Cybersecurity Basics
This is the process of verifying the identity of a user, device, or system.
Authentication
This is a type of malicious software designed to disrupt, damage, or gain unauthorized access to a computer system.
Malware
This is the principle that states that information should only be accessible to authorized individuals or entities.
Confidentiality
This is the practice of protecting information from unauthorized access, use, disclosure, disruption, modification, or destruction.
Information security
This refers to the policies, procedures, and oversight mechanisms that ensure the effective management of an organization's security posture.
Governance
This is a type of security control that is designed to prevent unauthorized access to a system or network.
Access control
This is a type of attack where an attacker attempts to guess or steal login credentials to gain unauthorized access to a system.
Brute-force attack
This is the principle that ensures data is accurate, complete, and reliable throughout its entire lifecycle.
Integrity
This is a word or phrase that verifies that you and only you had access to the account.
Password
This is the process of identifying, assessing, and mitigating risks to an organization's assets and operations.
Risk management
This is the process of protecting data from unauthorized access or modification during transmission.
Encryption
This is a type of attack where an attacker impersonates a legitimate user or entity to gain access to sensitive information or resources.
Identity theft
This is the principle that guarantees information and resources are accessible to authorized users when needed.
Availability
These are the technical, administrative, and physical measures designed to protect against security threats.
Security controls
This is the adherence to relevant laws, regulations, and industry standards related to information security.
Compliance
This is the process of identifying and responding to a security incident or breach.
Incident response
This is a type of attack where an attacker attempts to overwhelm a system or network with traffic, causing it to become unavailable to legitimate users.
Denial-of-service (DoS) attack
This is the process of educating and training users on security best practices.
Security awareness and training
This software is designed to protect against malicious code by scanning files and programs.
Antivirus software
This is a type of malware that encrypts a victim's files and demands a ransom payment to restore access.
Ransomware