| Network Validation | Authentication |
| Network Security | Digital Certificate |
| Biometric Authentication | Access Control |
| Two-Factor Authentication | Intrusion Detection System |
| The act of confirming the identity of a user or device, with the purpose of granting access to a network or system. | The process of verifying that a network operates efficiently and satisfies the intended performance standards. |
| An electronic document that confirms the credibility of a sender or receiver in a network communication. | Implementing measures to safeguard a network against unauthorized access, improper use, alteration, or disruption of service. |
| It involves implementing mechanisms that restrict user or device entry to specific resources or areas within a network. | Unique physical or behavioral characteristics like fingerprints or iris scans are utilized to verify an individual's identity through the process of authentication. |
| A monitoring solution, whether it's in the form of software or hardware, which oversees network traffic to acknowledge and take action against potential security threats or attacks. | A security process necessitating users to provide two distinct authentication factors, often a password and a unique code. |
| Firewall | Security Audit |
| Password Authentication | Credentials |
| Authentication Factor | Hashing |
| Salt | Phishing |
| The process of assessing a network's security measures to identify weaknesses, evaluate potential threats, and suggest enhancements. | A network security device that employs predetermined security rules to filter and regulate incoming and outgoing network traffic. |
| Information used to authenticate a user's identity, typically consisting of a username and password. | The process of verifying the identity of a user by requiring them to provide a password. |
| The process of converting a password into a fixed-length string of characters using a cryptographic algorithm. | A piece of information used to authenticate a user's identity, such as a password or biometric data. |
| A fraudulent attempt to obtain sensitive information, such as passwords, by disguising as a trustworthy entity. | A random string of characters added to a password before hashing to protect against rainbow table attacks. |
| Asymmetric Encryption | Symmetric Encryption |
| Public Key | Private Key |
| Key Exchange | Encryption |
| Decryption | Certificate Authority |
| A cryptographic system that uses the same key for both encryption and decryption. | A cryptographic system that uses two different keys: a public key for encryption and a private key for decryption. |
| In asymmetric encryption, a key that is kept secret and used for decryption. | In asymmetric encryption, a key that is publicly available and used for encryption. |
| The process of converting plaintext into ciphertext using an encryption algorithm and a key. | The process of securely exchanging keys between parties in asymmetric encryption. |
| An organization that issues digital certificates and verifies the authenticity of entities. | The process of converting ciphertext into plaintext using a decryption algorithm and a key. |
| Digital Signature | Certificate Revocation |
| Key Pair | Computer Virus |
| Antivirus | Trojan Horse |
| Worm | Ransomware |
| The process of invalidating a digital certificate before its expiration date. | A cryptographic mechanism that ensures the authenticity and integrity of digital messages or documents. |
| A type of malicious software that can replicate itself and spread to other computers. | A pair of cryptographic keys, consisting of a public key and a private key. |
| A type of malware that disguises itself as a legitimate program but performs malicious activities in the background. | A software program designed to detect, prevent, and remove computer viruses and other malicious software. |
| A type of malware that encrypts files on a victim's computer and demands a ransom in exchange for the decryption key. | A self-replicating program that spreads across computer networks and can cause harm by consuming system resources or deleting files. |
| Malware | Virus |
| Trojan | Spyware |
| Adware | Rootkit |
| Keylogger | Spoofing |
| A type of malware that self-replicates and infects other files or systems. | Malicious software designed to harm or exploit computers or networks. |
| Malware that secretly gathers information about a person or organization without their consent. | A type of malware disguised as legitimate software, which allows unauthorized access to a computer or network. |
| Malware that enables unauthorized access to a computer, while hiding its presence from the user and antivirus software. | Malware that displays unwanted advertisements or redirects browsers to advertising websites. |
| Tricking users into believing that their communication is coming from a trusted source when it isn't. | Malware that records keystrokes on a computer without the user's knowledge, often used to steal login credentials or sensitive information. |
| Phishing Website | Ddos Attack |
| Zombie Computers | Amplification Attack |
| Packet Flooding | Brute Force Attacks |
| Dictionary Attack | SQL Injection |
| A type of cyber attack that floods a computer network with excessive traffic in order to disrupt normal operations. | A fraudulent site created to mimic a legitimate platform. |
| A type of DDoS attack that uses amplification techniques to magnify the volume of traffic sent to a target, making the attack more effective. | Computers that have been infected by malware and can be remotely controlled without the knowledge of their owners, often used in DDoS attacks. |
| Where an attacker systematically tries all possible combinations of passwords in order to gain unauthorized access to a system. | A technique used in DDoS attacks where a large number of packets are sent to a target, overwhelming its capacity to process them. |
| A code injection technique that attackers use to exploit vulnerabilities in a web application's database layer. | Where an attacker uses a list of words, phrases, or commonly used passwords to attempt unauthorized access to a system. |
| Input Sanitation | Insider Threats |
| Privileged Access | Social Engineering |
| Pretexting | Baiting |
| Tailgating | Impersonation |
| Security risks posed by individuals within an organization, such as employees or former employees. | The process of filtering and validating user input before using it in an application. |
| The act of manipulating people into performing actions or divulging confidential information. | Elevated permissions and rights granted to select users within an organization, increasing the risk of insider threats. |
| A social engineering technique that involves offering something enticing to trick individuals into revealing information or taking action. | A form of social engineering where attackers create a fictitious scenario to obtain information from individuals. |
| A social engineering tactic where attackers pretend to be someone else to deceive individuals and gain access to confidential information. | A method of social engineering where an unauthorized person follows an authorized individual to gain access to a restricted area. |
| Spear Phishing | Physical System Attacks |
| Eavesdropping | Tampering |
| Physical Tapping | Botnet |
| Command And Control Server | Infected Devices |
| Attacks that exploit vulnerabilities in a physical system, such as tampering with hardware or interrupting power supply. | A targeted form of phishing where attackers tailor fraudulent emails to specific individuals or organizations. |
| An attack where an attacker alters data or devices in a network to disrupt operations or gain unauthorized access. | A form of attack where an unauthorized party intercepts and monitors communication on a network. |
| A network of infected computers, or bots, that are controlled remotely and used to carry out DDoS attacks or other malicious activities. | An attack where an attacker physically taps into a network cable to intercept data passing through. |
| Devices that have been compromised by malware and are part of a botnet. | A central server that sends instructions to the devices in a botnet and receives data back from them. |
| Bot Herders | |
| Individuals or groups who control and manage botnets of infected devices. | |