Cybersecurity Fundamentals
Expert-defined terms from the Postgraduate Certificate in Cybersecurity course at Stanmore School of Business. Free to read, free to share, paired with a globally recognised certification pathway.
Advanced Persistent Threat (APT) #
A type of cyber threat in which an unauthorized user gains access to a network and remains undetected for a period of time while stealing data or causing damage. APTs are typically carried out by well-funded and highly skilled attackers, such as nation-state actors.
Anti #
virus (AV) software: Software designed to detect, prevent, and remove malicious software (malware) from a computer or network. AV software uses a variety of techniques to identify malware, including signature-based detection, heuristics, and behavior-based analysis.
Authentication #
The process of verifying the identity of a user, device, or system. Authentication typically involves the use of a username and password, but can also involve other factors such as biometrics or smart cards.
Availability #
One of the three key principles of information security, along with confidentiality and integrity. Availability refers to the ability of authorized users to access information and systems when they need to.
Botnet #
A network of compromised computers that are controlled remotely by an attacker, often for the purpose of carrying out coordinated cyber attacks.
CIA triad #
A model for information security that includes the three key principles of confidentiality, integrity, and availability.
Confidentiality #
One of the three key principles of information security, along with availability and integrity. Confidentiality refers to the protection of sensitive or private information from unauthorized access or disclosure.
Cryptography #
The practice of securing communication and data by using mathematical algorithms to convert plain text into a coded form that is difficult for unauthorized users to decipher.
Denial of Service (DoS) attack #
A type of cyber attack in which an attacker attempts to make a network or server unavailable to its intended users by overwhelming it with traffic or other types of requests.
Firewall #
A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall can be hardware-based, software-based, or a combination of both.
Incident response #
The process of identifying, investigating, and mitigating a security incident, such as a data breach or cyber attack.
Integrity #
One of the three key principles of information security, along with confidentiality and availability. Integrity refers to the accuracy and completeness of information and systems, and the protection of information and systems from unauthorized modification.
Intrusion Detection System (IDS) #
A security system that monitors network traffic for signs of suspicious or malicious activity and alerts security personnel when such activity is detected.
Malware #
Short for "malicious software," malware is any type of software that is designed to harm a computer, network, or the data stored on it. Examples of malware include viruses, worms, Trojan horses, and ransomware.
Penetration testing #
The practice of testing a computer system, network, or web application to find security vulnerabilities that an attacker could exploit.
Ransomware #
A type of malware that encrypts the files on a victim's computer and demands a ransom payment in exchange for the decryption key.
Risk #
The potential for harm or loss to occur as a result of a threat exploiting a vulnerability.
Security audit #
An examination and evaluation of an organization's information systems by independent experts to ensure that they are functioning properly and are in compliance with security policies and regulations.
Security Information and Event Management (SIEM) system #
A software system that aggregates and analyzes security-related data from various sources, such as firewalls, intrusion detection systems, and servers, to provide real-time visibility into the security posture of an organization.
Threat #
Any potential danger to an organization's information systems, such as a hacker, a virus, or a natural disaster.
Vulnerability #
A weakness in an information system that could be exploited by a threat to cause harm or loss.
Virtual Private Network (VPN) #
A secure, encrypted connection between two networks or between an individual user and a network. VPNs are commonly used to allow remote users to securely access a company's internal network.
Virus #
A type of malware that infects a computer by inserting its code into other programs or files, allowing it to spread and cause harm.
Worm #
A type of malware that replicates itself and spreads from device to device without the need for human interaction.
Zero #
day exploit: A security vulnerability that is unknown to the software vendor and for which no patch or fix is available. Zero-day exploits are often used by attackers to gain unauthorized access to systems or to carry out other malicious activities.