dividing roles and responsibilities to minimize the risk of a single individual subverting a system or critical process without detection. The classic example used in Separation of …
General (Public) Information
General Information, also known as Public information, is data that is commonly found in marketing campaigns, emails, and print media and generally requires less protection of its confidentiality and availability …
Intellectual Property
Intellectual Property (IP) refers to the ownership of a specific idea, design, manuscript, etc. by the person or company who created it. Intellectual property may give the person or company …
Swatting
Swatting is a cyber harassment tactic where the attacker deceives emergency response personnel such as the police by reporting an active shooter or hostage situation at a targeted person’s home …
ILOVEYOU Virus
The ILOVEYOU Virus, also known as, the Love Bug, is a computer worm that infected over 10 million Windows computers in May of 2000. The virus was an email that …
Mandatory Access Controls (MAC)
Mandatory Controls, also known as Mandatory Access Controls (MAC), are a type of access control that restricts the user’s ability to access certain restricted data or to perform restricted actions. …
Discretionary Access Controls (DAC)
Discretionary Access Controls, also known as DAC, are types of cybersecurity measures that allow or restrict access based upon the discretion of the file or resource owner. For example, if …
Sensitive (Restricted) Information
Sensitive (or restricted) Information is data from a company or organization that is generally not regulated but that requires very important protections of its confidentiality, integrity and availability. Examples of sensitive …
Critical (Confidential) Information
Critical (or Confidential) Information at a Small to Medium-sized Business (SMB) is most easily understood to be regulated data such PCI, HIPAA, NPPI, CCPA, GDPR. Additionally, some unregulated data such …
Facial Recognition
Facial Recognition is an increasingly effective and popular technology capable of identifying a person’s identity from a digital image or video frame. Facial Recognition works by matching facial features from …
User Datagram Protocol (UDP)
User Datagram Protocol (UDP) is an alternative communications protocol to Transmission Control Protocol (TCP), used primarily for starting low-latency and loss-tolerating connections between applications and the internet. UDP is also …
Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP) is a special type of packet used for inter-device communication, carrying everything from redirect instructions to timestamps for synchronization between devices. ICMP is an error-reporting protocol …
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a standard that defines how to establish and maintain a network conversation through which programs can exchange information or data. TCP works with the Internet Protocol …
DNS Reflection and Amplification Attacks
A DNS Reflection Attack, also known as a DNS Amplification Attack, is a form of a Distributed Denial of Service (DDoS) attack. In this attack, hackers use open DNS servers …
Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) is software commonly used by customer support representatives to remotely take over full control of a customer’s desktop and fix the issues on their computer. Issues …
False Flag
A False Flag is the pretending to be one hacking entity when you are in fact another. False flag operations make investigations significantly more difficult. They are commonly used by …
SIM Swapping
SIM Swapping is a term used when hackers steal a victims phone number and port or switch that number to a different SIM card in a different cell phone in …
Attribution
Attribution in the cybersecurity world refers to the process of tracking, identifying and placing blame on the hacker (perpetrator) or organization behind an attack. Following an attack, an organization should …
3-2-1 Backup Method
The 3-2-1 Backup Method refers to the “3-2-1 Rule” when backing up information from your computer. This is how security professionals recommend you backup your data: 3 copies of our …
Off Boarding Process
An Off Boarding Process refers to the process an organization follows to deprovision access from a departing employee. Most companies have a process they follow when an employee leaves the …
Two-Factor Authentication
Two-Factor Authentication (2FA) is the use of two of the following three identification factors: Something you know – Most often a password for your account. Something you have – Such …
Root Cause Analysis
A root cause seeks to examine all the potential causes for a major incident at a business and select the root cause from them. Then it seeks to propose mitigating controls to prevent the root cause from recurring.
Identification
Identification refers to the first step in the incident response process where an organization determines whether they have been breached or not. Security professionals will seek indicators of compromise while …
