Key Concepts in Cybersecurity and Access Control

AAA (Authenticating, Authorizing, Accounting)

A framework used for controlling access to computer resources, enforcing policies, and auditing usage.

Authenticating

Verifying the identity of a user or device.

Authorizing

Determining if the authenticated user has permission to access the requested resource.

Accounting

Tracking the usage of resources by the user.

Access Control List (ACL)

A list of permissions attached to an object (e.g., file, network resource) specifying which users or systems are allowed to access it and the type of access they have.

Access Control Vestibule

A small entry area, often with controlled access, used to prevent unauthorized entry into a more secure area.

Alarm System

A system designed to detect unauthorized access, intrusion, or threats and alert security personnel or systems.

Anti-Malware Software

Software designed to detect, block, and remove malicious software (malware), such as viruses, worms, and trojans.

Anti-Phishing Training

Educating users on how to recognize and avoid phishing attacks, which are attempts to steal sensitive information by impersonating legitimate sources.

Antivirus Software

Software designed to detect and remove viruses and other malicious software from a computer or network.

ATA Secure Erase

A function in modern hard drives that securely deletes all data, ensuring that it cannot be recovered.

Authenticator App

An app that generates time-based, one-time passwords (TOTP) used for two-factor authentication (2FA) to secure online accounts.

Badge Reader

A device used to read identification badges or smartcards to grant access to restricted areas.

Biometric Data

Unique physical characteristics (e.g., fingerprints, retina scans, voiceprints) used to identify individuals.

Biometric Lock

A lock system that uses biometric data, such as a fingerprint or facial recognition, to grant access.

Bollards

Short, sturdy posts used to block or limit vehicle access to a certain area, often as part of security measures.

Boot Sector Virus

A virus that infects the boot sector of a computer's hard drive, often making it difficult to detect and remove.

Botnet

A network of compromised computers controlled by a hacker to perform malicious actions, such as sending spam or launching distributed denial-of-service (DDoS) attacks.

Brute Force Attack

A hacking attempt where every possible combination of passwords is tried until the correct one is found.

Cable Lock

A physical security device used to tether a laptop or other portable device to a stationary object to prevent theft.

Certificate Authority (CA)

An organization that issues digital certificates used to verify the identity of websites, servers, or individuals.

Certificate Manager

A system or tool used to manage digital certificates, ensuring that they are properly issued, stored, and renewed.

Certificate of Destruction

A document confirming that data has been securely destroyed, often required by organizations to comply with regulatory requirements.

Chain of Custody

The documented process that tracks the handling and storage of evidence, ensuring that it hasn't been tampered with.

Closed-source Software

Software whose source code is not made publicly available and is owned by an individual or company.

Commercial Use License

A software license that permits the use of the software in a commercial or business environment.

Copyright

A legal right granted to the creator of an original work, protecting it from unauthorized reproduction or distribution.

Cross-Site Scripting (XSS)

A security vulnerability in web applications where attackers inject malicious scripts into web pages viewed by other users.

Crypto Miner

A program or device used to mine cryptocurrency, often using significant computational resources.

Cryptojacking

The unauthorized use of someone's computer to mine cryptocurrency.

Data Loss Prevention (DLP)

Strategies and technologies designed to prevent unauthorized access, use, or transmission of sensitive data.

Data Retention

The practice of storing data for a specified period, often governed by regulatory policies or legal requirements.

Defense in Depth

A layered security strategy that uses multiple defensive measures to protect data and resources.

Degausser

A device used to erase data from magnetic storage media (e.g., hard drives, tapes) by using a powerful magnetic field.

Denial of Service (DoS)

An attack that floods a system or network with excessive traffic to make it unavailable to users.

Dictionary Attack

A method of attacking passwords by systematically entering every word in a prearranged list (a dictionary) to guess the correct password.

Digital Certificate

An electronic document used to prove the ownership of a public key, often issued by a certificate authority.

Digital Rights Management (DRM)

Technologies used to control how digital content (e.g., music, movies, software) can be used, copied, or distributed.

Disk Drive Shredder

A physical device that destroys hard drives or storage devices, rendering them unusable and ensuring data cannot be recovered.

Distributed Denial of Service (DDoS)

An attack that uses multiple systems to flood a network or server with traffic, overwhelming it and causing it to become unavailable.

Dumpster Diving

The practice of searching through trash or discarded materials to find sensitive information, such as financial documents or passwords.

Email Filtering

The process of automatically categorizing or blocking unwanted or malicious emails, such as spam or phishing attempts.

Email Hoax

A type of fraudulent email that spreads false information or requests actions, such as forwarding the email to others.

End User License Agreement (EULA)

A contract between the software vendor and the end user that outlines the terms under which the software can be used.

Entry Control Roster

A log or list used to track individuals entering and leaving a secured area.

Evil Twin

A fraudulent Wi-Fi access point that mimics a legitimate one in order to intercept sensitive data from users who connect to it.

First Response

The initial actions taken in response to a security incident or breach, often involving containment and assessment.

Grayware

Software that is not malicious but may cause undesirable behavior, such as adware or tracking software.

Hard Token

A physical device used for two-factor authentication, generating a one-time password or other form of secure login.

Impersonation

A social engineering attack in which a malicious actor pretends to be someone else to gain unauthorized access to systems or data.

Incident

Any event that could compromise the confidentiality, integrity, or availability of an organization's systems or data.

Incident Documentation

The process of recording details about a security incident, including timelines, actions taken, and outcomes.

Incident Report

A formal report that describes the details of a security incident, its impact, and the steps taken to resolve it.

Incident Response

The process of detecting, responding to, and recovering from security incidents to minimize damage and restore normal operations.

Internet of Things (IoT)

A network of physical devices, vehicles, and appliances that are connected to the internet and can collect and exchange data.

Kensington Lock

A security device that attaches to laptops or other devices to prevent theft by locking them to a fixed object.

Kensington Security Slot

A small slot on many devices where a Kensington lock can be attached.

Key Fob

A small, portable device used for authentication, often in conjunction with a physical keyless entry system.

Keylogger

A type of malicious software that records keystrokes on a computer, often used to steal sensitive information.

License

Legal permission to use software under certain conditions.

Low-Level Format

A process of preparing a storage device by dividing it into sectors and tracks, essentially resetting the disk.

Magnetometer

A device used to detect magnetic fields, which can be used to detect the presence of data on magnetic storage devices.

Malicious Software (Malware)

Software designed to damage, disrupt, or gain unauthorized access to computer systems or networks.

Malware

A broad term for malicious software such as viruses, worms, ransomware, and spyware.

Malware Definition

A set of known malware signatures used by antivirus software to detect malicious programs.

Malware Encyclopedia

A comprehensive database or reference of known malware types and their behaviors.

Malware Signature

A unique identifier or pattern used to detect a specific piece of malware.

Man-in-the-Middle Attack

An attack where the attacker secretly intercepts and potentially alters communication between two parties.

Mantrap

A physical security system that prevents unauthorized access by requiring an individual to pass through two doors or gates, with one locked at all times.

Microsoft Defender Antivirus

A built-in antivirus program for Windows operating systems that provides real-time protection against malware.

Motion Sensor

A device used to detect movement in an area, often used as part of an alarm or security system.

Multifactor Authentication

A security process that requires two or more forms of authentication (something you know, something you have, or something you are) to gain access.

Multimedia Shredder

A tool used to securely delete multimedia files from a system, preventing them from being recovered.

Mutual Authentication

A security process where both parties in a communication verify each other's identity.

Noncompliant System

A system that does not meet the required security standards or regulations.

On-Path Attack

A type of attack where the attacker is in the communication path between two parties, potentially intercepting or altering messages.

Open-source License

A license that allows users to view, modify, and distribute software's source code freely.

Open-source Software

Software whose source code is made publicly available, allowing anyone to inspect, modify, and distribute it.

Payment Card Industry (PCI)

The industry standard for securing payment card transactions, including the PCI DSS (Data Security Standard).

Personal Use License

A software license that allows the software to be used by an individual for personal, non-commercial purposes.

Protected Health Information (PHI)

Sensitive medical data that is protected by laws, such as HIPAA, to ensure privacy.

Phishing

A type of cyber attack where attackers impersonate legitimate entities to steal personal information, usually through deceptive emails or websites.

PII (Personally Identifiable Information)

Any information that can be used to identify an individual, such as name, address, phone number, or Social Security number.

Port Lock

A physical security device used to secure a computer's ports, preventing unauthorized access.

Principle of Least Privilege

A security principle that suggests users should have the minimum level of access necessary to perform their job functions.

Privacy Screen

A screen filter that prevents others from viewing the contents of a screen from an angle.

Quarantined Computer

A computer that has been isolated from the network because it is suspected of being infected with malware.

Rainbow Table

A precomputed table used to quickly look up hash values of passwords for cracking attempts.

Ransomware

A type of malware that encrypts files or locks systems, demanding payment for restoration of access.

Regulated Data

Data that is subject to legal or regulatory controls, such as financial data, health information, or personal identification details.

Regulatory Policies

Guidelines or rules that govern how organizations must handle data, security, and compliance with laws.

Compliance Policies

Organizational policies that ensure adherence to legal, industry, and regulatory standards.

Root Certificate

The highest-level certificate in a certificate chain used to verify the authenticity of a digital certificate.

Rootkit

Malicious software designed to hide the existence of certain processes or programs to gain unauthorized access to a system.

Screensaver Lock

A security feature that locks a computer when the screensaver is activated after a certain period of inactivity.

Security Awareness Training

Training programs that educate employees about security risks and how to mitigate them.

Security Fence

A physical or virtual barrier used to secure a facility, network, or system.

Server Lock

A physical security device used to prevent unauthorized access to a server or data center.

Short Message Service (SMS)

A text messaging service that allows users to send short messages, typically up to 160 characters, between mobile devices.