Glossary

A
A+
A+ is a CompTIA certification that demonstrates a general understanding of the maintenance of PCs, mobile devices, cloud computing, and operating systems. This is a good choice for someone's first IT certification.
Access control
Access control is a type of security measure used to ensure that only authorized parties have access to applications, hardware, networks, and physical buildings. As methods for accessing data are manifested in many ways, such as through the Internet or on a USB thumb dropped in a public place, access control measures prevent access by unauthorized individuals.
Administrative controls
Administrative controls use company policies to protect security. An example of an administrative control is a policy that permits only IT staff to enter a datacenter, with receptionists and security guards enforcing the policy.
Advanced persistent threat (APT)
An APT is a stealthy and sophisticated cyber threat actor that acquires unauthorized access to a computer network over an extended period of time. An APT could act for months or even years while undetected by its victims. APTs are usually nation-state cyberwarfare groups or advanced organized crime groups.
Advanced Web Attacks and Exploitation (AWAE)
AWAE is a web application penetration testing course offered by Offensive Security to prepare for the Offensive Security Web Expert (OSWE) certification exam.
Airgapped machine
An airgapped machine is designed to have as few cyberattack vectors as possible. They're physically isolated from the Internet, and usually from other networks as well. They often have disabled optical drives and USB ports, and their physical access is heavily restricted as well. An airgapped machine sacrifices usability for the sake of security to a great extent. Because of how inconvenient they are to use, they're typically only used for working with highly sensitive data.
Availability
Availability is about making sure that data and applications are there whenever they're needed. If a cyberattacker deploys ransomware to maliciously encrypt data, that's an attack on its availability!
B
Black box testing
This is penetration testing from the perspective of an external cyberattacker. An external cyberattacker won't know much about the operating systems, applications, or hardware in a network without engaging in reconnaissance work. A black box ethical hacker needs to simulate what an external cyberattacker would do.
Blue team
The blue team consists of the defensive security specialists within your organization. They focus on areas like security hardening and incident response. The vulnerabilities you discover in your pentesting work may be used by a blue team in order to improve a network's security.
Botnet
A botnet is a network of computers that is infected with “zombie” malware. A cyberattacker uses its command and control server to make the network of infected machines engage in activities such as DDoS attacks and cryptomining.
Bug bounties
Software and hardware companies sometimes offer bug bounty programs, which are usually available to the general public. If people find functionality or security-related bugs in the company's products and abide by their policies, they could be awarded a bug bounty that's often thousands of dollars or more.
C
Capture the Flag (CTF)
Capture the Flag is a fun game for ethical hackers. Something like a line of code or a file is hidden on a computer or in a network, and participants must use their hacking skills in order to find it.
Certified Ethical Hacker (CEH)
The CEH is a certification that's offered by EC-Council. It covers general penetration testing knowledge and skills. This is a good certification to acquire as you begin your ethical hacking career.
Common Vulnerabilities and Exposures (CVE)
The CVE is a large and growing database of security vulnerabilities in all kinds of software, hardware, and networking devices. In fact, most known vulnerabilities end up recorded in the CVE. Anyone can look up information there.
Confidentiality
Confidentiality is about making sure that data is only available to authorized parties. If a cyberattacker acquires data that they're not allowed to have, that's a threat to confidentiality.
Cryptography
Cryptography is the science of transforming data into unreadable code for the purpose of confidentiality. The computers and networks we use every day implement cryptography in many different ways, but the science actually predates electronic computers!
Cryptominers
Cryptominers use a computer's CPU and memory in order to generate cryptocurrency such as Bitcoin or Monero. When they're used with the permission of a computer owner, they're not malicious. But cryptominers used without authorization are definitely malware.
Cyber Kill Chain
The Cyber Kill Chain is a model for how cyberattacks by APTs work, step by step. It's inspired from the kill chain concept used in kinetic warfare to determine how a military needs to strike their target.
Cybersecurity skills gap
The cybersecurity skills gap is the idea that the workforce lacks necessary cybersecurity skills. This is a controversial topic in the industry. Employers say that the workforce lacks skills. People who work in the industry say that employers are unwilling to invest in training and they often have unrealistic expectations, such as 20 years' experience with five-year-old operating systems.
D
Dark web
The dark web is the part of the web that's only accessible through proxy networks such as Tor or I2P. Not everything that's done on the dark web is illicit or illegal. But because of how Tor and I2P anonymize users and servers, the dark web is a preferred means of conducting illegal activity such as selling illicit drugs or planning cyberattacks.
Dark web markets
Dark web markets are online stores that only operate on the dark web. They usually follow a model similar to eBay, where anyone can buy or sell goods, and buyers and sellers have usernames with associated reputations. Most of what's sold in a dark web market is illegal, such as illicit drugs or collections of sensitive data breached in cyberattacks.
Discretionary access control (DAC)
DAC is a type of access control system that grants access to users according to their identities or the groups to which they belong. Unlike mandatory access control, users in a DAC system may be able to grant certain permissions to other users.
Distributed denial of service (DDoS) attacks
A denial of service attack is when a computer or other such network vector is deliberately sent way more data than it can handle, causing it to go out of service. A distributed denial of service attack is conducted by a large number of computers, often in a botnet.
E
EJPT
EJPT stands for the eLearnSecurity Junior Penetration Tester certification. It's offered by eLearnSecurity to demonstrate penetration testing skills and knowledge at a beginner level.
eLearnSecurity Web Application Penetration Tester (EWPT)
The eLearnSecurity Web Application Penetration Tester certification is offered by eLearnSecurity to demonstrate general web application pentesting skills and knowledge.
Encryption
Encryption is the application of cryptography. So, cryptographic technology renders data as ciphertext, thus performing the act of encryption.
End user
An end user is a consumer of computer technology, whether in a workplace or at home. The phrase differentiates computer users from the administrators and developers of computer technology.
Endpoint
An endpoint is a PC, mobile device, video game console, or Internet of Things (IoT) device that people use to access applications and networks. The word differentiates computers used for consumption with the servers that provide the endpoints with data and administration.
Ethical hacker
Ethical hacker is another way to describe a penetration tester. So, whereas a malicious hacker is a cyberattacker who causes deliberate harm to computer systems, an ethical hacker simulates cyberattacks with consent, so that security vulnerabilities can be found.
F
Fileless malware
Fileless malware is malware that runs entirely within the memory of its targeted computer, therefore leaving no traces on its hard drive or other data storage. Cyberattackers designed fileless malware to evade detection by antivirus software.
G
GIAC Assessing and Auditing Wireless Networks (GAWN)
The GAWN is a certification offered by GIAC to demonstrate knowledge and skills in pentesting wireless networks, Wi-Fi and WLANs specifically.
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
The GXPN is an advanced pentesting certification offered by GIAC. Someone with the certification has knowledge and skills in areas such as Python scripting, fuzzing, and cracking encryption.
GIAC Mobile Device Security Analyst (GMOB) 
The GMOB certification is offered by GIAC to demonstrate knowledge and skills pertaining to pentesting mobile devices such as iPhones and Android phones.
GIAC Penetration Tester (GPEN)
The GPEN certification is offered by GIAC to demonstrate general pentesting knowledge and skills.
GIAC Web Application Penetration Tester (GWAPT)
The GWAPT certification is offered by GIAC to demonstrate web application pentesting knowledge and skills.
Gray box testing
Gray box testing is conducted from a perspective between white box and black box testing. A penetration tester will test a network with knowledge equivalent to a company employee who doesn't work in the IT department.
H
Hacker mindset
The hacker mindset is the ability to think like a hacker and be able to find ways to exploit vulnerabilities. The hacker mindset is the culmination of creative and analytical thinking. It's the key focus of this book!
Hacktivists
Hacktivists are cyberattackers who are motivated by politics rather than monetary gain. For instance, there's probably no money to be made by defacing a fur retailer's web pages with images of slaughtered animals. So, the attackers are hacktivists who are motivated by their animal rights beliefs.
Honeypot
A honeypot is an endpoint or server within a network that's designed to attract cyberattacks. Honeypots are deployed both to keep cyberattacks away from important computers and to analyze cyberattacks.
Hybrid network
A hybrid network combines an organization's on-premises network with a cloud service. A hybrid network contains both an organization's own computers and computers that are owned by a cloud provider, with everything operating as one network.
I
I2P
I2P is one of the popular proxy networks that anyone may use on their PCs and mobile devices with the right software. One can use most ordinary Internet services through I2P, and also on the parts of the web that are only accessible through the I2P network. While in the network, Internet traffic is anonymized. Websites that can only be accessed through I2P use the .i2p top-level domain.
Incident response
Incident response is how organizations respond to cyber incidents. Many organizations have CSIRTs (computer security incident response teams) and incident response policies and procedures.
Industrial control systems (ICS)
ICS is a way that computer technology interacts with industrial equipment and machines in places like manufacturing plants and power plants. Therefore, cyberattacks on ICS can be very expensive and dangerous!
Information security
Information security is about protecting information in all forms, both digital and analog. All cybersecurity, IT security, and network security is information security. But information security also pertains to protecting information that's written on paper or spoken to people.
Integrity
Integrity is all about making sure that data isn't altered without authorization. Adding or removing data in files maliciously is an attack on integrity.
Internet of Things (IoT)
The Internet of Things is all about getting things that don't present as traditional computers working with Internet technology. IoT devices can be anything from car audio systems to “smart” refrigerators, from Internet-connected pacemakers to Google Home smart speakers.
K
Kali Linux
Kali Linux is an operating system that was designed specifically for penetration testing. It contains hundreds of applications, such as Metasploit Framework, Wireshark, and Nmap. Pretty much all pentesters use Kali Linux these days at times.
Keystroke loggers
Keystroke loggers are applications or hardware devices that are designed to record a user's keyboard input. They're often called keyloggers. Old-fashioned keyloggers are often physical devices that are plugged in between a keyboard and PC. Most keyloggers these days are malware or software that's deployed to monitor employees.
L
Least privilege
The principle of least privilege is a cybersecurity concept that protects applications and data by only granting user access to the parts of computer systems that they need in order for them to do their work.
Linux+
Linux+ is a CompTIA certification that demonstrates skills and knowledge with Linux-based operating systems.
Local area network (LAN)
A LAN is a small computer network that's contained within one physical workplace or home.
Logical controls
Logical controls are security measures protecting data and applications that are designed in the computer systems themselves. Logical controls are often written into software. They manifest in many different ways: from passwords to firewalls, from biometrics to user identities.
M
Malware
Malware is all malicious software. If a file or application is designed to do harm, it's malware.
Mandatory access control (MAC)
MAC is one of the strictest ways to implement access control. A MAC system's security policy is centrally controlled by a security policy administrator. Users do not have the ability to modify permissions or to grant permissions to other users in any way, even when they're the author of a file.
Metropolitan area network (MAN)
A MAN connects LANs within a 5- to 50-kilometer range. They can be deployed within a college or university campus, or by a company with multiple buildings in a town or city.
Mobile Application Security and Penetration Testing (MASPT)
The MASPT certification is offered by eLearnSecurity to demonstrate mobile application pentesting skills and knowledge.
Modular malware
Modular malware contains multiple modules that can perform different kinds of cyberattacks. They start their work by infecting a targeted computer or mobile device. Then they establish a connection to an attacker's command and control server. From there, one module could be spyware, the next could be a malicious cryptominer, and so on.
Multiboot computer
A multiboot computer contains more than one operating system, usually as different partitions on the same hard drive.
N
Network+
Network+ is a CompTIA certification that demonstrates skills and knowledge with computer networking from a vendor-neutral perspective. For instance, Cisco certifications specialize in knowledge of Cisco networking devices, whereas the Network+ covers computer networking in general.
O
Offensive Security Certified Expert (OSCE)
The OSCE is a certification that's offered by Offensive Security as a more advanced general pentesting certification. You're required to have the OSCP certification first.
Offensive Security Certified Professional (OSCP)
The OSCP is a certification that's offered by Offensive Security to demonstrate general pentesting skills and knowledge. It focuses on the use of Kali Linux, an operating system that Offensive Security develops and maintains.
Offensive Security Web Expert (OSWE)
The OSWE is a certification that's offered by Offensive Security to demonstrate web application pentesting skills and knowledge.
Offensive Security Wireless Professional (OSWP)
The OSWP is a certification that's offered by Offensive Security to demonstrate pentesting skills and knowledge pertaining to wireless networks (Wi-Fi).
Open Web Application Security Project (OWASP)
OWASP is a community that maintains web application security standards and offers various educational programs.
Operating system (OS)
An operating system is software that's installed on a computer in order to run applications. Windows, macOS, Linux, Android, and iOS are examples of common operating systems.
OWASP Testing Guide
Otherwise known as OWASP's WSTG (web security testing guide), this is a guide to testing the security of web applications offered by OWASP.
P
Packets
Packets are how data is divided as it's transmitted through a network. Rather than flowing continuously like water, network data is sent like pages in a book.
Penetration Testing Execution Standard (PTES)
PTES is a standard that provides a common language and scope for performing penetration testing. It's designed by a variety of cybersecurity experts including TrustedSec CEO Dave Kennedy, Sunera LLC consultant Steve Tornio, and Tenable Security Lead Vulnerability Research Engineer Carlos Perez.
Pentest methodology
Pentest methodology constitutes all of the methods and procedures of penetration testing. It's the deliberate ways that pentesting is done.
Pentest report
A pentest report is given to a pentesting client to convey the vulnerabilities and other security-related findings that were discovered during a pentest.
Pentest+
Pentest+ is a certification offered by CompTIA to demonstrate general pentesting skills and knowledge.
Pentesters
Pentesters, otherwise known as penetration testers or ethical hackers, engage in penetration testing to see how a cyberattacker could penetrate a particular computer network. Pentesters simulate cyberattacks with the permission of the owners of a computer network.
Pentests
Pentests, or penetration tests, are the acts conducted by pentesters to test the security of a particular network. Pentesters pentest to simulate cyberattacks with the permission of the owners of a computer network.
Personal area network (PAN)
A PAN is a LAN that's in a person's home. Most households these days use a home router to set up a PAN. A typical PAN could have one or a few PCs, a few videogame consoles, a few mobile devices, and perhaps some IoT devices such as Google Home smart speakers or ecobee thermostats.
Phishing
Phishing is the art of cyberattacking by pretending to be a trusted entity to a target. Phishing usually uses text messages, emails, websites, or social media messages. A cyberattacker engaging in phishing may create web pages or emails that look like those that are used by a trusted entity such as a bank or an online service. An example of a phishing attack is a fake Netflix web form designed to maliciously acquire victims' usernames and passwords for the service.
Physical controls
Physical controls are security controls manifested in physical things. Doors and physical locks are examples of physical security controls.
Physical pentests
Physical pentests test the physical security of a building that contains a network. The objective of a physical pentest is to determine if a cyberattacker can acquire unauthorized physical access to a network, such as breaking into a data center or an office. Physical pentesting can involve anything from trying to break locked doors to crawling through a building's duct work.
Physical security
Physical security is how well a building is able to prevent unauthorized physical access. Physical security is assured through physical security controls, such as locked doors and security cameras.
R
Ransomware
Ransomware is malware that's designed to encrypt a computer's files while keeping the decryption key away from the rightful owner of a computer or computer data. A ransom note will appear on the infected computer, urging a victim to send cryptocurrency to the cyberattacker if they want their files to be decrypted.
Red team pentesting
Sometimes, red teams engage in pentesting. When a red team pentests, a dedicated offensive security group within an organization conducts a series of reoccurring ethical hacking campaigns, sometimes to imitate particular cyberattacker groups.
Role-based access control (RBAC)
RBAC is a type of access control system that restricts computer and network access to authorized users according to their roles within an organization or network.
Rootkits
Rootkits are a type of malware that stealthily infects a machine by acquiring “root” or administrative access maliciously within an operating system.
S
Sandboxing
Sandboxing is a way to contain the activities of malware or applications in general from its operating system. For instance, someone may execute a program in a virtual machine to test how it behaves in a safe way before executing it in an operating system that's directly installed on a computer.
Security controls
Security controls are all of the various ways that security measures operate, including physical controls, administrative controls, and logical controls.
Security+
Security+ is a CompTIA certification that demonstrates general cybersecurity skills and knowledge.
SMSishing
SMSishing is otherwise known as SMS phishing. It occurs when SMS text messages are used by cyberattackers to pretend to be trusted entities (such as banks or online services) in order to acquire sensitive information or unauthorized access to computers.
Social engineering
Social engineering are the parts of cyberattacks that involve fooling human beings. Phishing and Trojan malware are examples of social engineering attacks.
Spear phishing
Spear phishing is a phishing attack that is geared toward a specific human target. A cyberattacker could spend time learning about a particular victim and customize their phishing methods to deceive that particular individual.
Spyware
Spyware is malware that spies on its target. Spyware could send a cyberattacker data from a computer that they're not authorized to access or monitor a victim's computer usage.
Statement of work (SOW)
A statement of work is a formal agreement between a pentester and their client. It covers what particular pentesting is supposed to be done, the scope of the testing, and its objectives. Having a SOW is very legally important for both the pentester and their client!
Subdomain
A subdomain is the part of a URL that comes before the main domain name. For instance, in www.google.com, “www” is the subdomain. In boots.gothfashion.mt, “boots” is the subdomain.
T
Threat modeling
Threat modeling is a way to understand cyber threats and how they behave while identifying specific methods, likely attack vectors, exploits, and determining which assets a particular cyberattacker wants.
Tor
Tor is one of the popular proxy networks that anyone may use on their PCs and mobile devices with the right software. One can use most ordinary Internet services through Tor, and also the parts of the web that are only accessible through the Tor network. While in the network, Internet traffic is anonymized. Websites that can only be accessed through Tor use the .onion top-level domain.
Trojan
A Trojan is a type of malware that pretends to be a file or application that a cyberattacker wants to entice their target to interact with. Trojan malware requires the victim to interact with it in order for it to perform a malicious action. Malware file-binded to a photo of kittens attached to an email, or to a fun free computer game, are examples of Trojans. They're named after the Trojan horse of ancient Greek myth.
Trojan malware
See Trojan.
U
Unicorn
In the context of the supposed cybersecurity skills gap, a unicorn is an imaginary cybersecurity job applicant that has impossible combinations of skills, certifications, and experiences, sometimes while being willing to be paid like a fast food worker. A person with qualifications that would make Bruce Schneier blush while willing to work for minimum wage is a unicorn.
V
Virtual machine (VM)
A virtual machine is a virtualized computer, using a virtualization client such as Oracle VirtualBox or VMWare. A VM runs an operating system as an application within another operating system.
Virus
A virus is a type of malware that replicates itself by modifying other computer programs and inserting its own code.
Vishing
Vishing is also known as voice phishing. It's a way of using telephone calls to impersonate trusted entities in order to acquire sensitive information or unauthorized access to computer networks. An example of vishing is when a cyberattacker phones a receptionist while pretending to be from the IT department, saying that their password is needed because there's been a data breach.
Vulnerability analysis
Vulnerability analysis is a way to understand cybersecurity vulnerabilities, how they manifest themselves, and their risks.
Vulnerability scanners
Vulnerability scanners are applications that scan a network for specifically known security vulnerabilities. Examples of popular vulnerability scanning applications include Metasploit Framework, Nessus, and OpenVAS.
W
White box testing
White box testing is a kind of pentesting that's done with extensive prior knowledge of the network being tested. When white box testing, an ethical hacker simulates cyberattacks from the perspective of a knowledgeable internal attacker such as a network administrator.
Wide area network (WAN)
A WAN connects multiple LANs (and possibly MANs) over a large geographic area (greater than 50 kilometers). If an organization has a network that connects their Toronto office with their London and Tokyo offices, that's a WAN. Sometimes the Internet is categorized as a WAN!
Worms
Worms are a type of malware that are transmitted among computers without modifying other files.
Z
Zero-day vulnerability
A zero-day vulnerability is unknown until it's discovered through a cyberattack. For all of the vulnerabilities that we know about, recorded in places like the CVE, imagine how many vulnerabilities we don't know about until it's too late!
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.188.66.13