Introduction to cybersecurity vocabulary module 2

Chapter 6, Chapter 8, Chapter 9

Ping Scan

A type of scan that sends an ICMP scan to the target port.

Cross-site Request Forgery

An attack from or masquerading as from a trusted user to acquire access.

Evil Twin 

An attack where a Wireless Access Point is set up with the same SSID as the legitimate access point and attempts to grab traffic.  Sometimes, this could be combined with a DoS attack on the authentic access point to make it slower or unavailable.

port scanning

The process of attempting to connect to every network port on a target system and see which ones are open.

Blue Jacking

Using another Bluetooth device within range to send unsolicited messages to the target

Cookie Poisoning

An attack where web cookies of the target are accessed and modified. 

Enumeration

This pre-attack activity involves acquiring an inventory of everything on the target system including servers, computers, and devices, as well as users and folders on particular computers.

Port Scanner

A tool that allows someone to discover all the open ports on a system.

spear phising

A phishing scheme that is geared towards a specific individual or group of individuals.

Hybrid Attack

This attack uses a dictionary of words to attempt to crack a password, but adds numbers and/or symbols to the words.  It is common for people to repeat passwords and just add a number or a symbol to get around password requirements.

Pod Slurping

Use of a device such as an iPod to illicitly steal confidential data by directly plugging it into a computer holding that data.

Red Team

In penetration testing, this group attempts to hack into a particular system

URL Hijacking

An attack where a malicious site masquerades as a legitimate site by changing the URL by a single character.  Lululemmons v. lululemons for example.

TOR

This method of internet access bounces requests through a long series of proxy servers around the world, each of which encrypts the packets with multiple levels of encryption, and at any given time, the nodes only know the next and previous nodes, making it very difficult to determine the origin or the destination of the packets.

Pass the Hash

This is a technique to hack into systems by skipping the password guessing and going straight to the hash values of the username and password.  If the hacker can find a matching pair of those values, they do not need to find the originals, they can submit the hashes directly to the system and bypass the username and password entirely.

Net User Script

In this attack, a user with at least guest-level privileges places a script in the All Users startup folder that would make them a domain admin when it is run.  The script then waits until a domain-level admin logs in, and at that point, the script is run and the user's access is elevated without anyone's knowledge.

relational databases

A popular means of storing data, where the data is placed in related tables.

WPS attack

A wireless attack that attempts to intercept the WPS PIN as it is being transmitted to the Wireless Access Point.  Then, the attacker connects to the Wireless Access Point and steals the WPA2 password.

Connect Scan

A type of scan in which a complete connection is established with the target system.

FTP Bounce Scan

A scan that bounces off an FTP server before heading to the target in order to make it more difficult to trace.

Bluesnarfing

Unauthorized access of information from a Bluetooth device

Dark Web

An area of the Internet that is only accessible through Onion Routing.

FIN Scan

A type of scan in which a packet is sent with the connection finished flag set.  If the target port is closed, an RST packet will be sent in response.  If it is open, there will be no response.

Login as System

In this Windows OS attack, the user must have access to the physical machine.  They plug a linux boot drive into the machine's USB, and reboot. Once inside, they rename the command executable in Windows to an accessibility executable which is available before logging in.  Then, after rebooting in Windows again, they use the accessibility tool to access the command prompt as a system user.

SYN Scan

A type of Scan which sends the first part of a TCP connection to each port on the target system to see which ports are open.

Command Injection

An attack that attempts to insert and execute commands in a vulnerable appliction.  Sometimes lack of correct input validation can leave an application open to this sort of attack.

Blue team

In penetration testing, this group plays defense and attempts to fend off incoming attacks.

Dictionary Attack

An attempt to crack a password by uploading a text file full of dictionary words into the password program.

Input Validition

The process of checking input from a user and filtering out malicious scripting.

Active Scanning

A method of assessing or investigating a system that requires connecting to the target.

Rainbow Table

A table of common passwords with their hashes, allowing an attacker with the hashed version of a password to lookup the hash to find the corresponding password.

directory traversal

A method attackers use to access restricted directories and execute commands outside the web server's root directory.

Passive Scanning

Methods of assessing and investigating a system that do not require a connection to the target.

SNMP Scan

A scan that uses a popular protocol for remote monitoring and management on a network to get the status of devices and services on that target network.

NOSQL database

A way of storing data that doesn't use the means of accessing typical relational databases.

Bluebugging

Unauthorized access and use of all phone features.

Known Plain Text Attack

A cryptanalysis attack where the attacker possesses a sample of plaintext and its corresponding ciphertext. This information can be used to reverse-engineer the secret key.

ECB (Electronic Codebook)

The simplest mode of operation for a block cipher, where each block of plaintext is encrypted independently. This is insecure because identical plaintext blocks result in identical ciphertext blocks, revealing patterns.

Salt

A random string of data added to a password before it is hashed. Using such strings makes rainbow table attacks and other pre-computation attacks infeasible by ensuring that identical passwords have different hashes.

Enigma

A famous electro-mechanical rotor machine used by Germany in World War II for encrypting and decrypting messages. The breaking of the codes created by these machines by Allied cryptanalysts was a major turning point in the war.

Cipher Text

The unreadable, scrambled output that is the result of applying an encryption algorithm to plaintext.

Public Key Encryption

Another term for asymmetric cryptography, highlighting its use of a publicly available key for encryption and a private one for decryption.

SSL and TSL (Secure Sockets Layer and Transport Layer Security)

(Secure Sockets Layer and Transport Layer Security) Cryptographic protocols that provide secure communication over a network, such as the internet. TLS is the modern successor to SSL and is the "S" in HTTPS, ensuring your web browsing is encrypted.

Encryption

The process of converting readable data, called plaintext, into an unreadable format, called ciphertext, to protect its confidentiality. This scrambled message can only be unlocked with a specific key.

Carrier

The ordinary file (like an image, audio, or video file) that is used to conceal the payload in steganography.

Prime

A natural number greater than 1 that cannot be formed by multiplying two smaller natural numbers. These numbers are the fundamental building blocks of public key encryption algorithms like RSA.

Transposition

A method of encryption that rearranges the order of the plaintext letters without changing the letters themselves. The security comes from scrambling the position of the characters.

Asymmetric Cryptography

A cryptographic system that uses a pair of keys: a public key, which can be shared with anyone, and a private key, which must be kept secret. Also known as public key encryption, it's the foundation for most internet security.

Vigenere Cipher

A classic multi-alphabet substitution cipher that uses a keyword to apply a series of different Caesar ciphers within the same message. The length of the keyword determines the number of alphabets used.

DES (Data Encryption Standard)

An early and influential symmetric block cipher developed in the 1970s. It is now considered insecure for most purposes due to its small 56-bit key size.

Co-Prime

A pair of integers whose only common positive divisor is 1. This mathematical relationship is essential for the key generation process in the RSA algorithm.

RSA

A widely used asymmetric cryptography algorithm for secure data transmission and digital signatures. Its security relies on the mathematical difficulty of factoring the product of two large prime numbers.

AES (Advanced Encryption Standard)

The current global standard for symmetric encryption, adopted by the U.S. government. It is a highly secure and efficient block cipher available in 128-bit, 192-bit, and 256-bit key sizes.

Digital Signature

A cryptographic value that is attached to a message to verify the sender's identity and ensure the message's integrity has not been compromised. It is created using the sender's private key and verified using their public key.

Caesar Cipher

A simple substitution cipher where each letter in the plaintext is shifted a fixed number of places down the alphabet. For example, with a shift of 3, 'A' would become 'D'.

Algorithm

A set of finite, well-defined rules or a mathematical formula that dictates how encryption and decryption are performed. It's the "recipe" that uses a key to secure data.

Nonrepudiation

A security principle that provides proof of the origin and integrity of data. Digital signatures enforce it, as they prevent a sender from later denying they sent a message.

Multi-alphabet Substitution

A more complex form of substitution that uses multiple substitution alphabets to encrypt a message, making it much harder to break using frequency analysis.

Block Cipher

A symmetric encryption algorithm that encrypts data in fixed-size chunks. Common examples include DES and AES.

Atbash

A specific mono-alphabet substitution cipher where the alphabet is reversed. 'A' becomes 'Z', 'B' becomes 'Y', and so on.

Single-Key Encryption

Another term for symmetric cryptography, emphasizing that one secret key is shared between parties to both encrypt and decrypt data.

Diffie-Hellman

A secure method for two parties to establish a shared secret key over an insecure communication channel. It is a key exchange protocol, not an encryption method itself.

Scytale

An ancient transposition tool involving a cylinder and a strip of parchment. A message is written along the cylinder's length, and when unwrapped, the letters are jumbled until re-wrapped on a cylinder of the same diameter.

MD5

An older hash function that produces a 128-bit hash value. It is now considered insecure and should not be used for cryptographic purposes due to known vulnerabilities.

Elliptic Curve Cryptography

An approach to public key encryption that uses the mathematics of elliptic curves to create smaller, faster, and more efficient cryptographic keys compared to RSA.

MAC (Message Authentication Code)

A small piece of information generated using a secret key, used to confirm that a message came from the stated sender and has not been altered in transit. It provides authentication and integrity but not confidentiality.

Rail Fence

A simple transposition cipher that writes the message letters diagonally on imaginary "rails" and then reads them off row by row to create the ciphertext.

Channel

The medium, such as an email, website, or network connection, through which the carrier containing the hidden message is transmitted.

Cipher Text Only

A cryptanalysis attack where the attacker only has access to the encrypted message (ciphertext). The attacker's goal is to discover the key or the original plaintext.

3DES (Triple DES)

A more secure version of DES that applies the original algorithm three times to each data block. It was a temporary upgrade before the adoption of AES.

Euler's Totient

A mathematical function, denoted as ϕ(n), that counts the number of positive integers up to n that are co-prime to n. It is a critical component in the mathematics behind the RSA algorithm.

Payload

In steganography, this is the secret data or message that is hidden within the carrier file.

SHA (Secure Hash Algorithm)

A family of cryptographic hash functions developed by the U.S. National Security Agency (NSA). Some varieties are modern standards used for data integrity and in technologies like blockchain.

Key Space

The set of all possible keys that can be used in a cryptographic algorithm. The larger this is, the  more resistant the algorithm is to brute-force attacks, where an attacker tries every possible key.

Rainbow Table

A precomputed table used for reversing cryptographic hash functions, often used by attackers to crack password hashes.

Plain Text

The original message or data before it has been encrypted. It's the information you want to protect.

Stenography

The practice of concealing a secret message (payload) within an ordinary, non-secret file or message (carrier) to avoid detection. Unlike encryption, which hides the content of a message, this hides the existence of the message itself.

Substitution

A fundamental method of encryption where units of plaintext (like letters or pairs of letters) are replaced with other symbols or groups of symbols according to a defined system.

Related-Key Attack

A cryptanalysis attack where the attacker can observe a cipher's operation under several different keys that are related in some mathematical way, even if the keys themselves are unknown.

Polybius Cipher

A substitution cipher that converts letters into numbers using a grid. Each letter is replaced by its coordinates within the grid, typically a 5x5 square.

Stream Cipher

A symmetric encryption algorithm that encrypts data one bit or byte at a time. It's often faster than a block cipher and is suitable for real-time data streams.

Decryption

The process of converting ciphertext back into its original, readable plaintext form. It is the reverse of encryption and requires the use of a key.

Mono-alphabet Substitution

An encryption technique that uses a single, fixed substitution alphabet to replace letters throughout the entire message. The Caesar cipher is a well-known example of this method.

Frequency Analysis

A cryptanalysis technique used to break simple mono-alphabet substitution ciphers by counting the occurrences of letters or symbols in the ciphertext. The frequencies are then compared to the known frequencies of letters in the plaintext language.

Symmetric Cryptography

An encryption method where a single, shared key is used for both the encryption and decryption processes. This method is fast but requires a secure way to exchange the key. Also known as single-key encryption.

Chosen Plain Text Attack

A powerful cryptanalysis attack where the attacker can select arbitrary plaintext, have it encrypted with an unknown key, and obtain the resulting ciphertext. This allows the attacker to probe the system to uncover the key.

Key

A piece of secret information, typically a string of numbers or characters, that is used by a cryptographic algorithm to transform plaintext into ciphertext and vice versa.

Hash

A one-way function that takes an input of any size and produces a fixed-size string of characters, known as a hash value or message digest. This process is used to verify data integrity, as any change to the input will result in a completely different string.

Cryptanalysis

The study of methods for obtaining the meaning of encrypted information without access to the secret key. It involves analyzing and breaking cryptographic systems.

PGP (Pretty Good Privacy)

A widely used encryption program that provides cryptographic privacy and authentication for data communication. It is often used for signing, encrypting, and decrypting emails, files, and directories.

Cryptography

The science and practice of secure communication techniques that allow only the sender and intended recipient of a message to view its contents. It encompasses the creation and analysis of protocols that prevent third parties from reading private messages.

Wi-Fi Protected Access (WPA)

A Wi-Fi protocol that uses AES for encryption and generates a new key for each packet.  This protocol has been improved into a second and third version.

Extensible Authentication Protocol (EAP)

A framework for authentication commonly used in wireless networks and point-to-point connections.

False Positive

When a file is determined to be a virus, but it actually isn't.

Sheep Dip Machine

A system set up to be identical to a standard workstation at a corporation / company / school.  However, this computer is not connected to any network and is used to test whether files are viruses.  Suspect files are opened on this system and then the system is watched until the file is determined to be safe or malignant.

Layer 2 Tunneling Protocol (L2TP)

A protocol for VPNs that uses the data link layer to encrypt data using IPsec for encryption and authenticates with CHAP, EAP, PAP, SPAP, and MS-CHAP.

Blacklist

A list of sites that are forbidden.  This is a more permissive approach to limiting network access.

Digital Certificate

A set of information containing a holder's public key along with much other information including the digital signature of the issuer.  It is the primary way that public keys are transmitted.

Point-to-Point Tunneling Protocol (PPTP)

A protocol for VPNs that uses the data link layer and MPPE (a version of DES) for encrypting packets and either EAP or CHAP for authenticating users.

Screened Host

A combination of two firewalls: a bastion host and a screening router.  The screening router acts as an additional check on traffic coming to and from the bastion host.