SIM Swapping
SIM Swapping is a term used when hackers steal a victims phone number and port or switch that number to a different SIM card in a different cell phone in …
January 14th, 2020
Script Kiddie
A Script Kiddie, also known as a skiddie, or skid; is an unskilled individual who uses scripts or programs developed by other individuals to attack computer systems and networks as …
January 3rd, 2020
Organized Crime
Organized Crime refers to a category of hackers that may be transnational, national, or local in geography. They operate like a centralized enterprise but are run by criminals who engage in …
January 3rd, 2020
Nation State Hackers
Nation State hackers are the best of the best. Their attacks are evolving and are not often seen or discussed in the day-to-day world because attribution of an attack to …
January 3rd, 2020
Cloud Computing
Cloud Computing is a model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be …
December 26th, 2019
Computer Network Defense
Computer Network Defense is the actions taken to defend against unauthorized activity within computer networks. Some examples of network defenses are firewalls, demilitarized zones (DMZs), Virtual Private Networks (VPNs), and …
December 26th, 2019
Built-In Security
Built–In Security is a set of principles, practices, and tools to design, develop, and evolve information systems and software that enhance resistance to vulnerabilities, flaws, and attacks. A simple example …
December 26th, 2019
Authorization
Authorization is a process of determining, by evaluating applicable access control information, whether a subject is allowed to have the specified types of access to a particular resource. In simpler …
December 26th, 2019
Authentication
Authentication is the process of verifying the identity or other attributes of an entity (user, process, or device). Entering in log in credentials to gain access to a website is …
December 26th, 2019
Bug
A bug is an unexpected and relatively small defect, fault, flaw, or imperfection in an information system or device. These small defects or faults are generally due to human error …
December 26th, 2019
Access Control Mechanism
An access control mechanism is a security safeguard (i.e., hardware and software features, physical controls, operating procedures, management procedures, and various combinations of these) designed to detect and deny unauthorized …
December 26th, 2019
Block List, Deny List, (Deprecated: blacklist)
A Block List or Deny List is a list of entities that are blocked or denied privileges or access. Hosts or applications that have been previously determined to be associated …
December 26th, 2019
Active Content
Active content is software that is able to automatically carry out or trigger actions without the explicit intervention of a user. When you are visiting a webpage on the Internet, …
December 26th, 2019
Attack
An Attack is an attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity. In other words, the intentional act of attempting …
December 26th, 2019
Attacker
An Attacker is an individual, group, organization, or government that executes an attack. Not to be confused with a vulnerability. An attack in the physical world might be someone who …
December 26th, 2019
Cybersquatting
Cybersquatting, also known as “Typosquatting“, is the act of registering, trafficking, or using a domain name in bad faith. For example, phishing attacks are used against users to gain their …
December 26th, 2019
Digital Forensics
Digital Forensics is the processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes. In the NICE Workforce Framework, cybersecurity work where a person: …
December 26th, 2019
Bot, Botnet, Bot Herder, and Bot Master
Bot(s) A Bot is a computer connected to the Internet that has been surreptitiously / secretly compromised with malicious logic to perform activities under remote the command and control of …
December 26th, 2019
Denial of Service (DoS)
Denial of Service (DoS) is an attack that prevents or impairs the authorized use of information system resources or services. A DoS is simply when hackers try to prevent legitimate …
December 26th, 2019
Data Breach
A Data Breach is the unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information. Related …
December 26th, 2019
Firewall
A firewall is a capability to limit network traffic between networks and/or information systems. This is a hardware/software device or a software program that limits network traffic according to a …
December 26th, 2019
Hacker
A hacker is an unauthorized user who attempts to or gains access to an information system. This is someone who uses various methods to breach defenses and exploit weaknesses in …
December 26th, 2019
Cybersecurity
Cybersecurity is the activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use …
December 26th, 2019
Authenticity
Authenticity is a property achieved through cryptographic methods of being genuine and being able to be verified and trusted, resulting in confidence in the validity of a transmission, information or …
December 24th, 2019
Malicious Code
Malicious Code, or sometimes known as “Attack Code” is a program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or …
December 24th, 2019
Availability
Availability is one of three security terms in the trifecta of data protection. The other two being Integrity and confidentiality.
December 24th, 2019
Confidentiality
Confidentiality is one of three critical data protections in cybersecurity. The other two are Integrity and Availability. (see links below for those Cybrary pages). Confidentiality seeks to ensure that information …
December 24th, 2019
Digital Signature
A Digital Signature is a value computed with a cryptographic process using a private key and then appended to a data object, thereby digitally signing the data. This is essentially …
December 24th, 2019
Ciphertext
Ciphertext is data or information in its encrypted form. Ciphertext is the output when an encyption process is deployed. Encryption is done when important information must be safeguarded against attackers. …
December 22nd, 2019
Cryptography
Cryptography is the use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication. Cryptography also is the art or science concerning …
December 22nd, 2019
Blue Team
A Blue Team is a group that defends an enterprise’s information systems when mock attackers (i.e., the Red Team) attack, typically as part of an operational exercise conducted according to …
December 20th, 2019
Cryptographic Algorithm
A Cryptographic Algorithm is a well-defined computational procedure that takes variable inputs, including a cryptographic key, and produces an output. Related Terms: Key, Encryption, Decryption, Symmetric key, Public Key Encryption …
December 20th, 2019
Virus
A virus is a computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer. An example …
December 18th, 2019
Chip and Pin Benefits Training
All credit and debit cards are now being made with “a computer that is 1/4 the size of a postage stamp” this technology we know as a chip card. Chip …
December 18th, 2019
Access Control
Access Control is the process of granting or denying specific requests for or attempts to: Obtain and use information and related information for processing services; and Entering a specific physical …
December 18th, 2019
Continuity of Operations Plan
Continuity of Operations Plan (COOP) is a document that sets forth procedures for the continued performance of core capabilities and critical operations during any disruption or potential disruption. Related Terms: …
December 18th, 2019
Phishing
Phishing is a digital form of social engineering to deceive individuals into providing sensitive information. This is typically done via email, having people click on links that allow hackers to …
December 16th, 2019
Adversary (or Attacker)
An Adversary is an individual, group, organization, or government that conducts or has the intent to conduct detrimental activities. An example of an adversary would be a hacker, an attacker, …
December 9th, 2019
Antivirus Software
Antivirus Software is a program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes done by …
December 9th, 2019
