Key Terms

advanced encryption standard (AES)

symmetric encryption algorithm used globally to secure data, known for its speed and security

artificial intelligence (AI)

branch of computer science focused on creating intelligent machines capable of performing tasks that typically require human intelligence, such as visual perception, speech recognition, decision-making, and language translation

asymmetric encryption

(also, public-key cryptography) type of encryption that uses a public and private key

authentication

process of verifying the identity of a user or device, often through credentials such as passwords or digital certificates

brute-force attack

attack method where an attacker systematically checks all password or encryption key possibilities until the correct one is found

buffer overflow

condition where an application writes more data to a buffer than it can hold

Certified Ethical Hacker (CEH)

certification that signifies proficiency in ethical hacking techniques and tools, and the ability to assess the security of computer systems by looking for vulnerabilities in a lawful and legitimate manner

Certified Information Security Manager (CISM)

certification that focuses on management and governance of information security

Certified Information Systems Security Professional (CISSP)

advanced certification that focuses on the knowledge and skills required to design, implement, and manage a comprehensive information security program

classless inter-domain routing (CIDR)

method for allocating IP addresses and routing IP packets more efficiently than traditional classful IP addressing

confidentiality, integrity, availability (CIA) triad

foundational model in cybersecurity that ensures information is protected, accurate and trustworthy, and readily available to authorized users

continuous monitoring

ongoing process of assessing the security posture and compliance of an IT infrastructure by automatically collecting, analyzing, and reporting data on various security controls

Control Objectives for Information and Related Technologies (COBIT5) framework

comprehensive framework developed by ISACA for IT governance and management that helps organizations meet business challenges in the areas of regulatory compliance, risk management, and aligning IT strategy with organizational goals

cryptographic key

string of data used by encryption algorithms to transform data into a secure format and its subsequent decryption

cybersecurity

practice of protecting systems, networks, devices, and data from online threats

data packet

small unit of data transmitted over a network

dictionary attack

attack method where an attacker uses a precompiled list of likely passwords

digital signature

electronic signature that uses cryptographic techniques to provide authentication and ensure the integrity of the signed digital document or message

distributed denial-of-service (DDoS)

attack that uses multiple computers or servers to overwhelm a network resulting in loss of usability

Domain Name System (DNS)

system that translates human-readable domain names to IP addresses, allowing users to access websites using familiar names

dynamic IP address

address that is assigned each time a device connects to the internet; changes periodically, although not necessarily every time the device connects

encryption

process of transforming legible data into a coded format, making it unreadable to unauthorized entities

environmental threat

uncontrollable external factor such as a natural disaster or hardware failure that can damage data centers and disrupt business operations

ethical hacking

process of attempting to break into an organization’s computer systems, network, or applications with permission to identify vulnerabilities

external threat

threat that originates from outside an organization, typically posed by cybercriminals or state-sponsored attackers who aim to exploit vulnerabilities for financial or strategic gain

fileless malware

type of malware that exploits in-memory processes to conduct its nefarious activities

firewall

network security system that uses security rules to monitor and control incoming and outgoing traffic

hashing

process of converting data into a fixed-size string of characters, typically used for security purposes to ensure data integrity

HTTP Secure (HTTPS)

protocol that adds a secure, encrypted layer to HTTP via SSL/TLS protocols

Hypertext Transfer Protocol (HTTP)

protocol that is proficient at transmitting hypertext over the internet

incident response

predetermined set of procedures and steps taken to identify, investigate, and respond to potential security incidents

information privacy

right and measure of control individuals have over the collection, storage, management, and dissemination of their personal information

information security

practice of protecting information by mitigating information risks and vulnerabilities, which encompasses data privacy, data confidentiality, data integrity, and data availability; employs methods such as encryption, firewalls, and secure network design

information security management system (ISMS)

framework that helps organizations manage their information security by defining policies, procedures, and controls

information security risk management (ISRM)

field that involves identifying, assessing, and mitigating risks to the confidentiality, integrity, and availability of information and information systems

Information Systems Audit and Control Association (ISACA)

international association that provides IT professionals with knowledge, credentials, education, and community in IT governance, control, risk, security, audit, and assurance

intellectual property (IP)

creations of the mind that are protected by law from unauthorized use or replication

internal threat

one that originates from within an organization, such as disgruntled employees or poor security training for employees resulting in social engineering attacks

internet protocol (IP) address

unique identifier that allows a computer to be addressed in order to communicate on the internet

Internet Protocol Security (IPsec)

suite of protocols that provides end-to-end encryption and secure data exchange

intrusion detection and prevention system (IDPS)

tool that monitors networks for malicious activity or policy violations

IT governance

process of managing and controlling an organization’s IT capabilities to improve IT management, ensure compliance, and increase the value of IT investments

keylogger

tool or technology often used maliciously to capture keystrokes on a computer to obtain sensitive information such as passwords

log file

file generated by security applications that contains event information that aids in determining the status and health of a network

malware

malicious software designed to damage, exploit, infect systems, or otherwise compromise data, devices, users, or networks, using viruses, worms, and spyware that is installed into the basic input-output system (BIOS) of a computer

media access control (MAC) address

unique identifier that allows a computer to be addressed in order to communicate within a local area network

multi factor authentication (MFA)

security measure that requires users to verify their identity using multiple forms of credentials, such as a password, a security token, or biometric data, to access a system

network security

process of guarding network infrastructure and IT systems from unauthorized access, misuse, malfunction, or improper disclosure to unintended parties

packet sniffer

(also, network analyzer or protocol analyzer) tool that captures and analyzes network traffic

phishing

type of social engineering attack that appears as a trustworthy entity in digital communication but steals user data, such as login credentials and financial information

pretexting

social engineering attack that involves creating a fabricated scenario to obtain private data

protocol

fundamental rule or procedure that governs communication between devices in a network

protocol analyzer

tool that examines network communication protocols to understand how data are exchanged between devices and applications on a network

ransomware

type of malicious software that encrypts users’ files such as photos, documents, or other sensitive information and demands a ransom for their release

risk appetite

level of risk an organization is willing to accept in pursuit of its ambitions or goals

risk management plan (RMP)

strategic document that outlines how risk is assessed, monitored, and mitigated within an organization

risk tolerance

number of unfavorable outcomes an organization is willing to accept while pursuing goals and other objectives

role-based access control (RBAC)

method of access control that bases data access on a person’s role in the organization, giving each employee the minimum level of access they need to perform their job functions

rootkit

software that enables attackers to have access to a system masquerading as operating system processes

router

device that forwards data packets to the appropriate parts of a computer network

RSA encryption

asymmetric cryptographic algorithm used for secure data transmission; particularly useful in public-key cryptography

Secure Sockets Layer (SSL)

communication protocol that establishes a secure connection between devices or applications on a network by encrypting data sent between a browser and a website or between two servers

security information and event management (SIEM)

security solution that collects, analyzes, and correlates security data from different sources to detect and respond to security threats in real time

Security+

entry-level certification that covers foundational skills and knowledge in network security, compliance, operational security, threats and vulnerabilities, data and host security, access control, and identity management

server

powerful computer or computer program that provides data to other computers (clients) over a network

social engineering

manipulation of employees into revealing sensitive information, often leading to unauthorized system access

static IP address

permanent address assigned by an administrator that remains the same over time and is essential for services such as hosting servers, email servers, and network devices, or when remote access is required

strengths, weaknesses, opportunities, and threats (SWOT) analysis

commonly used method that helps in understanding both internal and external factors that could pose risks

subnet

logically visible subdivision of an IP network, increasing its efficiency and security

subnet mask

address used in routing and network organization that divides the IP address into network and host addresses

switch

device that connects and segments various components within a local network

symmetric encryption

type of encryption in which one key both encrypts and decrypts the data

Transport Layer Security (TLS)

updated version of SSL that uses an encrypted tunnel to protect data sent between a browser, a website, and the website’s server

Trojan

program that conceals itself as a safe program but often carries many other different types of malicious payloads

virtual private network (VPN)

service that creates a secure, encrypted connection over a less secure network, typically the internet, ensuring private data remains protected

virus

malware that attaches itself to clean files and propagate to other files and programs

worm

stand-alone software program that spreads without requiring a host program