Cyber Security Glossary + ChatGPT Generated Descriptions

A	B	C	D
E	F	G	H
I	J	K	L
M	N	O	P
Q	R	S	T
U	V	W	X
Y	Z

TOP 10

Access control
The process of limiting access to some resource only to authorised users, programs, or systems.

Back door
A hole in the security system deliberately left by the creator of the system.

Circuit level gateway firewalll
A firewall that authenticates each user before granting access.

DoS
Denial of service, an attack that prevents legitimate users from accessing a resource.

Encryption
The act of encrypting a message, usually by altering a message so that it cannot be read without the key and the decryption algorithm.

Firewall
A barrier between the network and the outside world.

A

Access control
The process of limiting access to some resource only to authorised users, programs, or systems.

Access control list
A list of entitites, together with their access rights, that are authorised to have access to a resource.

Access lockout policy
Policies regarding how many login attempts should be allowed before the account is locked.

Account policies
Policies regarding account settings.

Admin
Short for system administrator.

AES (Advanced Encryption Standard)
A modern symmetric cipher that is widely used.

Anomaly detection - An intrusion-detection strategy that depends on detecting anomalous activities.

Application gateway firewall
A firewall type that verifies specific applications.

ASCII code
Numeric codes used to represent all standard alphanumeric symbos.
There are 255 different ASCII codes.

Auditing
A check of a system's security, usually including a review of documents, procedures, and system configurations.

Authentication header (AH)
A field that immediately follows the IP header in an IP datagram and provides authentication and integrity checking for the datagram.

B

Back door
A hole in the security system deliberately left by the creator of the system.

Banishment vigilance
Blocking all traffic from a suspect IP address (i.e. banishing that address).

Bastion host
A single point of contact between the Internet and a private network.

Bell-LaPadula Model
One of the oldest security models,. based on the basic security theorem.

Biba Integrity Model
An older security model with similarities to Bell-LaPadula.

Binary numbers
Numbers that use the base 2 number system.

Binary operations
Operations on base 2 (i.e., binary) numbers. The operations include XOR, OR, and AND.

Black hat hacker
A hacker with a malicious purpose, synonymous with cracker.

Blocking
The act of preventing transmission of some type.

Blowfish
A well-known symmetric block cipher created by Bruce Schneier

Braindump
The act of telling someone everything one knows.

Breach
The successfull break into a system (e.g., "to breach the security).

Brute force
To try to crack a password by simply trying every possible combination.

Buffer overflow
An attack that seeks to overwrite a memory buffer with more data than it is designed to hold.

Bug
A flaw in a system.

****

C

Caesar cipher
One of the oldest encryption algortihms. It uses a basic mono-alphabetic cipher.

Call back
A procedure for identifying a remote connection. In a call back, the host disconnects the caller and then dials the authorised telephone number of the remote client to re-establish the connection.

Certificate authority
An agency authorised to issue digital certificiates.

CHAP
Challenge Handshake Authentication Protocol, a commonly used authentication protocol.

Chinese Wall Model
An information barrier preventing information flow between different groups within the same organisation.

Cipher
Synonym for cryptographic algorithm.

Cipher text
Encrypted text.

Circuit level gateway firewalll
A firewall that authenticates each user before granting access.

CISSP
Certified Information Systems Security Professional. This is the oldest IT security certification and the one most often asked for in job ads.

Clark-Wilson model
A subject-boject model first published in 1987 that attempts to achieve data security via well-formed transactions and a separation of duties.

Code
The source code for a program, or the act of programming, as in "to code an algorithm."

Common Criteria
A set of standards for computer security. This is a fusion of United States Department of Defense standards with European and Canadian standards.

Compulsory tunneling
Tunneling that is mandatory, not optional. This is in reference to VPN technologies. Some protocols allow the user to choose whether to use tunneling.

Confidentiality of data
Ensuring that the contents of messages will be kept secret.

Cookie
A small file containing data that is put on your machine by a website you visit.

Cracker
One who breaks into a system in order to do something malicious, illegal, or harmful. Synonymous with black hat hacker.

Cracking
Hacking with malicious intent.

Crash
A sudden and unintended failure, as in "my computer crashed."

CTCPEC
Canadian Trusted Computer Product Evaluation Criteria.

Cyber terrorism
Terrorism using computers, computer networks, telecommunications, or the Internet.

****

D

Daemon
A program that runs in the background. Often used to perform various system services.

DDoS
Distributed denial of service, a DoS attack launched from multiple sources.

Decryption
The process of un-encrypting an encrypted message.

DES
Data Encryptuion Standard, a symmetric cryptography algorithm first published in 1977, no longer considered secure due to the small key size.

Digital signature
A cryptographic method of verifying a file or sender.

Discretionary access controll
An administrator's option either to control access to a given resource or simpy allow unrestricted access.

Discretionary security property
The policies that control access based on named users and named objects.

Distributed reflection denial of service
A specialised type of DDoS that uses Internet routers to perform the attack.

DMZ
Demilitarised zone. A firewall type consisting of two firewalls with an intermediate zone between them.

Dropper
A type of Trojan horse that drops another program onto the target machine.

Dual-homed host
A type of firewall that literally has two NIC's (network interface card)

Dynamic security approach
An approach to security that is proactive rather than reactive.

wordgoeshere

E

EAP
Extensible Authentication Protocol.

Encapsulated
Wrapped up.

Encrypting File System
Also known as EFS, this is Microsoft's file system that allows users to encrypt individual files. It was first introduced in Windows 2000.

Encryption
The act of encrypting a message, usually by altering a message so that it cannot be read without the key and the decryption algorithm.

ESP
Encapsulated Security Payload, one of the two primary protocols (ESP and AH) used in IPSec.

Ethical hacker
One who hacks into systems in order to accomplish some goal that he or she feels is ethically valid.

Evaluation Assurance Levels
Numeric levels (1 through 7) that define security assurance as defined in the Common Criteria.

Executable profiling
A type of intrusion detection strategy that seeks to profile the behaviour of legitimate executables and compare that against the activity of any running programme.

****

F

False positive
An erroneous flagging of legitimate activity as an intrusion by an intrusion detection device.

Firewall
A barrier between the network and the outside world.

G

Gray hat hacker
A hacker whose activities are normally legal but occasionally delves into activities that may not be legal or ethical.

Group Policy Objects
Objects in Microsoft Windows that allow you to assign access rights to entire groups of users or computers.

****

H

Hacker
One who tries to learn about a system by examining it in detail and reverse engineering it.

Handshaking
The process of verifying a connection request. It involves several packets going from client to server and back.

Honeypot
A system or server designed to be very appealing to hackers, when in fact it is a trap to catch them.

****

I

ICMP packets
Network packets often used in utilities such as Ping and Tracert.

Infiltration
The act of gaining access to secure portions of a network.

Information Technology Security Evaluation
Security guidelines created by the Commission of the European Communities, analogous to the Common Criteria.

Information warfare
Attempts to influence political or military outcomes via information manipulation.

Integrity of data
Ensuring that data has not been modified or altered and that the data received is identical to the data that was sent.

International Data Encryption Algorithm (IDEA)
A block cipher designer as a replacement for DES (Data Encryption Standard).

Internet Key Exchange (IKE)
A method for setting up security associations in IPSEc.

Intrusion
The act of gaining access to secure portions of a network.

Intrusion deflection
An IDS strategy that is dependent upon making the system seem less attractive to intruders. It seeks to deflect attention away from the system.

Intrusion-detection system (IDS)
A system for detecting attempted intrusions. Related to intrusion prevention systems (IPS) that block suspected attacks.

Intrusion deterrence
An IDS strategy that attempts to deter intruders by making the system seem formidable, perhaps more formidable than it is.

IP
Internet Protocol, one of the primary protocols used in networking.

IPSec
Internet Protocol Security, a method used to secure VPN's.

IP spoofing
Making packets seem to come from a different IP address that they really originated from.

****

J

****

K

Key logger
Software that logs key strokes on a computer.

****

L

L2TP
Layer 2 Tunneling Protocol, a VPN protocol.

Layered security approach
A security approach that also secures the internal components of the network, not just the perimeter.

****

M

Malware
Any software that has a malicious purpose such as a virus or Trojan horse.

Microsoft Point-to-Point Encryption
An encryption technology designed by Microsoft for use with virtual private networks.

Mono-alphabet cipher
An encryption cypher using only one substitution alphabet.

MS-CHAP
A Mcirosoft extension to CHAP.

Multi-alphabet substitutions
Encryption methods that use more than one substitution alphabet.

****

N

Network address translation
A replacement technology for proxy servers.

Network-based
A firewall solution that runs on an existing server.

Network intrusion detection
Detecting any attempted intrusion throughout the network, as opposed to intrusion detection that only works on a single machine or server.

NIC
Network interface card.

Non-repudiation
The process of verifying a connection so that neither party can later deny, or repudiate, the transaction.

Null sessions
How Windows represents an anonymous users.

****

O

Object
In reference to computer security models, an object is any file, device, or part of the system a user wishes to access.

Open source
Software where the source code itself is freely available to the public.

Operating system hardening
The process of securing an individual operating system. This includes proper configuration and applying patches.

****

P

Packet filter firewall
A firewall that scans incoming packets and either allows them to pass or rejects them.

Packet sniffer
Software that intercepts packets and copies their contents.

PAP
Password Authentication Protocol, the most basic form of authentication in which a user's name and password are transmitted over a network and compared to a table of name-password pairs.

Passive security approach
An approach to security that awaits some incident to react to, rather than being proactive.

Password policies
Policies that determine the parameters of a valid password including minimum lenght, age, and complexity.

Penetration testing
Assessing the security of a system by attempting to break into the system. This is the activity most penetration testers engage in.

Perimeter security approach
A security approach that is concerned only with securing the perimeter of a network.

PGP
Pretty Good Privacy, a widely used tool that has symmetric and asymmetric algorithms, often used to encrypt email.

Phreaker
Someone who hacks into phone systems.

Phreaking
The process of hacking into a phone system.

Ping of Death
A DoS attack that sends a malformed Ping packet hoping to cause the target machine to error out.

Playback attack
This attack involves recording the authentication session of a legitimate user, and then simply playing that back in order to gain access.

Port scan
Sequentially pinging ports to see which ones are active.

PPP
Point-to-Point Protocol, a somewhat older connection protocol.

PPTP
Point-to-Point Tunneling Protocol, an extension to PPP for VPNs.

Proxy server
A device that hides your internal network from the outside world.

Public key system
An encryption method where the key used to encrypt messages is made public and anyone can use it. A separate, private key is required to decrypt the message.

****

Q

Quantum encryption
A process that uses quantum physics to encrypt data.

Quantum entanglement
A phenomena from quantum physics where two subatomic particles are related in such a way that a change to the state of one instantaneously causes a change to the satte of the other.

****

R

Resource profiling
A monitoring approach that measures system-wide use of resources and develops a historic usage profile.

Rijndael algortihm
The algorithm used by AES.

RSA
A public key encryption method developed in 1997 by three mathematicians, Ron Rivest, Adi Shamir, and Len Adleman. The name RSA is derived fromt he first letter of each mathematician's last name.

RST cookine
A simple method for alleviating the danger of certain types of DoS attacks.

****

S

Screened host
A combination of firewalls; in this configuration you use a combination of a bastion host and a screening router.

Script kiddy
A slang term for an unskilled person who purports to be a skilled hacker.

Security template
Preset security settings that can be applied to a system.

Service
A program that runs in the background, often performing some system service. See also Daemon.

Session hacking
THe process of taking over the session between a client and a server in order to gain access to the server.

Simple-security property
This means that a subject can read an object only if the security level of the object is higher than or equal to the security of the object.

Single-machine firewall
A firewall that resides on a single PC or server.

Slammer
A famous Internet worm.

Smurf attack
A specific type of DDoS attack that uses broadcast packets sent to a router on the target network.

Sneaker
Someone who is attempting to compromise a system in order to assess its vulnerability. This term is almost never used today; instead the term penetration tester or ethical hacker is used.

Sniffer
A program that captures data as it travels across a network. Also called a packet sniffer.

Snort
A widely used, open source, intrusion-detection system.

Social engineering
The use of persuasion on human users in order to gain information required to access a system.

SPAP
Shiva Password Authentication Protocol, a proprietary version of #PAP.

Spoofing
Pretending to be something else, as when a packet might spoof another return IP address (as in the Smurf attack) or when a website is spoofing a well-known e-commerce site.

Spyware
Software that monitors computer use.

Stack tweaking
A complex method for protecting a system against DoS attack. This method involves reconfiguring the operating system to handle connections differently.

Stateful packet inspection
A type of firewall that not only examines packets but also knows the context within which the packet was sent.

State Machine Model
A model that looks at a system's transition from one state to another. It starts by capturing the current state of a system. Later the system's state at that point in time is compared to the previous state of the system to determine whether there has been a security violation in the interim.

Subject
In computer security models the subject in any entity that is attempting to access a system or data.

Symmetric key system
An encryption method where the same key is used to encrypt and decrypt the message.

SYN cookie
A method ofr ameliorating the dangers of SYN floods.

SYN flood
Sending a stream of SYN packets (requests for connection) and then never responding thus leaving the connection half open.

****

T

Target of evaluation
Also TOE, an independent evaluation of a product to show that the product does, in fact, meet the claims in a particular security target.

Threshold monitoring
Monitoring a network or system looking for any activity that exceeds some predefined limit or threshold.

Transport mode
One of two IPSec modes, the transport mode works by encrypting the data in each packet but leaves the header unencrypted.

Trin00
A tool used to execute DDoS attacks.

Trojan horse
Software that appears to have a valid and benign purpose but really has another, nefarious purpose.

Trusted computing base
The TCB is everything in a computing system that provides a secure environment.

Tunnel mode
One of two IPSec modes. The tunnel mode encrypts both the header and the data and is thus more secure than the transport mode but can work a bit slower.

****

U

****

V

Virus
Software that is self-replicating and spreads like a biological virus.

Virus hoax
A notification of a virus that is not true. Often the notification attempts to convince the user to delete some critical file, claiming that the file is a virus.

Voluntary tunneling
Tunneling that allows the user to determine the parameters of a VPN tunnel.

****

W

War-dialing
Dialing phones waiting for a computer to pick up, usually done via some automated system.

War-driving
Driving and scanning for wireless networks that can be compromised.

Well-formed transactions
Transaction in which users cannot manipulate or change the data without careful restriction.

White hat hacker
A hacker who does not break the law, often synonymous with ethical hacker.

Worm
A virus that can spread without human intervention.

X

X.509
A widely used standard for digital certificates.

Y

****

Z

****

Access control

Anomaly detection is a technique used in various fields, including data analysis, machine learning, and cybersecurity, to identify patterns or instances that deviate significantly from normal behavior or expected patterns. It involves the process of detecting anomalies, outliers, or unusual observations that do not conform to the typical behavior of a given system or dataset.Anomalies can occur due to various factors, such as errors, fraudulent activities, system malfunctions, or unexpected events. Anomaly detection algorithms aim to uncover these deviations by analyzing the data and identifying patterns that are inconsistent with the majority of the data points.There are several approaches to anomaly detection, including statistical methods, machine learning algorithms, and rule-based systems. Statistical methods often involve calculating statistical measures, such as mean, standard deviation, or percentile ranks, to define normal behavior and flag data points that fall outside those thresholds. Machine learning algorithms can be trained on a dataset with labeled examples of normal and anomalous instances to learn patterns and classify new observations. Rule-based systems utilize predefined rules or heuristics to identify anomalies based on specific criteria or thresholds.Anomaly detection is employed in various applications, such as fraud detection in financial transactions, network intrusion detection in cybersecurity, system monitoring, predictive maintenance in industrial settings, and outlier detection in data cleaning and preprocessing tasks. By detecting anomalies, organizations can proactively identify potential risks, mitigate threats, and improve the overall security and reliability of their systems and processes.

Acess control list