100 Cybersecurity Terms To Know

00:00

1. malware software designed to harm or

00:03

exploit a computer system this can

00:06

include viruses worms Trojans ransomware

00:10

and other forms of malicious software

00:13

2. fishing the practice of tricking

00:16

people into giving away personal

00:17

information or login credentials by

00:20

posing as a trustworthy entity through

00:22

email phone or text message

00:25

3. ransomware malware that encrypts a

00:29

victim's files and demands payment to

00:31

restore access this can be in the form

00:33

of a digital currency such as Bitcoin

00:36

4. botnet a network of infected

00:40

computers controlled by a single entity

00:42

often used to launch distributed denial

00:44

of service DDOS attacks or send spam

00:48

emails

00:49

5. firewall a network security system

00:52

that monitors and controls incoming and

00:55

outgoing Network traffic and is used to

00:57

prevent unauthorized access to a private

01:00

Network

01:01

6. two-factor authentication a security

01:05

process that requires an additional form

01:07

of verification such as a codes into a

01:10

phone in addition to a password this

01:12

helps to prevent unauthorized access to

01:15

an account

01:16

7. VPN a virtual private Network that

01:20

encrypts internet traffic and allows

01:22

users to securely access a private

01:24

Network remotely

01:26

8. DDOS a distributed denial of service

01:30

attack that floods a website or network

01:32

with traffic to make it unavailable

01:34

9. man in the middle mitm attack an

01:39

attack in which an attacker intercepts

01:41

and modifies communication between two

01:43

parties often to steal sensitive

01:45

information

01:46

SQL injection a type of attack that

01:49

exploits vulnerabilities in a website's

01:52

database to gain unauthorized access

01:55

11. social engineering the use of

01:59

manipulation or deception to trick

02:01

people into divulging sensitive

02:03

information

02:04

12. antivirus software that detects and

02:08

removes malware from a computer system

02:11

13. rootkit malware that hides its

02:14

presence on a computer and grants an

02:16

attacker control over the system

02:19

14. zero-day exploit a type of attack

02:22

that takes advantage of a previously

02:24

unknown vulnerability before it has been

02:27

discovered and patched by the software

02:29

vendor

02:30

15. spam unwanted or unsolicited

02:34

electronic messages often used for

02:36

fishing or spreading malware

02:38

16. advanced persistent threat apt a

02:43

targeted Cyber attack Often by a

02:45

nation-state that gains unauthorized

02:48

access to a network and remains

02:49

undetected for an extended period of

02:51

time

02:52

17. keylogger a type of malware that

02:56

records every keystroke made on a

02:58

computer to steal personal information

03:00

such as login credentials

03:03

18. brute force a type of attack that

03:06

uses automated software to guess a

03:08

password or encryption key by trying

03:10

every possible combination

03:13

19. vulnerability a weakness in a

03:16

computer system or software that can be

03:18

exploited by an attacker

03:20

20. password cracking the process of

03:24

guessing or recovering lost or forgotten

03:26

passwords

03:28

21. encryption the process of converting

03:31

plain text into a coded message that can

03:34

only be deciphered with a secret key

03:36

22 token a physical or digital object

03:40

that grants access to a computer system

03:43

or Network

03:44

23. Honeypot a decoy computer system or

03:48

network set up to attract and detect

03:51

cyber attacks

03:52

24. cyber Espionage the use of digital

03:56

means to gather sensitive information

03:58

from other countries or organizations

04:01

25 cyber warfare the use of cyber

04:05

attacks to disrupt or destroy critical

04:07

infrastructure or military operations

04:11

26. cybercrime a criminal act committed

04:15

using the internet or digital technology

04:18

27. cyberbullying the use of electronic

04:22

means to harass or threaten someone

04:24

28. data breach an unauthorized access

04:28

or release of sensitive information this

04:31

can include personal information such as

04:34

Social Security numbers credit card

04:36

information and login credentials

04:39

29. cloud computing the delivery of

04:43

computing services including storage and

04:45

processing power over the internet

04:48

30. end-to-end encryption a method of

04:52

encryption that ensures that only the

04:53

sender and intended recipient can read

04:55

the message

04:57

31. cyber hygiene the practice of

05:00

maintaining good security practices and

05:02

keeping software and systems up to date

05:05

32. incident response the process of

05:09

identifying containing and recovering

05:12

from a Cyber attack

05:13

33. cyber physical systems

05:17

computer-controlled physical systems

05:19

such as industrial control systems or

05:21

medical devices

05:23

34. mobile device management the

05:26

practice of securing and managing mobile

05:28

devices such as smartphones and tablets

05:31

in an organization

05:33

35. identity and access management I am

05:37

the process of controlling access to

05:39

computer systems and networks based on a

05:42

user's identity

05:43

36. sandbox a secure environment used to

05:47

test and run untrusted code or software

05:51

37. backup a copy of data or files that

05:55

can be used to restore the original in

05:57

case of loss or damage

05:59

38. denial of service dos an attack that

06:03

makes a computer resource or network

06:05

unavailable to its intended users

06:08

39. penetration testing the practice of

06:11

simulating a Cyber attack on a computer

06:13

system to identify vulnerabilities

06:16

40. Network segmentation the process of

06:20

dividing a network into smaller sub

06:22

networks for security and management

06:25

41. endpoint security the practice of

06:29

securing all devices that connect to a

06:31

network including laptops smartphones

06:34

and servers

06:36

42 intrusion detection system IDs a

06:40

security system that monitors Network

06:42

traffic and alerts administrators of

06:45

potential attacks

06:46

43. intrusion prevention system IPS a

06:51

security system that monitors Network

06:53

traffic and automatically blocks

06:55

suspicious activity

06:57

44. security information and event

07:00

management sim a security system that

07:03

collects and analyzes log data from

07:06

multiple sources to detect and respond

07:08

to security threats

07:10

45. Advanced encryption standard as a

07:14

widely used symmetric encryption

07:16

algorithm

07:17

46. public key infrastructure pki a

07:22

system for creating managing and

07:24

distributing digital certificates and

07:26

public-private key pairs

07:28

47 digital signature a method of

07:32

verifying the authenticity and integrity

07:34

of electronic data using a digital

07:36

certificate

07:37

48 digital certificate a digital

07:41

document that binds a public key to an

07:43

identity

07:44

49. secure sockets layer SSL a protocol

07:49

for securely transmitting data over the

07:51

internet

07:52

50. transport layer security TLS a

07:57

security protocol that replaces SSL for

08:00

securely transmitting data over the

08:02

internet

08:03

51. hypertext transfer protocol secure

08:07

https a protocol for securely

08:10

transmitting data over the Internet used

08:12

for online shopping and banking

08:15

52. secure shell SSH a protocol for

08:20

securely accessing and managing remote

08:22

computer systems

08:23

53 remote access Trojan rat malware that

08:28

allows an attacker to remotely control

08:30

an infected computer

08:32

54. Trojan Horse malware that disguises

08:36

itself as legitimate software

08:39

55. worm a self-replicating type of

08:43

malware that spreads itself to other

08:45

computers

08:46

56. adware software that displays

08:50

unwanted advertisements

08:52

57. spyware software that collects

08:56

personal information or tracks a user's

08:58

online activity without their knowledge

09:01

58. phylus malware malware that resides

09:05

in memory and does not leave any trace

09:07

on the hard drive

09:09

59.

09:10

script Kitty an unskilled individual who

09:13

uses pre-written scripts or tools to

09:15

launch cyber attacks

09:17

60. advanced persistent threat apt a

09:22

targeted Cyber attack Often by a

09:24

nation-state that gains unauthorized

09:26

access to a network and remains

09:28

undetected for an extended period of

09:30

time

09:31

61. root access the highest level of

09:35

access to a computer system or network

09:37

allowing full control over the system

09:41

62. distributed denial of service DDOS a

09:46

type of attack that floods a website or

09:48

network with traffic to make it

09:49

unavailable

09:51

63. cross-site scripting xss a type of

09:55

attack that injects malicious code into

09:58

a website to steal user data

10:00

64. cross-site request forgery csrf a

10:05

type of attack that tricks a user into

10:07

performing actions on a website without

10:10

their knowledge

10:11

65. Internet of Things iot the

10:15

interconnectedness of everyday devices

10:18

such as smart home devices and cars

10:20

through the internet

10:22

66 artificial intelligence AI the

10:27

ability of a computer system to mimic

10:29

human intelligence and perform tasks

10:31

such as learning and problem solving

10:34

67 machine learning ml a type of AI that

10:38

allows computer systems to learn and

10:40

improve performance without being

10:42

explicitly programmed

10:44

68. Cloud security the practice of

10:48

securing data applications and

10:50

infrastructure in cloud computing

10:52

environments

10:53

69 Cloud access security broker csb a

10:59

security solution that sits between a

11:01

company's on-premises infrastructure and

11:03

cloud services to provide visibility and

11:05

control over Cloud usage

11:08

70.

11:09

software-defined networking sdn a

11:12

network architecture that allows the

11:14

control plane of a network to be

11:16

programmatically configured

11:18

71 identity and access management I am

11:22

the process of managing user identities

11:25

and access rights to resources and

11:27

applications

11:28

72 data loss prevention DLP the practice

11:33

of identifying and blocking sensitive

11:35

data from leaving an organization

11:37

73 Cloud identity and access management

11:41

cim the practice of managing user

11:44

identities and access rights to

11:46

cloud-based resources and applications

11:49

74. identity and access governance ieg

11:53

the practice of ensuring that only

11:55

authorized users have access to

11:57

sensitive data and systems

12:00

75 encryption key management the process

12:04

of creating storing protecting and

12:07

managing encryption keys

12:09

76

12:11

multi-factor authentication MFA a

12:14

security process that requires more than

12:16

one method of authentication such as a

12:19

password and fingerprint or security

12:21

token

12:22

77 cyber threat intelligence CTI the

12:27

process of collecting analyzing and

12:30

disseminating information about cyber

12:32

threats to protect against them

12:34

78 cyber resilience the ability to

12:38

prepare for withstand and recover from

12:41

cyber attacks

12:42

79 cyber security operations center SOC

12:47

a centralized unit responsible for

12:50

monitoring and analyzing security

12:51

related data from various sources to

12:54

detect and respond to cyber threats

12:56

80. risk management the process of

13:00

identifying assessing and prioritizing

13:03

potential risks to an organization's

13:05

assets and implementing controls to

13:07

mitigate or accept those risks

13:09

81 compliance the adherence to laws

13:14

regulations standards and policies that

13:17

govern an organizations information

13:19

security practices

13:21

82. supply chain security the practice

13:24

of securing the flow of information and

13:27

materials throughout the supply chain

13:28

from supplier to customer

13:30

83 digital forensics the process of

13:34

collecting and analyzing digital

13:36

evidence in support of criminal

13:38

investigations

13:39

84. incident response IR the process of

13:44

identifying containing and recovering

13:47

from a Cyber attack

13:48

85 mobile device management MDM the

13:53

practice of securing and managing mobile

13:55

devices such as smartphones and tablets

13:58

in an organization

14:00

86 network security the practice of

14:04

protecting a computer network from

14:05

unauthorized access use disclosure

14:09

disruption modification or destruction

14:12

87 email security the practice of

14:16

protecting email systems from spam

14:18

phishing and other types of cyber

14:21

attacks

14:22

88 cyber insurance insurance coverage

14:26

for losses resulting from cyber attacks

14:29

89. Internet of Things iot security the

14:34

practice of securing the interconnected

14:36

devices and systems that make up the

14:38

Internet of Things

14:40

90. physical security the practice of

14:43

protecting a building and its assets

14:45

from unauthorized access and damage

14:48

91. artificial intelligence AI security

14:52

the practice of protecting a systems

14:55

from cyber attacks and other forms of

14:57

misuse

14:58

92 access control the practice of

15:02

limiting access to resources and systems

15:05

based on user identity and other factors

15:08

93 authentication the process of

15:12

verifying a user's identity

15:14

94. authorization the process of

15:17

granting or denying access to resources

15:20

and systems based on user identity and

15:22

other factors

15:24

95. security information and event

15:27

management sim a security system that

15:31

collects and analyzes log data from

15:33

multiple sources to detect and respond

15:35

to security threats

15:37

96 web application firewall Waf a

15:42

security system that monitors and

15:43

controls incoming and outgoing web

15:45

traffic

15:47

97 internet service provider ISB a

15:51

company that provides internet access to

15:53

customers

15:55

98. Network address translation in at a

16:00

technique used to change the IP address

16:02

of a device on a network to make it

16:04

accessible to other devices on the

16:06

internet

16:07

99 zero trust security a security model

16:11

that assumes that all devices networks

16:14

and users are potentially compromised

16:16

and therefore requires continuous

16:18

verification and authentication before

16:20

granting access

16:22

100 dark web a part of the internet that

16:26

is not indexed by search engines and can

16:28

only be accessed using special software

16:31

it is often used for illegal activities

16:33

such as buying and selling illegal Goods

16:36

or stolen data