Cybersecurity NOCTI Vocabulary Study Guide

Cybersecurity NOCTI Vocabulary Flashcards

Confidentiality (CIA Triad)

Ensures that information is accessible only to authorized users

Integrity (CIA Triad)

Ensures that data remains accurate and unaltered by unauthorized parties

Availability (CIA Triad)

Ensures that authorized users have timely access to information and resources

Threat

A potential danger or actor that could exploit a weakness in a system

Vulnerability

A flaw or weakness in a system that could be exploited by a threat

Risk

The potential for loss or damage when a threat exploits a vulnerability

IP Address

A unique numerical label assigned to a device on a network using the Internet Protocol

MAC Address

A hardware identifier burned into a network interface card, consisting of 12 hexadecimal digits

DNS (Domain Name System)

A service that translates human-friendly domain names (like example.com) into IP addresses for routing

DHCP (Dynamic Host Configuration Protocol)

A network protocol that automatically assigns IP addresses and other configuration details (subnet mask, gateway, etc.) to devices on a network

Subnet

A segmented portion of a larger network, identified by an IP range and mask, that improves network efficiency

NAT (Network Address Translation)

A technique that maps private internal IP addresses to a public IP address when leaving the network

VPN (Virtual Private Network)

A service that creates an encrypted, secure tunnel over a public network

TCP (Transmission Control Protocol)

A connection-oriented protocol ensuring reliable, ordered delivery of data between devices

UDP (User Datagram Protocol)

A connectionless protocol that sends packets (datagrams) without guaranteeing delivery

Symmetric Encryption

An encryption method using the same secret key for both encryption and decryption

Asymmetric Encryption (Public-Key Cryptography)

Uses a mathematically related key pair (public and private) to encrypt and decrypt data

Hash (Checksum)

A fixed-length string output by a hash algorithm (like MD5 or SHA-256) that uniquely represents data; any change in the data will change the hash

Digital Signature

A piece of data encrypted with a sender’s private key so that anyone with the sender’s public key can verify the sender and check data integrity

SSL/TLS (HTTPS)

Protocols that encrypt communications between a web browser and server

Malware

Short for malicious software; any software or code designed to harm or exploit a device or network

Virus

Malware that attaches itself to legitimate files or programs and replicates when those files execute

Worm

A self-replicating malware that spreads through networks without needing to infect files

Trojan Horse

Malware disguised as a harmless program

Ransomware

Malware that encrypts a victim’s files and demands payment for the decryption key

Phishing

A social engineering attack using deceptive emails or messages that appear legitimate to steal credentials or data

DDoS (Distributed Denial of Service)

An attack that overwhelms a target (server or network) with traffic from many sources, disrupting its normal function

Man-in-the-Middle (MitM)

An attack where an attacker secretly intercepts or relays communication between two parties to steal data

Authentication

Verifying the identity of a user or device, typically via something they know (password), have (token), or are (biometric)

Authorization

Granting an authenticated user permission to access specific resources or actions

Multi-Factor Authentication (MFA)

A security method requiring two or more different authentication factors (e.g. password plus a phone-delivered code)

Biometric Authentication

Using a unique physical trait (fingerprint, face, iris) to verify identity

Chain of Custody

A documented record of how digital evidence was collected, transferred, and handled

Forensic Image

A verified, bit-by-bit copy of a storage device made for analysis

Write Blocker

A device that allows read-only access to a storage medium to prevent any changes to the evidence

Firewall

A network security device or software that filters incoming and outgoing traffic based on rules, blocking unauthorized access

Intrusion Detection System (IDS)

A security tool that monitors network or system traffic for suspicious activity and alerts administrators

Intrusion Prevention System (IPS)

Like an IDS but placed inline so it can automatically block or reject detected malicious traffic

Anti-Virus / Anti-Malware

Software that scans files and memory for known malware signatures and removes or quarantines infected files

Access Control List (ACL)

A set of rules that specifies which users or network traffic are allowed or denied access to a resource

Honeypot

A decoy system set up to attract attackers and detect their methods

Patch Management

The practice of applying software updates that fix security vulnerabilities

Data Backup

Creating copies of data so it can be restored in case of loss or corruption

DMZ (Demilitarized Zone)

A perimeter network that hosts public-facing services with limited access to the internal LAN, adding an extra security layer