Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.
Anti-virus, antimalware
Terms related to spyware, including definitions about malware and words and phrases about online advertising, adware and online privacy.
-
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.
-
encryption
Encryption is the method by which information is converted into secret code that hides the information's true meaning.
-
firewall
A firewall is software or firmware that prevents unauthorized access to a network.
Application security
Terms related to application security, including procedural definitions for preventing software vulnerabilities and words and phrases about secure code development.
-
DNS over HTTPS (DoH)
DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.
-
Zoombombing
Zoombombing is a type of cyber-harassment in which an individual or a group of unwanted and uninvited users interrupt online meetings over the Zoom video conference app.
-
What is cybersecurity? Everything you need to know
Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.
Authentication, access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.
-
single sign-on (SSO)
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications.
-
two-factor authentication (2FA)
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
Malware
Terms related to malware, including definitions about viruses and Trojans and other words and phrases about malicious software.
-
phishing
Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.
-
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.
-
phishing kit
A phishing kit is a collection of tools assembled to make it easier for people with little technical skill to launch a phishing exploit.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.
-
Presidential Policy Directive 21 (PPD-21)
Presidential Policy Directive 21 (PPD-21) is an infrastructure protection and resilience directive in the United States that aims to strengthen and secure the country's critical infrastructure.
-
Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
PCI DSS (Payment Card Industry Data Security Standard)
The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.
-
integrated risk management (IRM)
Integrated risk management (IRM) is an approach to risk management that uses a set of practices and processes to improve an organization's security, risk tolerance profile and strategic decision-making.
-
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, in order to impersonate someone else.