Cybersecurity

Security Baseline

Standard security settings for an organization.

Group Policy Objects (GPOs)

Windows tool for managing security settings across a domain.

Patch Management

Process of applying security updates to operating systems and applications.

System Hardening

Strengthening security by removing unnecessary components and tightening security settings.

Attack Surface

The sum of all potential vulnerabilities in a system.

Least Privilege Access

Restricting user permissions to the minimum required.

Windows Update

Built-in Windows tool for managing patches.

apt-get

Linux command-line tool for managing software packages.

Malware

Software designed to disrupt confidentiality, integrity, and availability of systems.

Viruses

Malware that spreads through human action, often via email attachments or removable media.

Worms

Self-replicating malware that spreads autonomously across networks.

Trojan Horses

Malware disguised as legitimate software.

Spyware

Malware that acquires user information without consent.

Antivirus Software

Software designed to detect and protect against malware.

Signature Detection

Scans for known malware patterns.

Heuristic/Behavioral Detection

Identifies deviations from normal activity to detect malware.

Endpoint Detection & Response (EDR)

Monitors endpoints for anomalies and triggers automated responses.

Extended Detection & Response (XDR)

Aggregates data from multiple sources to enhance threat detection.

Sandboxing

Testing suspicious executables in an isolated environment.

Windows Defender

Built-in anti-malware tool for Windows OS.

Security Information & Event Management (SIEM)

Centralized system for analyzing and reporting on security data.

Application Control

Restricts software execution to maintain security policy compliance.

Allow Lists

Lists of approved applications that can run on a system.

Deny Lists

Lists of blocked applications that cannot run on a system.

Windows AppLocker

Tool for enforcing application control policies.

Firewalls

Security systems that monitor and control incoming and outgoing network traffic.

Intrusion Detection System (IDS)

Detects suspicious network activity and alerts administrators.

Intrusion Prevention System (IPS)

Detects and actively blocks threats in network traffic.

File Integrity Monitoring (FIM)

A security control that detects unauthorized changes to files.

Data Loss Prevention (DLP)

Technology designed to protect sensitive data from unauthorized disclosure.

Encryption

Process of converting readable data into an unreadable format using algorithms.

Decryption

The process of reverting encrypted data to its original readable form.

Full-Disk Encryption (FDE)

Encrypts the entire contents of a hard drive.

Secure Boot

A UEFI feature that checks the integrity of the boot loader.

Mobile Device Management (MDM)

Technology to manage and secure mobile devices across an organization.

BYOD (Bring Your Own Device)

Policy allowing employees to bring personal devices for work purposes.

Change Management

Standardized process for managing changes in IT systems.

Configuration Management

Process of tracking system settings and changes.

Data Sanitization

Techniques to ensure sensitive data cannot be recovered after disposal.

Geolocation & Geofencing

GPS technology used for tracking devices and creating virtual boundaries.