Computer Virus | Antivirus |
Trojan Horse | Worm |
Ransomware | Malware |
Virus | Trojan |
A software program designed to detect, prevent, and remove computer viruses and other malicious software. | A type of malicious software that can replicate itself and spread to other computers. |
A self-replicating program that spreads across computer networks and can cause harm by consuming system resources or deleting files. | A type of malware that disguises itself as a legitimate program but performs malicious activities in the background. |
Malicious software designed to harm or exploit computers or networks. | A type of malware that encrypts files on a victim's computer and demands a ransom in exchange for the decryption key. |
A type of malware disguised as legitimate software, which allows unauthorized access to a computer or network. | A type of malware that self-replicates and infects other files or systems. |
Spyware | Adware |
Rootkit | Keylogger |
Phishing | Spoofing |
Two-Factor Authentication | Phishing Website |
Malware that displays unwanted advertisements or redirects browsers to advertising websites. | Malware that secretly gathers information about a person or organization without their consent. |
Malware that records keystrokes on a computer without the user's knowledge, often used to steal login credentials or sensitive information. | Malware that enables unauthorized access to a computer, while hiding its presence from the user and antivirus software. |
Tricking users into believing that their communication is coming from a trusted source when it isn't. | A technique used by cybercriminals to trick individuals into revealing sensitive information by posing as a trustworthy entity. |
A fraudulent site created to mimic a legitimate platform. | A layer of security that requires users to provide two forms of verification before accessing an account. |
Ddos Attack | Zombie Computers |
Amplification Attack | Packet Flooding |
Brute Force Attacks | Dictionary Attack |
SQL Injection | Input Sanitation |
Computers that have been infected by malware and can be remotely controlled without the knowledge of their owners, often used in DDoS attacks. | A type of cyber attack that floods a computer network with excessive traffic in order to disrupt normal operations. |
A technique used in DDoS attacks where a large number of packets are sent to a target, overwhelming its capacity to process them. | A type of DDoS attack that uses amplification techniques to magnify the volume of traffic sent to a target, making the attack more effective. |
Where an attacker uses a list of words, phrases, or commonly used passwords to attempt unauthorized access to a system. | Where an attacker systematically tries all possible combinations of passwords in order to gain unauthorized access to a system. |
The process of filtering and validating user input before using it in an application. | A code injection technique that attackers use to exploit vulnerabilities in a web application's database layer. |
Insider Threats | Privileged Access |
Social Engineering | Pretexting |
Baiting | Tailgating |
Impersonation | Spear Phishing |
Elevated permissions and rights granted to select users within an organization, increasing the risk of insider threats. | Security risks posed by individuals within an organization, such as employees or former employees. |
A form of social engineering where attackers create a fictitious scenario to obtain information from individuals. | The act of manipulating people into performing actions or divulging confidential information. |
A method of social engineering where an unauthorized person follows an authorized individual to gain access to a restricted area. | A social engineering technique that involves offering something enticing to trick individuals into revealing information or taking action. |
A targeted form of phishing where attackers tailor fraudulent emails to specific individuals or organizations. | A social engineering tactic where attackers pretend to be someone else to deceive individuals and gain access to confidential information. |
Physical System Attacks | Eavesdropping |
Tampering | Physical Tapping |
Botnet | Command And Control Server |
Infected Devices | Bot Herders |
A form of attack where an unauthorized party intercepts and monitors communication on a network. | Attacks that exploit vulnerabilities in a physical system, such as tampering with hardware or interrupting power supply. |
An attack where an attacker physically taps into a network cable to intercept data passing through. | An attack where an attacker alters data or devices in a network to disrupt operations or gain unauthorized access. |
A central server that sends instructions to the devices in a botnet and receives data back from them. | A network of infected computers, or bots, that are controlled remotely and used to carry out DDoS attacks or other malicious activities. |
Individuals or groups who control and manage botnets of infected devices. | Devices that have been compromised by malware and are part of a botnet. |
Symmetric Encryption | Key |
Cipher | Block Cipher |
Stream Cipher | Encryption |
Decryption | AES |
A piece of information used in conjunction with an algorithm to encrypt and decrypt data. | A cryptographic technique that uses the same key to encrypt and decrypt data. |
A type of symmetric encryption algorithm that operates on fixed-length blocks of data. | A set of rules or steps used in encryption and decryption processes. |
The process of converting plaintext into ciphertext using an encryption algorithm. | A type of symmetric encryption algorithm that encrypts data one bit at a time. |
Advanced Encryption Standard, a widely used symmetric encryption algorithm. | The process of converting ciphertext back into plaintext using a decryption algorithm. |
Asymmetric Encryption | Key Pair |
RSA Algorithm | Digital Signature |
Key Exchange | Secure Communication |
Digital Signatures | Authentication |
A set of two complementary cryptographic keys: a public key and a private key. | A cryptographic system that uses a pair of keys for encryption: a public key for encrypting data and a private key for decrypting data. |
A cryptographic technique used to verify the authenticity of digital messages or documents. | A popular asymmetric encryption algorithm used for secure communication and data protection. |
Communication that is protected from eavesdropping, tampering, or unauthorized access using encryption techniques. | The process of securely sharing cryptographic keys between parties to enable secure communication. |
Verifying the identity of the sender or recipient in asymmetric encryption. | A way to ensure the authenticity of a message sent using asymmetric encryption. |
Confidentiality | Non-Repudiation |
Certificate Authority | Digital Certificate |
Public Key | Private Key |
Root Certificate | Revocation |
Preventing the sender from denying sending a message in asymmetric encryption. | Ensuring that information remains confidential in asymmetric encryption. |
An electronic document issued by a Certificate Authority that binds a public key to an individual or entity. | An entity responsible for issuing digital certificates that validate the ownership of a public key. |
A cryptographic key that is kept secret and used for decryption or creating digital signatures. | A cryptographic key that can be freely distributed and is used for encryption or digital signatures. |
The process of invalidating a digital certificate before its expiration date due to compromise or other reasons. | A self-signed certificate issued by a Certificate Authority that establishes trust in the entire certificate chain. |