Computer Emergency Response Team (CERT)
A Computer Emergency Response Team (CERT) is a group of security experts who respond to cybersecurity incidents. These teams work on many unique cybersecurity incidents involving malware, viruses, and cyber …
Polyinstantiation
Polyinstantiation is a cybersecurity strategy where multiple instances of a shared resource are created to prevent a user without the correct privileges from seeing the more sensitive information. In simpler …
File Transfer Protocol (FTP)
File Transfer Protocol (FTP) is a communications protocol used for transferring or exchanging files between two computers. These transferring of files generally is authenticated by username and password credentials. Anonymous …
Kernel
A Kernel is the core component of an operating system. The kernel acts as a bridge between applications and the data processing performed at the hardware level. When an operating …
Flooding
Flooding is a Denial of Service (DoS) attack that is designed to bring a network or other service down due to large amount of traffic, hence the term “flooding”. These …
Internet Message Access Protocol (IMAP)
Internet Message Access Protocol (IMAP) is a standard email protocol, first widely deployed in the 1980s, that stores email messages on a mail server, but allows the end user to …
Transport Layer Security (TLS)
Transport Layer Security (TLS) is a security protocol made for privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between …
Information Dissemination
Dissemination of Information refers to the distributing of a company’s or customer specific information to the public, whether through printed or electronic documents, or other forms of media. “Dissemination of information” …
Information Resources Management (IRM)
Information Resources Management (IRM) is the planning, budgeting, organizing, directing, training, and control associated with an organization’s information. The term encompasses both information itself and the related resources, such as personnel, …
Packet Sniffing
Packet Sniffing is the practice of gathering, collecting, and logging the packets that pass through a computer network, regardless of how the packet is addressed. In this way, every packet …
Backdoor
A Backdoor in the world of cybersecurity refers to the strategy used to get around normal security measures and gain privileged user access on a computer system, network, or software …
SQL Slammer Virus (Harbinger of things to come)
SQL Slammer Spread 30 min Coronavirus Spread 90+ Days The SQL Slammer Virus, also known as the Sapphire Virus, is malware in the form of a worm that caused a …
Morris Worm
The Morris Worm goes down in history as the first worm in existence. This self repeating computer program that was written by Robert Tappan Morris, a student at Cornell University, …
Stuxnet
Stuxnet is a computer worm that was uncovered in 2010, which many people believe was in development since at least 2005. Stuxnet was targeting supervisory control and data acquisition (SCADA) …
Crypto-Mining or Cryptojacking
Crypto-Mining, also known as Cryptocurrency Mining, is a process in which transactions of various forms of cryptocurrency are verified and added to the blockchain digital ledger. Each time a cryptocurrency transaction …
Brute Force Attack
A Brute Force Attack is a strategy used by hackers trying to break into your data, password, or network. In this attack a computer, or its Graphics Processing Unit (GPU) will …
Zombie
A zombie is the term for a computer that is infected and being used remotely by a bot. A bot, short for “robot”, is a type of software application or …
Secure Shell (SSH)
Secure Shell (SSH) is a cryptographic network communications protocol for operating network services securely over an unsecured network. Typical applications include remote command-line, login, and remote command execution, but any network …
Password Cracking
Password Cracking refers to the various methods hackers use to learn exactly what password you use to protect one of your computer accounts. This can be accomplished by recovering passwords …
Reverse Engineering
Reverse Engineering occurs when you take a finished product and working backwards to determine how it was constructed or engineered. By breaking a product or piece of software down into …
Reverse Intent
Reverse Intent the name given to a common hacker technique of flip-flopping a piece of security knowledge to identify a potential weakness. For example, identifying the version of Bind running …
Separation of Duties
Separation of Duties involves dividing roles and responsibilities to minimize the risk of a single individual subverting a system or critical process without detection. The classic example used in Separation of …
General (Public) Information
General Information, also known as Public information, is data that is commonly found in marketing campaigns, emails, and print media and generally requires less protection of its confidentiality and availability …
Intellectual Property
Intellectual Property (IP) refers to the ownership of a specific idea, design, manuscript, etc. by the person or company who created it. Intellectual property may give the person or company …
Swatting
Swatting is a cyber harassment tactic where the attacker deceives emergency response personnel such as the police by reporting an active shooter or hostage situation at a targeted person’s home …
ILOVEYOU Virus
The ILOVEYOU Virus, also known as, the Love Bug, is a computer worm that infected over 10 million Windows computers in May of 2000. The virus was an email that …
Mandatory Access Controls (MAC)
Mandatory Controls, also known as Mandatory Access Controls (MAC), are a type of access control that restricts the user’s ability to access certain restricted data or to perform restricted actions. …
Discretionary Access Controls (DAC)
Discretionary Access Controls, also known as DAC, are types of cybersecurity measures that allow or restrict access based upon the discretion of the file or resource owner. For example, if …
Sensitive (Restricted) Information
Sensitive (or restricted) Information is data from a company or organization that is generally not regulated but that requires very important protections of its confidentiality, integrity and availability. Examples of sensitive …
Critical (Confidential) Information
Critical (or Confidential) Information at a Small to Medium-sized Business (SMB) is most easily understood to be regulated data such PCI, HIPAA, NPPI, CCPA, GDPR. Additionally, some unregulated data such …
Facial Recognition
Facial Recognition is an increasingly effective and popular technology capable of identifying a person’s identity from a digital image or video frame. Facial Recognition works by matching facial features from …
Internet Control Message Protocol (ICMP)
Internet Control Message Protocol (ICMP) is a special type of packet used for inter-device communication, carrying everything from redirect instructions to timestamps for synchronization between devices. ICMP is an error-reporting protocol …
Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is a standard that defines how to establish and maintain a network conversation through which programs can exchange information or data. TCP works with the Internet Protocol …
Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) is software commonly used by customer support representatives to remotely take over full control of a customer’s desktop and fix the issues on their computer. Issues …
False Flag
A False Flag is the pretending to be one hacking entity when you are in fact another. False flag operations make investigations significantly more difficult. They are commonly used by …
SIM Swapping
SIM Swapping is a term used when hackers steal a victims phone number and port or switch that number to a different SIM card in a different cell phone in …
Attribution
Attribution in the cybersecurity world refers to the process of tracking, identifying and placing blame on the hacker (perpetrator) or organization behind an attack. Following an attack, an organization should …
3-2-1 Backup Method
The 3-2-1 Backup Method refers to the “3-2-1 Rule” when backing up information from your computer. This is how security professionals recommend you backup your data: 3 copies of our …
Off Boarding Process
An Off Boarding Process refers to the process an organization follows to deprovision access from a departing employee. Most companies have a process they follow when an employee leaves the …
Two-Factor Authentication
Two-Factor Authentication (2FA) is the use of two of the following three identification factors: Something you know – Most often a password for your account. Something you have – Such …
Root Cause Analysis
A root cause seeks to examine all the potential causes for a major incident at a business and select the root cause from them. Then it seeks to propose mitigating controls to prevent the root cause from recurring.
Identification
Identification refers to the first step in the incident response process where an organization determines whether they have been breached or not. Security professionals will seek indicators of compromise while …
Remote Access Trojan (RAT)
A Remote Access Trojan (RAT) is malware that includes a backdoor for administrative control over the target computer. These trojans are typically installed in the background, invisibly, with a user-requested …
Countermeasure
A countermeasure in the cybersecurity world, is an action, procedure, or technique that decreases the likelihood of an attack by minimizing either the harm it can cause or the likelihood …
Exploit Chain
An Exploit Chain is an attack that involves multiple exploits or attacks that are chained together to fully compromise a device. In these attacks, Hackers cannot use a single exploit to …
RADIUS Authentication
RADIUS Authentication, also known as Remote Authentication Dial-In User Service (RADIUS), is a server protocol and software that allows remote access servers to be able to communicate with a central …
Demilitarized Zone (DMZ)
The Demilitarized Zone (DMZ) is sometimes referred to as a “perimeter network”, its primary purpose is to add an additional layer of security for the organization’s LAN (Local Area Network). …
Guest Wi-Fi Network
A Guest Wi-Fi Network is a separate network that gives users access to your router. A Guest Wi-Fi Network is essentially a separate access point to your router from the …
Trusted Wi-Fi Network
Trusted Wi-Fi Network refers to a network that is password protected and often is AD (active directory) authenticated via RADIUS. A network that is AD authenticated will have you enter …
VLAN (Virtual Local Area Network)
A Virtual Local Area Network (VLAN) is a logical grouping of devices in the same broadcast domain that can all talk over the network to one another. A VLAN in …
