A glossary is a list of terms and definitions related to a specific subject. In this case, it is cyber terms. Glossary is always a useful resource for understanding technical language and terminology commonly used in the field of cyber security.
A group of glossary words can help you and others stay up-to-date on the latest cyber threats and technologies. Here are some cyber common words organized in alphabetic order:
A – Glossary
Access control
The process of regulating who or what can access a computer system or network.
Adware
Software that displays advertisements on a computer or mobile device.
Anti-virus software
Software designed to protect a computer or network from viruses and other malicious software.
Attack surface
The area of a computer system or network that is vulnerable to attack.
Authentication
The process of verifying the identity of a user, device, or process.
Authorized access
Access to a computer system or network that has been granted to an individual or entity by the system owner or administrator.
Availability
The ability of a computer system or network to perform its intended function at a given time.
B – Glossary
Backdoor
A hidden entry point into a computer system or network that bypasses security measures.
Black hat hacker
A hacker who engages in malicious activities, such as stealing data or disrupting systems.
Bot
A software application that performs automated tasks, such as web scraping or spamming.
Brute force attack
A type of cyber attack in which a hacker uses automated tools to try a large number of possible password combinations in an attempt to gain unauthorized access to a system.
Buffer overflow
A type of security vulnerability in which an attacker can send more data to a buffer than it is designed to hold, potentially allowing the attacker to execute arbitrary code.
Byte
A unit of digital data that is typically eight bits long.
C – Glossary
Cipher
An algorithm used to encrypt and decrypt data.
Ciphertext
Data that has been encrypted using a cipher.
Client-server architecture
A computing model in which a central server provides resources and services to client devices.
Cloud computing
The delivery of computing services, such as storage, processing, and networking, over the internet.
Code injection
A type of cyber attack in which an attacker injects malicious code into a legitimate program or system.
Command and control (C2) server
A server that is used to control a network of compromised devices, such as in a botnet.
Compromised
Having been compromised by an attacker, typically resulting in unauthorized access or control.
Computer forensics
The use of scientific techniques to collect, analyze, and present digital evidence in a court of law.
Confidentiality
The protection of information from unauthorized disclosure.
Cross-site scripting (XSS)
A type of cyber attack in which an attacker injects malicious code into a website in order to execute it in the browser of a victim who visits the site.
D – Glossary
Dark web
A part of the internet that is only accessible using special software and is not indexed by search engines, often used for illicit purposes.
Data breach
The unauthorized access or disclosure of sensitive information.
Data encryption
The process of converting data into a secure, encoded form that can only be accessed by someone with the proper decryption key.
Denial of service (DoS) attack
A type of cyber attack in which an attacker floods a server or network with traffic in an attempt to make it unavailable to legitimate users.
Digital certificate
An electronic document used to verify the identity of a website or individual online.
Digital signature
An electronic signature used to authenticate the identity of the sender of a message or document.
Directory traversal
A type of cyber attack in which an attacker attempts to access files and directories outside of the intended directory structure.
E – Glossary
Encryption
The process of converting data into a secure, encoded form that can only be accessed by someone with the proper decryption key.
End-to-end encryption
A type of encryption that ensures that a message can only be read by its intended recipient, even if it passes through multiple servers or networks.
Exploit
A software vulnerability or weakness that can be exploited by an attacker to gain unauthorized access or control.
F
Firewall
A security system that controls incoming and outgoing network traffic based on predetermined security rules.
Forensic analysis
The examination of digital evidence in order to uncover information and identify sources of cyber attacks or other security incidents.
Frequency hopping
A technique used to secure wireless communications by rapidly switching between different frequency bands.
G
Gray hat hacker
A hacker who may engage in both legal and illegal activities, or who may disclose vulnerabilities to the affected parties without seeking financial gain.
GUI (graphical user interface)
A type of user interface that allows users to interact with a computer using visual elements, such as icons and menus.
H
Hashing
The process of converting data into a fixed-length value, known as a hash, using a mathematical function.
Honeypot
A computer system or network that is intentionally left vulnerable to cyber attacks in order to attract and trap attackers.
Hybrid attack
A type of cyber attack that combines elements of multiple types of attacks, such as phishing and malware.
I
Identity theft
The unauthorized use of someone’s personal information, such as their name or social security number, to commit fraud or other crimes.
Incidence response
The process of responding to and mitigating the effects of a cyber attack or security incident.
Information security
The practice of protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Insider threat
A security threat that originates from within an organization, such as from an employee or contractor.
Integrity
The protection of data from unauthorized modification.
J
Java
A programming language and computing platform commonly used for developing and running web and mobile applications.
K
Key
A value used to encrypt and decrypt data as part of a cipher.
L
Log
A record of events that have occurred on a computer system or network.
Logic bomb
A type of malicious software that is programmed to perform a harmful action when certain conditions are met.
M
Malware
Short for “malicious software,” malware refers to software that is designed to infiltrate or damage a computer system without the owner’s knowledge or consent.
Man-in-the-middle (MitM) attack
A type of cyber attack in which an attacker intercepts and manipulates communication between two parties.
Metasploit
A popular toolkit for developing and executing exploits against computer systems.
N
Network security
The practice of protecting a computer network from unauthorized access or attacks.
Non-repudiation
The ability to prove that a particular action, such as the sending of a message, was performed by a specific individual.
O
Open source
Refers to software whose source code is publicly available and can be modified and distributed by anyone.
Operating system (OS)
The software that manages a computer’s hardware and software resources and provides a platform for running applications.
P – Glossary
Packet
A unit of data that is transmitted over a network.
Packet sniffing
The practice of intercepting and analyzing packets of data as they are transmitted over a network.
Password
A secret word or phrase used to authenticate a user’s identity.
Phishing
A type of cyber attack in which an attacker poses as a legitimate entity in order to trick victims into divulging sensitive information, such as login credentials or financial information.
Public key
A value used as part of a public key encryption system to encrypt data.
Public key encryption
A type of encryption in which a public key is used to encrypt data, and a corresponding private key is used to decrypt it.
Q – Glossary
Quantum computing
A type of computing that uses quantum-mechanical phenomena, such as superposition and entanglement, to perform operations on data.
R – Glossary
Rainbow table
A precomputed table of hash values used to crack passwords more efficiently.
Red team
A group of individuals who simulate cyber attacks in order to test and improve an organization’s security posture.
Remote access
The ability to access a computer or network from a location outside of that system.
Rootkit
A type of malicious software that is designed to gain unauthorized access to and control over a computer system.
Ransomware
A type of malware that encrypts a victim’s files and demands a ransom from the victim to restore access.
S
Sandbox
An isolated environment in which code or applications can be tested without affecting the rest of a system.
Security information and event management (SIEM)
A security system that combines data from various sources to provide a comprehensive view of an organization’s security posture.
Security patch Glossary
A software update that fixes a security vulnerability.
Social engineering
The use of psychological manipulation or deception to obtain sensitive information or access to systems.
Spam Glossary
Unsolicited, often unwanted, emails or other types of messaging.
Spearphishing Glossary
A targeted form of phishing attack that is directed at specific individuals or organizations.
Spyware
Software that is designed to monitor and collect information about a user’s activities without their knowledge.
Symmetric key encryption
A type of encryption in which the same key is used to encrypt and decrypt data.
T
Two-factor authentication (2FA)
A security process that requires an additional form of verification, such as a code sent to a phone, in addition to a password in order to authenticate a user’s identity.
U
Unauthorized access
Access to a computer system or network without the permission of the system owner or administrator.
V
Virus
A type of malicious software that is designed to replicate itself and spread to other systems.
Vulnerability
A weakness or flaw in a computer system or network that can be exploited by an attacker.
W
Watering hole attack
A type of cyber attack in which an attacker targets a website or other resource that is likely to be visited by a specific group of individuals, in order to infect their devices with malware.
White hat hacker
A hacker who engages in ethical hacking activities, such as testing and improving the security of systems.
Worm
A worm is a malicious software that spreads copies of itself from one computer to another. It spreads rapidly through networks and the the internet in no time. Worms can cause harm to infected systems, by consuming bandwidth and deleting files.
X
XSS (cross-site scripting)
A type of cyber attack in which an attacker injects malicious code into a website in order to execute it in the browser of a victim who visits the site.
Y
Y2K (year 2000)
A computer bug that was related to the way that some systems represented and stored dates, which could have caused problems when the year 2000 rolled around.
Z
Zero-day
.Cyber security vulnerability that is yet unknown and undisclosed or patched to .
Zero-day exploit
A type of cyber attack that takes advantage of a zero-day vulnerability.
Glossary Summary
This glossary list and defined terms related to cybersecurity. It also informed about the latest cyber threats and technologies. Are there words you think we could have included? Feel free to write us and we will see how we can incorporate them. Comment below and share.
