Glossary of Cyber Security Terms

Access Control List (ACL)

Advanced Persistent Threat (APT)

Adware

Ammyy Admin

Antivirus?

Authentication

Authorization

Attack Surface

Asset

Application Security

Advanced Encryption Standard (AES)

Application Programming Interface (API)

Access Point

Attack Vector

Air Gap

Authentication Factor

Adversary

Audit Trail

APT Framework

Application Whitelisting

Access Management

Authorization Token

Attack Tree

Attack Map

Anonymity

Artificial Intelligence (AI)

Algorithm

Aircrack-ng

Anti-spyware

Asset Management

Asymmetric Encryption

Application Security Testing

Attribute-based Access Control (ABAC)

Address Resolution Protocol (ARP)

Access Point Name (APN)

Botnet

Brute Force Attack

Backup

Browser Hijacking

Bot

Black-Hat Hacker

Bricking

Bluetooth Hacking

Biometric Authentication

Binary Code

Business Continuity Planning (BCP)

Bot Herder

Backdoor

Banner Grabbing

Bluejacking

Blacklist

Behavioral Analytics

Block Cipher

Blockchain Security

Boot Sector Virus

Branded Spear Phishing

Browser Extension Security

Business Email Compromise (BEC)

Binary Exploitation

Beaconing

Business Impact Analysis (BIA)

Blind SQL Injection

Binary Tree

Browser Isolation

Bot Imitation

Big Data Analytics

Behavioral Biometrics

Bootkit

Blind Spot

Botmaster

Browser Sandbox

Blockchain Mining

Beacon Frequency

Behavioral Detection

Bit

Business Process Compromise (BPC)

Blacklist Filter

Binary Analysis

Bitlocker

Bloatware

Bot Controller

Blockchain Node

Browser Fingerprinting

Biometric Authentication

Bypass Attack

Block Cipher

Bluejacking

Blackout Attack

Buffer Overflow

Bot Traffic

Backup and Recovery Plan

Baseline Security

Behavior-based Detection

Bug Bounty Program

BIOS Password

Browser Extension

Cybercop

Cross-Site Scripting (XSS)

Cybersecurity

Criticality Analysis

Cyber Warfare

Chief Security Officer

Checksum

Category

Cleartext

Common Attack Pattern Enumeration And Classification (CAPEC)

Certification Revocation List 

Cryptography

Cryptosystem

Compliance

Chain of Custody

Challenge-Response Protocol

Critical Infrastructure

Criticality

Compliance Documents

Consumerization 

Configuration Management

Control 2

Cold Site

Cyber Espionage

Central Services Node

Certificate Authority (CA)

Chief Information Security Officer

Confidentiality

Ciphony

Content Filtering

Countermeasure 

Common Access Card

Cybersecurity Architecture

Control

Compartmentalization

Certification Management

Computer Emergency Response Team (CERT)

Chain of Evidence

Clinger-Cohen Act of 1996

Cipher

Cloud Computing

Computer Forensics

Collision

Cipher Text

Claimant

Containment

Data Processor

Data Controller

Disruption

Database

Digital Certificate

Disaster Recovery Plan

Digital Evidence

Data Flow Control

Data Leakage

Duplicate Digital Evidence

Data Custodian

Data Classification

Digital Signature

Disaster

Data Owner

Digital Forensics

Data Transfer Device (DTD)

Dual Use Certificate

Decryption

Data Retention

Data Element

Data Encryption Standard

Data Protection Impact Assessment

Defense In Depth

Decryption Key 

Data Asset

Distributed Denial Of Service (DDoS)

Denial Of Service Attack

Dynamic Ports

Demilitarized Zone (DMZ)

Disk Imaging

Discretionary Access Control

Due Care

Decentralization

Domain Name System (DNS) Exfiltration

Domain Name System (DNS)

Due Diligence

Embedded Cryptography 

Electronic Key Entry

Electronic Key Management System

Exploit 

Encryption Algorithm

External Security Testing

Ethernet

Exploitable Channel

Encryption

End Cryptographic Unit

End-To-End Encryption 

Elliptical Curve Cryptography (ECC) 

Encipher 

External Network 

Evidence 

Eradication 

Ecommerce 

Enterprise 

Easter Egg 

Embedded Cryptographic System 

Enterprise Risk Management

Electronic Signature

Encryption Key

Electronically Generated Key

Egress Filtering

EGovernment

Encapsulation Security Payload

Exercise Key

Enterprise Architecture

Entrapment

Encryption Certificate 

Exploit Code 

Event 

Focused Testing 

Flaw Hypothesis Methodology 

Forensic Specialist 

Forensically Clean 

Forensics 

Fail Safe 

Fail Soft 

Forensic Examination 

Firmware 

Firewall Control Proxy 

File Name Anomaly 

Forensic Copy 

Federal Public Key Infrastructure Policy Authority (FPKI PA) 

Full Disk Encryption (FDE) 

Freeware 

Forward Cipher 

File Protection 

False Positive 

Fill Device 

Firewall 

Failover 

Federal Information System 

Flooding 

File Transfer Protocol (FTP) 

File Security 

File Encryption 

Global Information Grid (GIG)

Governance

Guard System

Graduated Security

Group Authenticator

Gethostbyaddr

Gnu

Guideline

Guessing Entropy

Get Nearest Server

Gnutella

Gateway

Governance, Risk Management, and Compliance (GRC)

Global Information Infrastructure (GII)

Hacker 

Hacking 

Hashing 

Hardware 

Hash 

Health Insurance Portability and Accountability Act (HIPAA) 

Honeypot 

Heartbeat 

Human Machine Interface (HMI) 

HTTP (Hypertext Transfer Protocol) 

HTTPS (Hypertext Transfer Protocol Secure) 

Hybrid Cloud 

Hijacking 

Host-based Intrusion Detection System (HIDS) 

Hacker Ethics 

Hash Function 

Home Network Security 

Hacker Group 

Hardening 

Hacker Tools 

HTTP Header 

Hijacking 

Hub 

Hot Site 

Hash Function 

Honeyclient 

HTTP Proxy 

High Assurance Guard Hag 

Hash Total 

Host-Based Intrusion System (HIDS) 

Host 

Honeymonkey 

Hyperlink 

Hard Copy Key 

Hash Value 

Hybrid Encryption 

Hop 

Handshaking Procedures 

Hybrid Attack 

High Impact 

Header 

Hash Functions 

High Availability 

Hash-Based Message Authentication Code 

Hot Wash 

High Impact System 

Hybrid Security Control 

Hijack Attack 

Hardwired Key

Internet Protocol (IP) 

Incremental Backups 

IP Spoofing 

Issue-Specific Policy

Integrity

Internet Standard

Internet Protocol Security (IPSec)

Identity

IP Forwarding

Internet Message Access Protocol (IMAP)

Information warfare (IW)

Inference Attack

Interrupt

ISO 27000

ISO/IEC 27001

Intrusion Detection System (IDS)

Input Validation Attacks

Internet Control Message Protocol (ICMP)

IaaS (Infrastructure-as-a-Service)

Identity Cloning

Identity fraud

IDS (Intrusion Detection System) 

Information Security Policy

Insider Threat

IPS (Intrusion Prevention System)

ISP (Internet Service Provider)

Jump Bag  

Jitter 

JavaScript-Binding-Over-HTTP (JBOH) 

Jamming  

JSON 

Job Rotation 

Javascript 

Jump Server 

JSON Web Token (JWT)  

John the Ripper 

JTAG  

Jira

John McAfee 

Jumpstart 

Just-in-time (JIT) patching 

Kerberos 

Key 

Keylogger 

Kill Switch 

Kleptography 

Knowledge-based authentication 

Key Recovery 

Key Rotation 

Key Stretching 

Keystore 

Kernel

Kismet

Kudos

KVM switch

Known-plaintext attack 

knowledge management

Key exchange

Keystroke dynamics

Kill Chain

Key Escrow

Kerckhoffs's Principle

Kernel-based Virtual Machine (KVM)

Known Error

Kryptowars 

K-anonymity

Keylogger Blocker

Kernel Patch

Key Validation

Key-reuse Attack

Kernel Rootkit

Key-size

Log management 

Linux

Malware 

Logon

Loot

Layered security

Legal compliance

Least privilege

Live migration

Loss prevention

Latent malware

Lateral movement

Logon security

Lockdown

Loss of control

Luring 

Local Area Network (LAN)

Link Jacking

Lattice Techniques

Layer 2 Forwarding Protocol (L2F)

Layer 2 Tunneling Protocol (L2TP)

Least Privilege

Legion

Lightweight Directory Access Protocol (LDAP)

Link State

List Based Access Control

Loadable Kernel Modules (LKM)

Log Clipping

Logic bombs

Logic Gate

Loopback Address