Networking
The process of verifying a claimed identity of a user, device, or other entity in a computer system
Authentication
Anything that has value to an organization
Asset
A federal act that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge
Healthcare Information Portability Act (HIPPA)
The protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information leaks, theft, or damage to hardware, software, and data
Cybersecurity
This attack uses a malicious program that is hidden inside a seemingly legitimate one. When the user executes the presumably innocent program, the malware inside can be used to open a backdoor into the system through which hackers can penetrate the computer or network
Trojan Horse
A mechanism for creating an encrypted connection over the Internet from a device to a network
Virtual Private Network (VPN)
The collection and analysis of data gathered from public sources to produce actionable cybersecurity insights
Open Source Intelligence
Computer Fraud & Abuse Act
A piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data
Virus
A malware designed to deny a user or organization access to files on their computer. By encrypting these files and demanding a payment for the decryption key
Ransomware
A network security device that monitors traffic to or from your network
Firewall
The process of identifying, prioritizing, managing, and monitoring threats to information systems
Risk Management
Under this act, the FBI can secretly conduct a physical search or wiretap on American citizens to obtain evidence of crime without proving probable cause, as the Fourth Amendment explicitly requires
USA Patriot Act of 2001
A technique through which a cybercriminal disguises themselves as a known or trusted source
A hacking method that uses trial and error to crack passwords, login credentials, and encryption keys
Brute Force Attack
A networking device that forwards data packets between computer networks
Router
A flaw or weakness that may allow harm to occur to an IT system or activity
Vulnerability
This compliance standard sets rules for safeguarding consumer credit data
Payment Card Industry Data Security Standard (PCI DSS)
A measure used to ensure the protection of the secrecy of data, objects or resources
An attack meant to shut down a machine or network, by flooding the targeted host or network with traffic until the target cannot respond or simply crashes
Denial-of-Service (DoS) attack
A server application that acts as a middleman between a client requesting a resource and the server providing that resource
Proxy Server
A security framework requiring all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated
Zero Trust
This law is managed by the Securities and Exchange Commission (SEC) whose main goal is to protect investors and shareholders from accounting errors, fraudulent practices, to enforce the integrity of financial reporting
Sarbanes-Oxley Act of 2002
A server which translates URL or web addresses into their corresponding IP addresses.
Domain Name System (DNS)
Breaches in Cybersecurity that make it possible for an attacker to eavesdrop on the data sent back and forth between two people, networks, or computers
Man in the Middle Attack (MITM)