Identity and Access Management
Identity and Access Management (IAM) are the methods and processes used to manage subjects and their authentication and authorizations to access specific objects. What Does This Mean For An SMB? …
A Cyber Library of 300+ Cybersecurity Terms.
Identity and Access Management (IAM) are the methods and processes used to manage subjects and their authentication and authorizations to access specific objects. What Does This Mean For An SMB? …
Cybersecurity is the activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use …
Incident Management is the management and coordination of activities associated with an actual or potential occurrence of an event that may result in adverse consequences to information or information systems. …
An Incident Response Plan is a set of predetermined and documented procedures to detect and respond to a cyber incident. This is the actual procedure carried out if there is …
Information Assurance are the measures that protect and defend information and information systems by ensuring their availability, integrity, and confidentiality. What Should My SMB Do? If you own a business, …
Information Assurance Compliance in cybersecurity work is where a person: Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new IT systems meet the organization’s …
Information Sharing is an exchange of data, information, and/or knowledge to manage risks or respond to incidents. This is commonly done when there has been a breach in technology that …
Information System Resilience is the ability of an information system to: (1) continue to operate under adverse conditions or stress, even if in a degraded or debilitated state, while maintaining …
Information Systems Security Operations in cybersecurity work is where a person: Oversees the information assurance program of an information system in or outside the network environment; may include procurement duties (e.g., …
Interoperability is the ability of two or more systems or components to exchange information and to use the information that has been exchanged. What Does This Mean For An SMB? …
Network-based Intrusion Prevention Services (aka NIPS) is a preemptive approach to network security used to identify potential threats and respond to them swiftly. Like network intrusion detection systems (NIDS), Network-based Intrusion Prevention System (NIPS) monitors …
Intrusion Detection is the process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred. What Does This Mean …
Information Technology (IT) is any equipment or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information. What Does This Mean For My SMB? SMBs …
Information and Communication(s) Technology (ICT) is any information technology, equipment, or interconnected system or subsystem of equipment that processes, transmits, receives, or interchanges data or information. What Does This Mean …
Machine Learning and Evolution is a field concerned with designing and developing artificial intelligence algorithms for automated knowledge discovery and innovation by information systems. What Does This Mean For An …
A Moving Target Defense (MTD) is the presentation of a dynamic attack surface, increasing an adversary’s work factor necessary to probe, attack, or maintain a presence in a cyber target. …
Network Services in cybersecurity work is where a person installs, configures, tests, operates, maintains, and manages networks and their firewalls, including hardware (e.g., hubs, bridges, switches, multiplexers, routers, cables, proxy servers, …
Network Resilience is the ability of a network to: (1) provide continuous operation (i.e., highly resistant to disruption and able to operate in a degraded mode if damaged); (2) recover …
Secure your business with CyberHoot Today!!! Sign Up Now An Electronic Signature, also known as an eSignature, is an efficient, legally binding way to get approval on electronic documents. Secure …
Authenticity is a property achieved through cryptographic methods of being genuine and being able to be verified and trusted, resulting in confidence in the validity of a transmission, information or …
Non-Repudiation is a property achieved through cryptographic methods to protect against an individual or entity falsely denying having performed a particular action related to data. This provides the capability to …
Operate & Maintain refers to activities providing the support, administration, and maintenance necessary to ensure effective and efficient IT system operation, performance and security. What Should My SMB Do? If …
Operations Technology is the programmable systems or devices that interact with physical environments (or manage devices that interact with the physical environment). These systems/devices detect or cause a direct change …
Secure your business with CyberHoot Today!!! Sign Up Now Malicious Code is harmful computer code or web script designed to create system vulnerabilities leading to backdoors, security breaches, information/data theft, …
An Insider Threat is a person or group of persons within an organization who pose a potential risk of harm to a company. That harm can be in the form …
An Outsider Threat is a person or group of persons external to an organization who are not authorized to access its assets and pose a potential risk to the organization …
Oversight & Development is a category consisting of specialty areas providing leadership, management, direction, and/or development and advocacy so that all individuals and the organization may effectively conduct cybersecurity work. …
An Active Attack is a network exploit where hackers strive to change or exfiltrate data on the target’s network or device. There are several different types of active attacks or …
A Passive Attack is an actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system, but does not attempt to …
Availability is one of three security terms in the trifecta of data protection. The other two being Integrity and confidentiality.
Confidentiality is one of three critical data protections in cybersecurity. The other two are Integrity and Availability. (see links below for those Cybrary pages). Confidentiality seeks to ensure that information …
Social Engineering in the context of cyber security, is when one uses psychological manipulation to have people perform specific actions or to give out confidential information. This differs from the …
An Attack Signature is an arrangement of information that can be used to identify an attacker or hackers attempt to exploit a known operating system or application vulnerability. Intrusion detection …
A Digital Signature is a value computed with a cryptographic process using a private key and then appended to a data object, thereby digitally signing the data. This is essentially …
Ciphertext is data or information in its encrypted form. Ciphertext is the output when an encyption process is deployed. Encryption is done when important information must be safeguarded against attackers. …
Encryption is the process of transforming plaintext into ciphertext. This is done by converting data into an unreadable form using an encryption cipher with variable key lengths. Assuming one is …
Cryptography is the use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication. Cryptography is the science that converts plaintext into …
Penetration Testing is an evaluation methodology whereby ethical hackers search for vulnerabilities within technology systems and attempt to circumvent the security features of a network and/or information system. This is …