The process of limiting access to resources based on predetermined rules.
The process of identifying, classifying, and managing an organization's assets, including hardware, software, and data.
A type of encryption that uses a public key and a private key to secure data.
The process of verifying the identity of a user or device.
The process of granting or denying access to resources based on an authenticated identity.
A type of hacker who engages in illegal or malicious activities, such as stealing data or spreading malware.
A group responsible for defending against and responding to security threats.
A type of password attack in which the attacker uses a program to try every possible combination of characters until the correct password is found.
A type of cyber attack that involves sending more data to a buffer than it can handle, resulting in the overwriting of adjacent memory and potentially allowing an attacker to execute arbitrary code.
A type of attack in which the attacker sends more data to a buffer than it is designed to hold, causing the program to crash or execute arbitrary code.
A plan that outlines the steps an organization should take to ensure that its critical functions can continue in the event of a disaster or other disruption.
The process of controlling and documenting changes to a system or network to ensure that they are implemented safely and effectively.
A type of cyber attack that involves injecting malicious code into a website to execute on the client-side (in the user's browser).
The practice of secure communication through the use of codes and ciphers.
The process of categorizing data based on its sensitivity and value.
A security strategy that aims to prevent the unauthorized disclosure or loss of sensitive data.
The process of obscuring sensitive data to protect it from unauthorized access.
The protection of personal information from unauthorized access and use.
Short for "distributed denial of service," it refers to a type of cyber attack that involves overwhelming a target with traffic to disrupt its services.
The process of converting ciphertext into plaintext (readable text) to access secure data.
A type of password attack in which the attacker uses a pre-computed list of common passwords or words to try and guess the correct password.
A plan that outlines the steps an organization should take to recover from a disaster or other disruption.
The process of converting plaintext into ciphertext (unreadable text) to secure data.
The protection of devices that connect to a network.
A piece of code or tool that takes advantage of a vulnerability to gain unauthorized access or perform other malicious actions.
A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
A type of hacker who may engage in both legal and illegal activities, depending on the situation.
A mathematical function that converts an input (called a "message") into a fixed-size output (called a "hash value" or "digest").
The process of creating a fixed-size representation of data, called a hash, that is designed to be unique to the original data.
The process of responding to and managing the aftermath of a security incident.
A system that monitors network traffic for signs of suspicious activity and alerts administrators when a potential threat is detected.
A system that monitors network traffic for signs of suspicious activity and automatically takes action to prevent potential threats.
The practice of granting users and processes the minimum level of access necessary to perform their tasks.
Short for "malicious software," it refers to any software designed to cause harm or exploit vulnerabilities on a computer system.
A security process in which a user provides multiple authentication factors to verify their identity.
A free and open-source network scanner that can be used to discover hosts and services on a computer network. [nmap.org](https
A type of attack in which the attacker attempts to guess or crack a password to gain unauthorized access.
A tool that stores and manages passwords in a secure manner.
A piece of software designed to fix a vulnerability in a system or application.
The practice of simulating a cyber attack on a system or network to test its defenses and identify vulnerabilities.
A type of social engineering attack that involves tricking people into revealing sensitive information or clicking on malicious links.
A pre-computed table of hashes used in password cracking attacks.
A type of malware that encrypts a victim's files and demands a ransom from the victim to restore access.
A group that plays the role of an enemy or competitor to provide security feedback from that perspective.
A type of malware that is designed to gain root access to a system (the highest level of access) and remain hidden from detection.
The practice of adding random data to the input of a hash function to make it more difficult to crack passwords through pre-computed tables or dictionary attacks.
A person who uses pre-existing tools and scripts to carry out hacking attacks, without having a deep understanding of how they work.
A breach of security that results in unauthorized access or other malicious activity.
A plan of action for responding to and recovering from a security incident.
A security solution that combines the functions of an intrusion detection system (IDS) and an intrusion prevention system (IPS).
A centralized unit responsible for monitoring and responding to security threats.
A security solution that combines the functions of security information and event management (SIEM) and incident response to automate the handling of security incidents.
A system that allows users to use a single set of login credentials to access multiple applications.
A type of attack that relies on psychological manipulation to trick people into revealing sensitive information or taking actions that compromise security.
A type of cyber attack that involves injecting malicious code into a database through an SQL query.
A type of encryption that uses a single key to both encrypt and decrypt data.
The proactive search for potential security threats within an organization's network.
The collection and analysis of information about potential threats to an organization.
A security process in which a user provides two different authentication factors to verify their identity.
A network that allows users to securely connect to a remote network over the internet.
A weakness in a system or application that can be exploited by an attacker.
The process of identifying, classifying, and mitigating vulnerabilities in a system or network.
A type of hacker who uses their skills for ethical purposes, such as helping organizations improve their security.
A previously unknown vulnerability that is being actively exploited by hackers.