Learn, Do, Secure
Access Control: Access Control ensures that resources are only granted to those users who are entitled to them.
Authentication: The process of verifying the correctness of the claimed identity.
Authorization: The process of permitting an action or access based on pre-assigned privileges.
Availability: Ensuring that access to resources is maintained to authorized users when needed.
Botnet: A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages in a denial of service attack.
Brute Force: A form of cyberattack technique used to gain access to IT systems by presenting various combinations of words or phrases until the correct combination of a password is guessed.
Confidentiality: The need to ensure that information is disclosed only to those who are authorized to access it.
Cookies: Small system data stored on a user's computer web browser when communicating with a web application. Computer cookies provide various essential functions such as, to keep a user authenticated and maintain communications between a computer and the webserver, storing certain information about the user's interactions with the web browser, and store a user's browsing history on the web application.
Compromise: Is defined as any computing resource whose confidentiality, integrity, or availability has been adversely impacted, either intentionally or unintentionally, by an untrusted source.
Cyberattacks: Malicious activities launched by cybercriminals against single or multiple computers or networks via the internet. A cyberattack can maliciously disable computers, steal or encrypt data, or cause network resources to become unavailable (denial of service attack) to authorized users.
Cybercrimes: Are cyberattacks carried out with the intention to cause damage or disrupt information systems, or steal information for profit or for personal or political reasons. They also include illegal activities such as fraud or human trafficking.
Decryption: The process of transforming an encrypted message into a readable format (plaintext).
Denial of Service: The prevention of authorized access to a system resource or the delaying of system operations and functions.
Dictionary Attack: An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.
Disruption: A circumstance or event that interrupts or prevents the correct operation of system services and functions.
Dumpster Diving: Is obtaining passwords and corporate directories by searching through discarded media.
Eavesdropping: Is simply listening to a private conversation that may reveal information that can provide access to a facility or network.
Encryption: When information is scrambled and unreadable to prevent unauthorized access to it unless the user has the right password to decrypt it i.e. make it readable.
Exposure: A threat action whereby sensitive data is directly released to an unauthorized entity.
Firewall: A logical barrier in a network to prevent unauthorized access to data or resources.
Incident: Is an adverse network event in an information system or network or the threat of the occurrence of such an event.
Integrity: Integrity is the need to ensure that information has not been changed accidentally or deliberately and that it is accurate and complete.
Malicious Code: Software (malware) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.
Malware: A generic term for a number of different types of malicious code.
Non-Repudiation: Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.
Penetration: Gaining unauthorized logical access to sensitive data by circumventing a system's protections.
Penetration Testing: Penetration testing is used to test the external perimeter security of a network or facility.
Phishing: A method used by hackers to trick people into believing a message to make them divulge personal or other sensitive information. The information can then be used for fraudulent purposes including gaining unauthorized access to IT systems and information, impersonating individuals for financial gains, carrying out a ransomware attack, etc.
Plaintext: Ordinary readable text before being encrypted into ciphertext or after being decrypted.
Ransomware: A type of cyberattack that encrypts or steals data and demands a monetary ransom before the data is decrypted and available to the data owner, or not exposed on the internet.
Reconnaissance: Reconnaissance is the phase of an attack where an attacker finds new systems, maps out networks, and probes for specific, exploitable vulnerabilities.
Risk: Risk is the product of the level of threat with the level of vulnerability. It establishes the likelihood of a successful attack.
Risk Assessment: A Risk Assessment is a process by which risks are identified and the impact of those risks determined.
Risk-Averse: Avoiding risk even if this leads to the loss of opportunity. For example, using a (more expensive) phone call vs. sending an e-mail in order to avoid risks associated with e-mail may be considered "Risk Averse"
Rootkit: A collection of tools (programs) that a hacker uses to mask intrusion and obtain administrator-level access to a computer or computer network.
Sensitive Information: Sensitive information, as defined by the federal government, is any unclassified information that, if compromised, could adversely affect the national interest or conduct of federal initiatives.
Separation of Duties: Separation of duties is the principle of splitting privileges among multiple individuals or systems.
Server: A system entity that provides a service in response to requests from other system entities called clients.
Smishing: Is a form of phishing that is carried out via text messages to deceive people into divulging sensitive information.
Spam: Electronic junk mail or junk newsgroup postings.
Social Engineering: A terminology for non-technical or low-technology methods used for compromising individuals (such as lies, impersonation, tricks, bribes, tailgating) to make them divulge sensitive information that could be used to attack information systems.
Spoof: Attempt by an unauthorized entity to gain access to a system by posing as an authorized user.
Tailgating: An action that involves following someone or an object closely in order to use the individual or an object to gain access that would not normally be given.
Threat: A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.
Threat Assessment: A threat assessment is the identification of types of threats that an organization might be exposed to.
Virtual Private Network (VPN): Virtual Private Network (VPN) protects a network connection when using Wi-Fi by encrypting the network traffic to protect the identity of the user and keep their data and activities private over the internet. It prevents eavesdropping on the network traffic and allows the user to conduct work remotely in a secure way.
Virus/Worm: A type of malware that causes damage to a computer system to compromise the system and/or the information held within.
Vishing: A type of phishing that is carried out via phone calls to deceive people into divulging sensitive information.
Web Server: A software process that runs on a host computer connected to the Internet to respond to HTTP requests from client web browsers.