Cyber Security Glossary

A complete glossary of essential Cyber Security terms.

AJAX progress indicator
Search: (clear)
  • DDoS
    Distributed Denial of Service (DDoS) is a type of denial of service (DOS) attack where multiple compromised systems, are used to attack a single system causing an outage.
  • Disruption-
    A disruption is unplanned event that causes the general system or major application to be inoperable for an unacceptable length of time (e.g., minor or extended power outage, extended unavailable network, or equipment or facility damage or destruction).
  • DNS
    The Domain Name System (DNS) is the phone book of the Internet. It allows computers to translate website names into IP address numbers so that they can communicate with each other.
  • DNS Exfiltration
    Domain Name System (DNS) Exfiltration is a difficult to detect lower level attack on DNS servers to gain unauthorized access. Such attach attacks lead to loss of data that range from simple to complex in nature and importance.
  • DNS Hijacking
    DNS hijacking is a type of malicious attack in which an individual redirect queries to a domain name server (DNS).
  • Document Malware
    Document malware takes advantage of vulnerabilities in applications that let you read or edit documents.
  • Domain Name Service
    The Domain Name System (DNS) is the phone book of the Internet. It allows computers to translate website names into IP address numbers so that they can communicate with each other.
  • Domain Name System
    A domain name system is a distributed system that internet servers follow to convert alphabetical domain names into numerical IP addresses. Internet servers follow a numerical IP addresses system, and to remember the numerical values of many domains is a difficult task, so domains use alphabetical address. Every time user types in an alphabetical domain name, the DNS helps internet by converting the alphabetical domain name into a numerical IP address.
  • Domain Name System Exfiltration
    Domain Name System (DNS) Exfiltration is a difficult to detect lower level attack on DNS servers to gain unauthorized access. Such attach attacks lead to loss of data that range from simple to complex in nature and importance.
  • Dual Use Certificate
    A dual-use certificate is a certificate that is intended for use with both digital signature and data encryption services
  • Due Care
    Due Care is the degree of care a rational person would exercise in similar situations as the one at hand. Alternatively known as ordinary care or reasonable care is a test of a person’s preparedness to act, be responsible or neglectful of responsibility
  • Due Diligence
    Due Diligence is the process of conducting a thorough and detailed investigation, to verify the truthfulness of the information provided in the statements for analysis and review before committing to a transaction. It is a measure of prudence, a rational person would undertake before taking a final decision.
  • Duplicate Digital Evidence
    Duplicate digital evidence is a duplicate that is  an accurate digital reproduction of all data objects contained on the original physical item and associated media.
  • Dynamic Ports
    Dynamic Ports are otherwise known as private ports, these ports ranging from port number 49,152 to 65, 535 do not need any registration; these ports help any computer application communicate with any other application or program that uses transmission control protocol (TCP) or the User Datagram Protocol (UDP).
  • E-Commerce
    The process of conducting any kind of business transaction or a commercial transaction electronically with the help of internet is termed as E-commerce. Internet enables sellers to accept orders and payments online
  • E-Government
    E-Government is the U.S. government use of Web-based Internet applications and other information technology
  • e-signature
    An electronic signature, or e-signature, refers to data in electronic form, which is logically associated with other data in electronic form and which is used by the signatory to sign.
  • Easter Egg
    An Easter Egg is the hidden functionality within an application program, which becomes activated when an undocumented set of commands and keystrokes are entered. Easter eggs are typically used to display the credits for the development team and are intended to be nonthreatening.
  • Eavesdropping
    Eavesdropping is the practice of listening, intercepting, or monitoring private communication between users or user groups without their knowledge or permission.
  • Egress
    Egress in general means to go out; in information technology, it is defined as the network traffic moving out of the network to the final destination with the help of devices such as routers, etc.
  • Egress Filtering
    Egress filtering is the filtering of outgoing network traffic.
  • Electronic Key Entry
    Electronic Key Entry is the entry of cryptographic keys into a cryptographic module using electronic methods such as a smart card or a key-loading device.
  • Electronic Key Management System
    An electronic key management system is an Interoperable collection of systems being developed by services and agencies of the U.S. government to automate the planning, ordering, generating, distributing, storing, filling, using, and destroying of electronic key and management of other types of COMSEC material.
  • Electronic Signature
    An electronic signature, or e-signature, refers to data in electronic form, which is logically associated with other data in electronic form and which is used by the signatory to sign.
  • Electronically Generated Key
    An electronically generated key is a key generated in a COMSEC device by mechanically or electronically introducing a seed key into the device and then using the seed in conjunction with a software algorithm stored in the device to produce the desired key.
  • Elliptical Curve Cryptography
    Elliptical Curve Cryptography is a technique that uses elliptical curve equation to create cryptography keys; keys generated by this theory are much smaller, faster, and efficient, as well! This modern technique keeps the decryption key private, while the encryption key is public. Unlike traditional methods of generating cryptography keys such as RSA, elliptical curve technique uses discrete algorithms making it difficult to decipher the keys or challenge the keys.
  • Email Malware Distribution
    Email malware refers to malware that is distributed via email.
  • Embedded Cryptography
    Embedded cryptography is cryptography engineered into an equipment or system whose basic function is not cryptographic.
  • Encapsulation Security Payload
    An Encapsulation Security Payload is an IPSec protocol that offers mixed security in the areas of authentication, confidentiality, and integrity for Ipv4 and ipv6 Network packets. Encapsulation Security Payload offers data integrity and protection services by encrypting data, anti-replay, and preserving it in its assigned IP.
  • Encipher
    To encipher is to convert plain text to cipher text via a cryptographic system
  • Encode
    To convert into a coded form.
  • Encryption
    A method where plaintext (or any other type of readable data) is converted into an encoded version which can only be decoded by another entity if they have the decryption key. Encryption is an excellent way to secure data that’s transmitted across networks.
  • Encryption Algorithm
    An encryption algorithm is a set of mathematically expressed rules for rendering data unintelligible by executing a series of conversions controlled by a key
  • Encryption Certificate
    An encryption certificate is a certificate containing a public key that is used to encrypt electronic messages, files, documents, or data transmissions, or to establish or exchange a session key for these same purposes
  • Encryption Key
    An Encryption Key is a code of variable value developed with the help of encryption algorithm to encrypt and decrypt information.
  • End Cryptographic unit
    An end cryptographic unit is a device that (1) performs cryptographic functions, (2) typically is part of a larger system for which the device provides security services, and (3) from the viewpoint of a supporting security infrastructure (e.g., a key management system), is the lowest level of identifiable component with which a management transaction can be conducted.
  • End-to-End Encryption
    End-to-end encryption describes communications encryption in which data is encrypted when passing through a network with the routing information still visible
  • Endpoint Security
    Endpoint security or Endpoint Protection is the process of securing the various endpoints on a network.
  • Enterprise
    An enterprise is an organization with a defined mission/goal and a defined boundary, using information systems to execute that mission, and with responsibility for managing its own risks and performance. An enterprise may consist of all or some of the following business aspects: acquisition, program management, financial management (e.g., budgets), human resources, security, and information systems, information and mission management.
  • Enterprise Architecture
    The enterprise architecture is the description of an enterprise’s entire set of information systems:  configuration, integration and how they interface. Enterprise architecture also describes how they are operated to support the enterprise mission, and how they contribute to the enterprise’s overall security posture.
  • Entrapment
    Entrapment is the deliberate planting of apparent flaws in an information system with the intent to detect attempted penetrations
  • Eradication
    Eradication is an important function of the incident management process that follows the containment of an incident. Upon identifying and controlling the incident in the containment stage, eradication helps identify and remove the root cause of the incident completely from the system and avoid any chances of recurrences of the incident.
  • Ethernet
    Ethernet is the most popular Local Area Network (LAN) technology that specifies cabling and signalling system for home networks or for organizations. Ethernet uses BUS topology to support data transfers and Carrier sense multiple access/ collision detection (CSMA/CD) system to process requests at the same time
  • Event
    An Event is an action or an occurrence that a program can detect. Examples of some events are clicking of a mouse button or pressing the key, etc.
  • Evidence
    Evidence is documents, records or any such objects or information that helps prove the facts in a case.
  • Exercise Key
    An exercise key is cryptographic key material used exclusively to safeguard communications transmitted over-the-air during military or organized civil training exercises
  • Exploit
    An exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • Exploit Code
    An exploit code is a program that allows attackers to automatically break into a system.
  • Exploitable Channel
    An exploitable channel is a channel that allows the violation of the security policy governing an information system and is usable or detectable by subjects external to the trusted computing base.
  • Exploitable Network
    An external network is a network not controlled by the organization.
  • External Security Testing
    External security testing is security testing conducted from outside the organization’s security perimeter.
  • Fail Safe
    A Fail Safe is the automatic protection of programs and/or processing systems when hardware or software failure is detected.
  • Fail Soft
    Fail soft is the elective termination of affected nonessential processing when hardware or software failure is determined to be imminent.