| Keyword |
Definition |
|
Authentication
|
The process of determining whether someone or something is, in fact, who or what it claims to be. |
|
Broadband
|
High-speed data transmission system where the communications circuit is shared between multiple users. |
|
Chrome
|
Cross-platform web browser developed by Google to browse and navigate the Internet
|
|
Database
|
A collection of data that is organized so that its contents can easily be accessed, managed and updated
|
|
Drive-by Download
|
An attack that occurs when visiting a website that has been compromised or visiting a website that is designed to do harm. These attacks target security holes in browsers or in the plug-ins used in those browsers. That attack may not be seen
|
|
Encryption
|
The translation of data into a secret code. To read an encrypted file you must have access to a key or password that enables you to decrypt it. Encrypted data is referred to a cipher text
|
|
Exploit
|
A software tool, process or technique designed to take advantage of a flaw in a computer system, typically for malicious purposes such as installing malware, stealing information, etc |
|
FireFox
|
Cross-platform web browser developed by Mozilla to browse and navigate the Internet. |
|
Firewall
|
Hardware or software designed to prevent unauthorized access to a computer or network from another computer or network
|
|
Hacker
|
Someone who violates computer security for malicious reasons, kudos or personal gain
|
|
HTTP / port 80
|
HyperText Transfer Protocol. The protocol used to transmit unsecured web pages over the Internet. Uses TCP port 80 for transmission |
|
HTTPS/SSL / port 443
|
A secure version of HTTP which encrypts data. Uses TCP port 443 for transmission |
|
Internet
|
A worldwide network of computers that allows the "sharing" or "networking" of information at remote sites from other academic institutions, research institutes, private companies, government agencies, and individuals |
|
Internet Explorer
|
Software developed by the Microsoft Corporation to browse and navigate the Internet. This software has been deprecated and replaced by Microsoft Edge. |
|
Internet service provider (ISP)
|
Company that provides access to the internet and related services |
|
Intrusion detection system (IDS)
|
Program or device used to detect that an attacker is or has attempted unauthorized access to computer resources |
|
Key logger
|
A virus or physical device that logs keystrokes to secretly capture private information such as passwords or credit card details |
|
Macro virus
|
Malware (ie malicious software) that uses the macro capabilities of common applications such as spreadsheets and word processors to infect data |
|
Malware
|
Software intended to infiltrate and damage or disable computers. Shortened form of malicious software |
|
Man-in-the-middle (MitM) attack
|
A type of attack in which the actor intercepts, alters, or eavesdrops on data as it travels between the sender and recipient. An example of this is intercepting messages through an unencrypted Wi-Fi connection |
|
Microsoft Edge
|
Cross-platform web browser published by Microsoft to browse and navigate the Internet. Serves as replaced for Internet Explorer. |
|
Patch
|
A fix added to software to repair or improve aspects that are not functioning optimally, such as a security flaws, stability or speed of a browser or operating system. |
|
Phishing
|
Method used by criminals to try to obtain financial or other confidential information (including user names and passwords) from internet users, usually by sending an email that looks as though it has been sent by a legitimate organization (often a bank). The email usually contains a link to a fake website that looks authentic.
|
|
Protocol
|
The 'language' spoken between computers to help them exchange information. More technically, it is a formal description of message formats and the rules that two computers must follow in order to exchange those messages |
|
Scareware
|
A message, delivered through a computer or mobile device, that is intended to frighten or intimidate the viewer into taking an action, such as clicking on a link, purchasing software or sending money. |
|
Smishing
|
Similar to Phishing, Smishing is an attack that tries to trick the end user to click on a link in a text message or sms to lead them to a data collection tool. The message attempts to look legitimate or vague enough to urge someone to click on the link. As with phishing the goal of the criminals is to try to obtain financial or other confidential information (including user names and passwords) from internet users.
|
|
Social engineering
|
Using deceptive tactics to trick people into divulging confidential or personal information that may be used for fraudulent purposes. This information may be used for impersonation as well as to gain access to accounts.
|
|
SPAM
|
Spam is unsolicited e-mail on the Internet |
|
Spear Phishing
|
Same as Phishing (see above), but this messaging is targeted at a specific individual or group of individuals, to make the message seem more authentic. |
|
Spoofing
|
Sending an email disguised to look like it is coming from someplace besides its actual origin. The IP address may be changed, the email address may mimic a known domain, and the email formatting may imitate the design attached to a well-known company or site |
|
Spyware
|
Malware that passes information about a computer user’s activities to an external party |
|
TCP/IP
|
"Transmission Control Protocol/Internet Protocol." TCP/IP is a combined set of protocols that perform the transfer of data between two computers. It is the Standard protocol for all Internet-connected machines |
|
Trojan
|
A malicious piece of code, usually hidden in another seemingly harmless piece of software or application. |
|
Virus
|
Self-replicating malware that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence |
|
VPN
|
Virtual Private Network. A network in which some of the parts are connected using a public network (Internet), but the data sent across the public network is encrypted |
|
Vishing
|
Similar to Phishing, Vishing is a method used by criminals to try to obtain financial or other confidential information (including user names and passwords) from internet users, usually by calling phone numbers directly. The call can be from a live person or a recording, attempting to appear as though it has been sent by a legitimate organization (often a bank).
|
|
Vulnerability
|
A flaw or weakness that can be used to attack a system or organization |
|
Worm
|
Malware that replicates itself so it can spread to infiltrate other computers |