Cybersecurity Foundations
Trojan horse
A computer program that claims to, and sometimes does, deliver some useful functionality. But the Trojan horse hides a dark side and, like a virus, delivers a malicious payload.
denial of service attack
A digital assault carried out over a computer network with the objective to overwhelm an online service so as to force it offline.
Ransomware
A malware that limits the access to a computer system or users' data and that requires the user to pay a ransom to regain control.
Worm
A piece of malicious code that exploits security holes in network software to replicate itself.
Firewall
A software tool designed to screen and manage traffic in and out of a computer network.
Encryption
A technique designed to scramble data so as to ensure that if the wrong individuals gain access to the data, they will be unable to make out its meaning.
Virus
A type of malicious code that spreads by attaching itself to other, legitimate, executable software programs.
Backdoor
Code built into software programs to allow access to an application by circumventing password protection
Biometrics
In the context of computer security, the term biometrics is used to refer to the use of physical traits as a means to uniquely identify users.
Spyware
Software that, unbeknownst to the owner of the computer, monitors behavior, collects information, and either transfers this information to a third party via the Internet or performs unwanted operations.
Hacker
Strictly speaking the term hacker refers to highly skilled computer users who apply their knowledge to solving a problem. White hat hackers do so for non-malicious reasons in an effort to expose security flaws and help the providers to fix them. So called black hat hackers are the malicious kind
Malware
The general term malicious code, or malware, refers to software programs that are designed to cause damage to individuals' and/or organizations' IT assets.
Intrusion
The intrusion threat consists of any situation where an unauthorized attacker gains access to organizational IT resources.
Social engineering
The practice of obtaining restricted or private information by somehow convincing legitimate users or people who have it to share it.
Phishing
The process of collecting sensitive information by tricking, in more or less automated ways, those who have it to provide it, who think that they are giving it to a legitimate concern.
Cybersecurity
The set of defenses an organization puts in place to mitigate threats to its technology infrastructure and data resources.
Information systems security
The set of defenses an organization puts in place to mitigate threats to its technology infrastructure and data resources.