- advanced encryption standard (AES)
- symmetric encryption algorithm used globally to secure data, known for its speed and security
- artificial intelligence (AI)
- branch of computer science focused on creating intelligent machines capable of performing tasks that typically require human intelligence, such as visual perception, speech recognition, decision-making, and language translation
- asymmetric encryption
- (also, public-key cryptography) type of encryption that uses a public and private key
- authentication
- process of verifying the identity of a user or device, often through credentials such as passwords or digital certificates
- brute-force attack
- attack method where an attacker systematically checks all password or encryption key possibilities until the correct one is found
- buffer overflow
- condition where an application writes more data to a buffer than it can hold
- Certified Ethical Hacker (CEH)
- certification that signifies proficiency in ethical hacking techniques and tools, and the ability to assess the security of computer systems by looking for vulnerabilities in a lawful and legitimate manner
- Certified Information Security Manager (CISM)
- certification that focuses on management and governance of information security
- Certified Information Systems Security Professional (CISSP)
- advanced certification that focuses on the knowledge and skills required to design, implement, and manage a comprehensive information security program
- classless inter-domain routing (CIDR)
- method for allocating IP addresses and routing IP packets more efficiently than traditional classful IP addressing
- confidentiality, integrity, availability (CIA) triad
- foundational model in cybersecurity that ensures information is protected, accurate and trustworthy, and readily available to authorized users
- continuous monitoring
- ongoing process of assessing the security posture and compliance of an IT infrastructure by automatically collecting, analyzing, and reporting data on various security controls
- Control Objectives for Information and Related Technologies (COBIT5) framework
- comprehensive framework developed by ISACA for IT governance and management that helps organizations meet business challenges in the areas of regulatory compliance, risk management, and aligning IT strategy with organizational goals
- cryptographic key
- string of data used by encryption algorithms to transform data into a secure format and its subsequent decryption
- cybersecurity
- practice of protecting systems, networks, devices, and data from online threats
- data packet
- small unit of data transmitted over a network
- dictionary attack
- attack method where an attacker uses a precompiled list of likely passwords
- digital signature
- electronic signature that uses cryptographic techniques to provide authentication and ensure the integrity of the signed digital document or message
- distributed denial-of-service (DDoS)
- attack that uses multiple computers or servers to overwhelm a network resulting in loss of usability
- Domain Name System (DNS)
- system that translates human-readable domain names to IP addresses, allowing users to access websites using familiar names
- dynamic IP address
- address that is assigned each time a device connects to the internet; changes periodically, although not necessarily every time the device connects
- encryption
- process of transforming legible data into a coded format, making it unreadable to unauthorized entities
- environmental threat
- uncontrollable external factor such as a natural disaster or hardware failure that can damage data centers and disrupt business operations
- ethical hacking
- process of attempting to break into an organization’s computer systems, network, or applications with permission to identify vulnerabilities
- external threat
- threat that originates from outside an organization, typically posed by cybercriminals or state-sponsored attackers who aim to exploit vulnerabilities for financial or strategic gain
- fileless malware
- type of malware that exploits in-memory processes to conduct its nefarious activities
- firewall
- network security system that uses security rules to monitor and control incoming and outgoing traffic
- hashing
- process of converting data into a fixed-size string of characters, typically used for security purposes to ensure data integrity
- HTTP Secure (HTTPS)
- protocol that adds a secure, encrypted layer to HTTP via SSL/TLS protocols
- Hypertext Transfer Protocol (HTTP)
- protocol that is proficient at transmitting hypertext over the internet
- incident response
- predetermined set of procedures and steps taken to identify, investigate, and respond to potential security incidents
- information privacy
- right and measure of control individuals have over the collection, storage, management, and dissemination of their personal information
- information security
- practice of protecting information by mitigating information risks and vulnerabilities, which encompasses data privacy, data confidentiality, data integrity, and data availability; employs methods such as encryption, firewalls, and secure network design
- information security management system (ISMS)
- framework that helps organizations manage their information security by defining policies, procedures, and controls
- information security risk management (ISRM)
- field that involves identifying, assessing, and mitigating risks to the confidentiality, integrity, and availability of information and information systems
- Information Systems Audit and Control Association (ISACA)
- international association that provides IT professionals with knowledge, credentials, education, and community in IT governance, control, risk, security, audit, and assurance
- intellectual property (IP)
- creations of the mind that are protected by law from unauthorized use or replication
- internal threat
- one that originates from within an organization, such as disgruntled employees or poor security training for employees resulting in social engineering attacks
- internet protocol (IP) address
- unique identifier that allows a computer to be addressed in order to communicate on the internet
- Internet Protocol Security (IPsec)
- suite of protocols that provides end-to-end encryption and secure data exchange
- intrusion detection and prevention system (IDPS)
- tool that monitors networks for malicious activity or policy violations
- IT governance
- process of managing and controlling an organization’s IT capabilities to improve IT management, ensure compliance, and increase the value of IT investments
- keylogger
- tool or technology often used maliciously to capture keystrokes on a computer to obtain sensitive information such as passwords
- log file
- file generated by security applications that contains event information that aids in determining the status and health of a network
- malware
- malicious software designed to damage, exploit, infect systems, or otherwise compromise data, devices, users, or networks, using viruses, worms, and spyware that is installed into the basic input-output system (BIOS) of a computer
- media access control (MAC) address
- unique identifier that allows a computer to be addressed in order to communicate within a local area network
- multi factor authentication (MFA)
- security measure that requires users to verify their identity using multiple forms of credentials, such as a password, a security token, or biometric data, to access a system
- network security
- process of guarding network infrastructure and IT systems from unauthorized access, misuse, malfunction, or improper disclosure to unintended parties
- packet sniffer
- (also, network analyzer or protocol analyzer) tool that captures and analyzes network traffic
- phishing
- type of social engineering attack that appears as a trustworthy entity in digital communication but steals user data, such as login credentials and financial information
- pretexting
- social engineering attack that involves creating a fabricated scenario to obtain private data
- protocol
- fundamental rule or procedure that governs communication between devices in a network
- protocol analyzer
- tool that examines network communication protocols to understand how data are exchanged between devices and applications on a network
- ransomware
- type of malicious software that encrypts users’ files such as photos, documents, or other sensitive information and demands a ransom for their release
- risk appetite
- level of risk an organization is willing to accept in pursuit of its ambitions or goals
- risk management plan (RMP)
- strategic document that outlines how risk is assessed, monitored, and mitigated within an organization
- risk tolerance
- number of unfavorable outcomes an organization is willing to accept while pursuing goals and other objectives
- role-based access control (RBAC)
- method of access control that bases data access on a person’s role in the organization, giving each employee the minimum level of access they need to perform their job functions
- rootkit
- software that enables attackers to have access to a system masquerading as operating system processes
- router
- device that forwards data packets to the appropriate parts of a computer network
- RSA encryption
- asymmetric cryptographic algorithm used for secure data transmission; particularly useful in public-key cryptography
- Secure Sockets Layer (SSL)
- communication protocol that establishes a secure connection between devices or applications on a network by encrypting data sent between a browser and a website or between two servers
- security information and event management (SIEM)
- security solution that collects, analyzes, and correlates security data from different sources to detect and respond to security threats in real time
- Security+
- entry-level certification that covers foundational skills and knowledge in network security, compliance, operational security, threats and vulnerabilities, data and host security, access control, and identity management
- server
- powerful computer or computer program that provides data to other computers (clients) over a network
- social engineering
- manipulation of employees into revealing sensitive information, often leading to unauthorized system access
- static IP address
- permanent address assigned by an administrator that remains the same over time and is essential for services such as hosting servers, email servers, and network devices, or when remote access is required
- strengths, weaknesses, opportunities, and threats (SWOT) analysis
- commonly used method that helps in understanding both internal and external factors that could pose risks
- subnet
- logically visible subdivision of an IP network, increasing its efficiency and security
- subnet mask
- address used in routing and network organization that divides the IP address into network and host addresses
- switch
- device that connects and segments various components within a local network
- symmetric encryption
- type of encryption in which one key both encrypts and decrypts the data
- Transport Layer Security (TLS)
- updated version of SSL that uses an encrypted tunnel to protect data sent between a browser, a website, and the website’s server
- Trojan
- program that conceals itself as a safe program but often carries many other different types of malicious payloads
- virtual private network (VPN)
- service that creates a secure, encrypted connection over a less secure network, typically the internet, ensuring private data remains protected
- virus
- malware that attaches itself to clean files and propagate to other files and programs
- worm
- stand-alone software program that spreads without requiring a host program