Glossary

Absolute Path: A file or directory path that specifies the complete location in the file system, starting from the root directory. It provides the full hierarchy of directories needed to locate a file or directory, regardless of the current working directory. For example, /home/user/documents/file.txt is an absolute path. Link to Linux.
Acceptable Use Policy (AUP): Organizational policy that describes the expected user behaviors and penalties for violations Link to Intro.
Acceptable Use Policy Compliance: Expectations for compliance are explained. Consequences for violations of the policy are communicated. Link to Intro.
Acceptable Use Policy Policies: Expected behaviors are described. Policies could include password selection, use of social media, access reviews, and more. Link to Intro.
Acceptable Use Policy Scope: The people to whom the acceptable use policy applies. The scope could include employees, vendors, guests, and others. Link to Intro.
Active Directory: A directory service developed by Microsoft for Windows domain networks. It is used for centralized permission management and access to networked resources, such as computers, users, and services. Link to Windows.
Ad Blocker: A software tool or browser extension designed to prevent advertisements from being displayed on web pages. Ad blockers work by filtering out content from ad servers and blocking scripts that load ads, thereby improving the browsing experience by reducing clutter, speeding up page load times, and enhancing privacy. Link to Hygiene.
AES (Advanced Encryption Standard): A symmetric encryption algorithm established by the National Institute of Standards and Technology (NIST) in 2001. It supports key sizes of 128, 192, and 256 bits and operates on 128-bit blocks of data. AES is widely used and considered secure for most applications. Link to Cryptography.
Antivirus: Software designed to detect, prevent, and remove malicious software, including viruses, from computers and networks. It scans files and programs for known malware signatures and behaviors. Link to Windows.
Antivirus/Antimalware: Software designed to detect, prevent, and remove malicious software (malware) such as viruses, worms, trojans, ransomware, and spyware. Antivirus/antimalware solutions use signature-based detection, heuristic analysis, and behavioral monitoring to protect systems from known and emerging threats. Link to Hygiene.
Archive: A file that contains one or more files and directories, stored in a single file for easier management and transfer. Archives are often used for backup, distribution, and storage purposes. Common archive formats include .tar, .zip, and .rar. Link to Linux.
ARPANET: The Advanced Research Projects Agency Network, developed by the U.S. Department of Defense in the late 1960s. It was the first operational packet-switching network and the precursor to the modern internet, enabling multiple computers to communicate on a single network. Link to Networking.
Assembly Language: A low-level programming language that provides a way to write instructions in a form that is more understandable to humans than binary code. Assembly language uses mnemonic codes to represent machine-level instructions, which are then translated into binary by an assembler. It allows programmers to write code that is closely tied to the hardware architecture. Link to Python.
Asymmetric Cryptography: A type of encryption that uses a pair of keys—a public key and a private key. The public key is used for encryption, and the private key is used for decryption. This method allows parties to begin secure communication without the need to share a secret key. Link to Cryptography.
Atbash Cipher: A simple substitution cipher where each letter in the plaintext is replaced by its reverse in the alphabet. For example, 'A' is replaced with 'Z', 'B' with 'Y', and so on. The Atbash cipher is a form of monoalphabetic substitution cipher and is easy to implement but offers minimal security. Link to Cryptography.
Authentication Factors: The different types of evidence used to verify an identity. Common factors include something you know (such as a password), something you have (such as a smartphone), and something you are (such as a fingerprint). Link to Hygiene.
Authentication: The process of verifying the identity of a user, device, or system before granting access to resources. It ensures that the entity requesting access is who or what it claims to be. Link to Hygiene.
Authentication: The process of verifying the identity of a user or system before granting access to resources or information. Link to Management.
Authenticator Apps: Mobile applications that generate time-based one-time passwords (TOTPs) or push notifications for multi-factor authentication. Examples include Google Authenticator, Authy, and Microsoft Authenticator. Link to Hygiene.
Authorization: The process of determining whether a user has permission to access a resource or perform an action. Link to Management.
Authorized Hackers: Hackers who have been given explicit permission to assess system security. Link to Intro.
Availability: Ensuring that systems are accessible with an acceptable level of performance. Link to Intro.
Banner Grabbing: A technique used to gather information about a computer system or network service by capturing and analyzing the banners that are returned by services during connection attempts. Banners often contain details such as the software version and operating system, which can be useful for network reconnaissance and vulnerability assessment. Link to Linux.
Bcrypt: A password hashing function designed to be computationally intensive to resist brute-force attacks. Bcrypt incorporates a salt to protect against rainbow table attacks and allows the hashing process to be adjusted to increase computational cost, making it more difficult for attackers to crack passwords using modern hardware. Link to Cryptography.
BitLocker: A full disk encryption feature included with Microsoft Windows Pro and Enterprise editions, designed to protect data by providing encryption for entire volumes. Link to Windows.
Bitwarden: A popular open-source password manager that provides tools for securely storing and managing passwords, generating strong passwords, and sharing credentials. It offers both free and premium versions and supports multiple platforms and devices. Link to Hygiene.
Black Hat Hackers: Legacy term for hackers who perform malicious actions without authorization. The current preferred term is unauthorized hackers. Link to Intro.
Blockchain Consensus: The mechanism by which nodes in a blockchain network agree on the validity of transactions and the state of the ledger. Common consensus algorithms include Proof of Work (PoW), Proof of Stake (PoS), and Practical Byzantine Fault Tolerance (PBFT). Link to Cryptography.
Blockchain Decentralization: The distribution of control and decision-making across a network of nodes rather than being centralized in a single entity. This ensures that no single point of failure exists and enhances the security and resilience of the blockchain. Link to Cryptography.
Blockchain Immutability: The characteristic of a blockchain that ensures once data is recorded in a block, it cannot be altered or deleted. This is achieved through cryptographic hashing and the linking of blocks, making the blockchain a reliable and permanent record of transactions. Link to Cryptography.
Blockchain Transparency: The property of a blockchain that allows all participants to view and verify the transactions recorded on the ledger. This openness fosters trust and accountability among users, as all actions are visible and traceable. Link to Cryptography.
Blockchain: A distributed ledger technology that records transactions across multiple computers in a way that ensures the data is secure, transparent, and tamper-proof. Each block contains a list of transactions and is linked to the previous block, forming a chain. Link to Cryptography.
Broadcast Message: A network message sent from one device to all devices in a network segment. Broadcast messages are used for various purposes, such as discovering network services or devices, but can generate significant network traffic if overused. Link to Networking.
bzip: A file compression utility and format that uses the Burrows-Wheeler algorithm for higher compression ratios compared to gzip. The bzip2 command is used to compress files, resulting in a .bz2 extension. It is also used with tar to create compressed archive files with a .tar.bz2 extension. Link to Linux.
Caesar Cipher: A type of substitution cipher where each letter in the plaintext is shifted a fixed number of places down or up the alphabet. For example, with a shift of 3, 'A' would be encrypted to 'D', 'B' to 'E', and so on. It is named after Julius Caesar, who reportedly used it in his private correspondence. Link to Cryptography.
CFAA (Computer Fraud and Abuse Act): A U.S. federal law enacted in 1986 that criminalizes unauthorized access to computer systems and networks. The CFAA is designed to combat hacking and other forms of cybercrime by imposing penalties for accessing computers without authorization, exceeding authorized access, and causing damage or theft of data. Link to Management.
chmod: A command-line utility in Unix-like operating systems used to change the file permissions of a file or directory. The chmod command can modify permissions using symbolic notation (e.g., chmod u+x file.txt) or octal notation (e.g., chmod 755 file.txt). It allows users to set or modify read, write, and execute permissions for the owner, group, and others. Link to Linux.
CIS Controls: A set of prioritized cybersecurity best practices developed by the Center for Internet Security (CIS) to help organizations improve their security posture. The CIS Controls consist of specific, actionable recommendations that address the most common and impactful cyber threats. They are designed to be practical and effective, providing a clear roadmap for organizations to enhance their cybersecurity defenses. Link to Management.
Cisco: A multinational technology company headquartered in San Jose, California. Cisco designs, manufactures, and sells networking hardware, telecommunications equipment, and other high-technology services and products. It is known for its networking solutions, including routers, switches, and security devices. Link to Networking.
Clearsign: A method of digitally signing a message in a way that the signed message remains human-readable. Clearsigning allows the recipient to verify the authenticity and integrity of the message using the sender's public key without needing to decrypt the message content. Link to Cryptography.
Cloud Computing: A model for delivering computing resources over the internet on a pay-as-you-go basis. It allows users to access and use shared resources such as servers, storage, databases, networking, software, and analytics without the need for local infrastructure or hardware. Link to Networking.
cmdlet: A lightweight command used in the PowerShell environment. Cmdlets are specialized .NET classes that perform a single function and are used to automate tasks and manage system configurations. Link to Windows.
Cold Site: An offsite facility that provides space and basic infrastructure, such as power and cooling, but does not include active IT equipment or data. In the event of a disaster, the organization must transport and install its own hardware and restore data from backups, resulting in a longer recovery time. Link to Management.
Command Line Interface (CLI): A text-based user interface that allows users to interact with a computer by typing commands into a console or terminal. CLIs are powerful and efficient for performing tasks, especially for advanced users and system administrators. Link to Linux.
Compensating Controls: Alternative measures implemented to provide security when primary controls are not feasible or effective. These controls offer a way to achieve the same security objectives through different means, such as using additional monitoring when strong authentication is not possible. Link to Management.
Compression Algorithm: A method used to reduce the size of files by encoding data more efficiently. Compression algorithms can be lossless, preserving the original data exactly, or lossy, where some data is discarded for higher compression rates. Link to Linux.
Computer networks: A collection of interconnected devices that communicate with each other to share resources and information, such as the internet, local area networks (LANs), and wide area networks (WANs). Link to Intro.
Confidentiality: Limiting access to information based on need. Link to Intro.
Corrective Controls: Measures taken to correct and recover from security incidents. These controls aim to restore systems to their normal state and mitigate the impact of an incident, such as applying patches, restoring backups, and conducting post-incident analysis. Link to Management.
Credit Freeze: A security measure that restricts access to an individual's credit report, making it more difficult for identity thieves to open new accounts in their name. When a credit freeze is in place, lenders and other entities cannot access the credit report without the individual's permission. Link to Hygiene.
Credit Monitoring: A service that tracks changes to an individual's credit report and alerts them to potential signs of fraud or identity theft. Credit monitoring services can notify users of new accounts, inquiries, changes in account status, and other significant activities that may impact their credit. Link to Hygiene.
Credit Report: A detailed record of an individual's credit history, compiled by credit bureaus. It includes information such as personal identification details, credit accounts, payment history, inquiries, and public records. Credit reports are used by lenders, employers, and others to evaluate an individual's creditworthiness. Link to Hygiene.
Credit Score: A numerical representation of an individual's creditworthiness, typically ranging from 300 to 850. It is calculated based on credit history, including factors such as payment history, amounts owed, length of credit history, and types of credit used. Lenders use credit scores to assess the risk of lending money to a borrower. Link to Hygiene.
Cryptocurrency: A digital or virtual currency that uses cryptography for security and operates on a blockchain. Cryptocurrencies are decentralized and typically not controlled by any central authority, making them resistant to censorship and fraud. Examples include Bitcoin, Ethereum, and Litecoin. Link to Cryptography.
Cryptocurrency: A digital or virtual currency that uses cryptography for security. It operates independently of a central authority or government and is typically based on blockchain technology, which ensures transparency and immutability of transactions. Examples include Bitcoin and Ethereum. Link to Intro.
curl (Linux): A command-line tool used to transfer data to or from a server using various protocols, including HTTP, HTTPS, FTP, and more. curl is widely used for downloading files, testing APIs, and performing network requests. It is known for its versatility and ability to handle complex tasks such as authentication, proxy support, and data manipulation. Link to Linux.
Curve ed25519: A specific elliptic curve used in public-key cryptography, known for its high performance and security. Ed25519 is used for creating digital signatures and is part of the EdDSA (Edwards-curve Digital Signature Algorithm). It is favored for its speed, security, and resistance to certain types of cryptographic attacks. Link to Cryptography.
Custodial Wallet: A type of cryptocurrency wallet where a third party, such as an exchange, holds and manages the private keys on behalf of the user. The user trusts the custodian to secure their assets, but this also means the user does not have full control over their funds. Link to Cryptography.
Cyber Warfare: The use cybersecurity tools to aid in military objectives. Militaries may use sophisticated offensive and defensive cybersecurity tools. Link to Threats.
Data type - float: A data type used to represent numbers that have a fractional or decimal component. Floats are used for precise calculations involving real numbers. Examples include 3.14, -0.001, and 2.71828. Link to Python.
Data type - integer: A data type used to represent whole numbers without any fractional or decimal component. Integers can be positive, negative, or zero. Examples include -10, 0, and 42. Link to Python.
Data type - string: A data type used to represent sequences of characters. Strings are typically used to store and manipulate text. In many programming languages, strings are enclosed in quotes (single, double, or triple). Examples include "hello", 'world', and "12345". Link to Python.
Default Gateway: A network node that serves as an access point to other networks, typically used to route traffic from a local network to external networks, such as the internet. The default gateway is usually a router that connects the local network to the broader network infrastructure. Link to Networking.
DES (Data Encryption Standard): A symmetric-key algorithm for the encryption of digital data. Developed in the 1970s, it uses a 56-bit key and operates on 64-bit blocks of data. DES was widely used but is now considered insecure due to its relatively short key length, which makes it vulnerable to brute-force attacks. Link to Cryptography.
Detective Controls: Measures implemented to identify and detect security incidents as they occur. These controls help in recognizing and responding to threats in a timely manner and include tools such as intrusion detection systems, security audits, and log monitoring. Link to Management.
Deterrent Controls: Measures designed to discourage potential attackers from attempting to breach security. These controls create an environment that makes it less attractive or more difficult for attackers to succeed, such as warning signs, legal penalties, and visible security measures. Link to Management.
dig (Linux): Short for "Domain Information Groper," dig is a command-line tool used for querying Domain Name System (DNS) records. It is commonly used to perform DNS lookups and troubleshoot DNS issues. dig can retrieve various types of DNS records, such as A, AAAA, MX, and CNAME, providing detailed information about domain names and their associated IP addresses. Link to Linux.
Digital Forensics: The field of forensic science that focuses on the recovery, analysis, and preservation of digital evidence from electronic devices. Digital forensics is used in investigations involving cybercrime, data breaches, and other incidents where digital data can provide crucial evidence. It involves techniques for extracting data from computers, mobile devices, networks, and other digital storage media. Link to Threats.
Digital Signature: A cryptographic technique that allows a person to prove the authenticity and integrity of a message or document. It involves generating a signature using the sender's private key, which can be verified by anyone with the corresponding public key. Link to Cryptography.
Directive Controls: Measures designed to specify acceptable behavior and guide actions towards achieving security objectives. These controls include policies, procedures, and guidelines that direct how security should be implemented and maintained within an organization. Link to Management.
Directory Account: A user account that is managed within a directory service, such as Active Directory. It allows users to access network resources and services across multiple computers within a domain. Link to Windows.
Disaster Recovery: A set of policies, procedures, and tools designed to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on restoring IT operations and data access to ensure business continuity. Link to Management.
Discretionary Access Control (DAC): A type of access control where the owner of a resource has the ability to determine who can access it. Users can grant or revoke access to their resources at their discretion. Link to Management.
Disinformation: False or misleading information that is deliberately created and disseminated with the intent to deceive or mislead. Disinformation is often used to manipulate public opinion, obscure the truth, or achieve specific political, social, or economic objectives. Link to Threats.
DNS (Domain Name System): A hierarchical and decentralized naming system for computers, services, or other resources connected to the internet or a private network. It translates human-readable domain names (e.g., www.example.com) into IP addresses (e.g., 192.0.2.1) that computers use to identify each other on the network. Link to Networking.
DNS A Record: A type of DNS record that maps a domain name to an IPv4 address. It is used to direct traffic to the correct IP address for a given domain. Link to Networking.
DNS AAAA Record: A type of DNS record that maps a domain name to an IPv6 address. It is similar to an A record but is used for IPv6 addresses instead of IPv4. Link to Networking.
DNS Forward Lookup: The process of resolving a domain name to its corresponding IP address. This is the most common type of DNS query, where a user inputs a domain name, and the DNS returns the associated IP address. Link to Networking.
DNS Lookup: The process of querying the DNS to obtain information about a domain name, such as its corresponding IP address or other DNS records. DNS lookups are performed by DNS resolvers to translate domain names into the information needed to route network traffic. Link to Networking.
DNS MX Record: A type of DNS record that specifies the mail servers responsible for receiving email on behalf of a domain. Link to Networking.
DNS Record: A database entry in the DNS that maps domain names to various types of data, such as IP addresses, mail servers, or other resources. Each record type serves a specific purpose in the DNS infrastructure. Link to Networking.
DNS Reverse Lookup: The process of resolving an IP address to its corresponding domain name. This type of DNS query is used to determine the domain name associated with a given IP address. Link to Networking.
Dumpster Diving: A technique used to retrieve information that could be used to carry out an attack on a computer network. This involves searching through physical trash or digital waste to find discarded items such as documents, notes, or electronic devices that contain sensitive information. Dumpster diving can reveal passwords, personal information, or other data that can be exploited for malicious purposes. Link to Threats.
Dunder Methods: Short for "double underscore methods," these are special methods in Python that have double underscores before and after their names (e.g., __init__, __str__). Dunder methods are also known as magic methods or special methods. They enable the customization of the behavior of Python objects and allow the implementation of operator overloading, object initialization, and other advanced features. For example, __init__ is used to initialize an object's attributes, and __str__ defines the string representation of an object. Link to Python.
ECDHE (Elliptic Curve Diffie-Hellman Ephemeral): A key exchange protocol that uses elliptic curve cryptography to securely establish a shared secret between two parties. "Ephemeral" indicates that a new key pair is generated for each session, providing perfect forward secrecy. ECDHE is widely used in modern secure communication protocols, such as TLS 1.3. Link to Cryptography.
Elasticity: The ability of a cloud computing environment to automatically adjust resources to match the current demand. Elasticity ensures that resources are provisioned and de-provisioned dynamically, allowing for efficient use of resources and cost savings. It enables systems to scale up during peak usage and scale down when demand decreases. Link to Networking.
Elliptic Curve Cryptography (ECC): A form of asymmetric cryptography based on the algebraic structure of elliptic curves over finite fields. ECC provides similar security to RSA but with smaller key sizes, resulting in faster computations and reduced storage requirements. Link to Cryptography.
Elliptic Curve Private Key: A secret value used in elliptic curve cryptography (ECC) that is known only to the owner. It is a randomly selected number that serves as the basis for generating the corresponding public key. The private key is used for decrypting data and creating digital signatures. Link to Cryptography.
Elliptic Curve Public Key: A value derived from the elliptic curve private key using a mathematical function based on elliptic curve operations. The public key can be shared openly and is used for encrypting data and verifying digital signatures. It is computationally infeasible to derive the private key from the public key, ensuring the security of the cryptographic system. Link to Cryptography.
Encryption: The process of converting plaintext data into ciphertext using an algorithm and an encryption key. The purpose of encryption is to protect the confidentiality of the data, ensuring that only authorized parties can access the original information by decrypting it with the correct key. Link to Cryptography.
Endpoint Detection and Response (EDR): A cybersecurity solution that continuously monitors and collects data from endpoints to detect, investigate, and respond to security threats and incidents. EDR tools provide real-time visibility and advanced threat detection capabilities. Link to Hygiene.
Endpoint: Any device that connects to a network and communicates with other devices or systems. Examples include computers, smartphones, tablets, servers, and IoT devices. Link to Hygiene.
Ethernet Cable: A type of network cable used to connect devices within a local area network (LAN). Ethernet cables transmit data using electrical signals and are commonly used to connect computers, switches, routers, and other network devices. They come in various categories (e.g., Cat5e, Cat6) that determine their data transmission speed and bandwidth capabilities. Link to Networking.
Exploit: A method or tool used by threat actors to take advantage of a vulnerability in a system, application, or network. Exploits can lead to unauthorized access, data breaches, or other malicious activities. Link to Management.
Extended Detection and Response (XDR): An integrated cybersecurity approach that extends beyond endpoints to include data from multiple security layers such as network, server, and email. XDR solutions provide a holistic view of threats across an organization's entire IT environment, enabling more effective detection and response. Link to Hygiene.
FERPA (Family Educational Rights and Privacy Act): A U.S. federal law enacted in 1974 that protects the privacy of student education records. FERPA grants parents certain rights regarding their children's education records, which transfer to the student when they turn 18 or attend a school beyond the high school level. It also restricts the disclosure of personally identifiable information from education records without the consent of the student or parent. Link to Management.
FIDO2: A standard for passwordless authentication that uses cryptographic keys to verify a user's identity. FIDO2 is designed to improve security and usability by eliminating the need for passwords and other traditional forms of authentication. Link to Hygiene.
File Hash: A unique fixed-size string or number generated from the contents of a file using a hash function. It serves as a digital fingerprint of the file, allowing for the verification of file integrity and detection of any changes or corruption. Common hash functions include MD5, SHA-1, and SHA-256. Link to Cryptography.
FIPS 140 (Federal Information Processing Standard 140): A U.S. government standard that specifies security requirements for cryptographic modules. It ensures that cryptographic products meet certain security criteria and is widely used in government and industry to ensure the security of cryptographic implementations. Link to Cryptography.
Firewall Rules: Configurations that define the criteria for allowing or blocking network traffic through a firewall. These rules specify conditions such as IP addresses, ports, and protocols. Link to Windows.
Firewall: A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted network and an untrusted network. Link to Windows.
For Loop: A control flow statement that repeatedly executes a block of code for each item in a sequence (such as a list, tuple, or range). In Python, a for loop iterates over the elements of a sequence, allowing you to perform operations on each element. Link to Python.
Free as in Beer: A term used to describe software that is free of charge. It emphasizes the cost aspect, meaning the software can be obtained without payment, but it does not necessarily grant the freedoms associated with open source or free software. Link to Linux.
Free as in Speech: A term used to describe software that is free in terms of freedom, not price. It emphasizes the user's liberty to run, modify, and share the software, aligning with the principles of open source and free software. Link to Linux.
Function Arguments: Values that are passed to a function when it is called. Arguments allow functions to accept input and perform operations based on that input. In Python, arguments are specified within the parentheses in the function definition Link to Python.
Function Return: The value that a function gives back after completing its task. The return statement is used to specify the value to be returned. In Python, if no return statement is used, the function returns None by default. Link to Python.
Function: A block of organized, reusable code that performs a specific task. Functions help in breaking down complex problems into smaller, manageable parts and promote code reusability. In Python, functions are defined using the def keyword followed by the function name and parentheses. Link to Python.
Generative AI: A type of artificial intelligence that can create new content, such as text, images, music, or code, based on the data it has been trained on. Generative AI models, such as GPT-4, use machine learning techniques to generate outputs that mimic human creativity and can be used in various applications, including content creation, design, and software development. Link to Python.
Generative Artificial Intelligence: A subset of AI that focuses on creating new content, such as text, images, or music, using machine learning models. Examples include GPT-3 for text generation and GANs (Generative Adversarial Networks) for image creation. Link to Intro.
GitHub Copilot: An AI-powered code completion tool developed by GitHub in collaboration with OpenAI. GitHub Copilot assists developers by suggesting code snippets, functions, and entire lines of code as they type, based on the context of the current file and project. It aims to enhance productivity and reduce the time spent on repetitive coding tasks. Link to Python.
gpg (GNU Privacy Guard): An open-source implementation of the OpenPGP standard, used for encrypting and signing data and communications. It provides a free alternative to proprietary encryption software and supports both symmetric and asymmetric encryption methods. Link to Cryptography.
GPLv2 License (GNU General Public License version 2): A copyleft open source license that allows users to freely use, modify, and distribute the software, but requires that any derivative works also be licensed under the GPLv2. This ensures that the software and its derivatives remain free and open. Link to Linux.
GPLv3 License (GNU General Public License version 3): An updated version of the GPLv2 license that includes additional protections against software patents, tivoization (restricting user modifications), and other issues. Like GPLv2, it requires that derivative works be licensed under the GPLv3 to ensure continued freedom and openness. Link to Linux.
Graphical User Interface (GUI): A type of user interface that allows users to interact with electronic devices using graphical elements such as windows, icons, and buttons. GUIs are designed to be intuitive and user-friendly, making it easier for people to use computers and software applications. Link to Linux.
Gray Hat Hackers: Legacy term for semi-authorized hackers--hackers who have some cybersecurity responsibilities, but may go beyond the scope of authorization. Link to Intro.
grep: A command-line utility in Unix-like operating systems used to search for specific patterns within files. It stands for "Global Regular Expression Print" and allows users to filter and display lines in a file that match a given regular expression or string. Link to Linux.
Group Policy Editor: A management console in Windows that allows administrators to create, modify, and apply Group Policy settings. It is accessed through the gpedit.msc command and provides a graphical interface for managing Group Policy Objects (GPOs). Link to Windows.
Group Policy: A feature of Microsoft Windows that provides centralized management and configuration of operating systems, applications, and user settings in an Active Directory environment. It allows administrators to implement specific configurations for users and computers. Link to Windows.
gzip: A file compression utility and format based on the DEFLATE algorithm. The gzip command is used to compress files, resulting in a .gz extension. It is commonly used in combination with tar to create compressed archive files with a .tar.gz extension. Link to Linux.
Hardware Wallet: A type of cryptocurrency wallet that is a physical device designed to securely store private keys offline. Hardware wallets provide a high level of security by keeping the keys isolated from internet-connected devices, reducing the risk of hacking and malware attacks. Examples include Ledger and Trezor devices. Link to Cryptography.
Hashcat: A powerful and versatile password cracking tool that supports a wide range of hashing algorithms. Hashcat can perform dictionary attacks, brute force attacks, and other advanced techniques to recover passwords from hashed data. Link to Cryptography.
Hashing: The process of converting data of any size into a fixed-size string or number using a hash function. Hashing is used for data integrity verification, password storage, and digital signatures. Unlike encryption, hashing is a one-way process and cannot be reversed to retrieve the original data. Link to Cryptography.
HIPAA (Health Insurance Portability and Accountability Act): A U.S. law enacted in 1996 that sets national standards for the protection of individuals' medical records and other personal health information. HIPAA requires healthcare providers, insurers, and their business associates to implement safeguards to ensure the confidentiality, integrity, and security of protected health information (PHI). Link to Management.
Hop: A step in the path that data packets take from the source to the destination across a network. Each hop represents a transition from one network device (such as a router) to another. The number of hops indicates the number of devices data passes through to reach its destination. Link to Networking.
Host Firewall: A firewall that is installed on individual devices (hosts) to protect them from threats. It monitors and controls network traffic to and from the specific device. Link to Windows.
Hot Site: A fully operational offsite data center that is equipped with hardware, software, and network connectivity to take over business operations immediately or within a very short period after a disaster. Hot sites are kept up-to-date with real-time data replication and are ready for immediate use. Link to Management.
HTTP (Hypertext Transfer Protocol): An application-layer protocol used for transmitting hypermedia documents, such as HTML. It is the foundation of data communication on the World Wide Web, enabling web browsers and servers to communicate. Link to Networking.
HTTP Session: A sequence of network request-response transactions between a client (usually a web browser) and a server. An HTTP session is initiated by opening a connection and terminated by closing it, often involving multiple requests and responses. Link to Cryptography.
HTTPS (Hypertext Transfer Protocol Secure): An extension of HTTP that uses encryption to secure data transmitted between a web browser and a server. HTTPS ensures the confidentiality, integrity, and authenticity of the data by using protocols like SSL/TLS. Link to Cryptography.
IaaS (Infrastructure as a Service): A cloud computing service model that provides virtualized computing resources over the internet. It offers fundamental infrastructure components such as virtual machines, storage, and networking, allowing users to build and manage their own IT environments. Examples include Amazon Web Services (AWS) EC2, Microsoft Azure, and Google Cloud Platform. Link to Networking.
IBM: International Business Machines Corporation, a global technology and consulting company known for its computer hardware, software, and services. Link to Windows.
ICMP (Internet Control Message Protocol): A network layer protocol used by network devices to diagnose network communication issues. ICMP is primarily used for sending error messages and operational information, such as indicating that a requested service is not available or that a host or router could not be reached. It is an integral part of the IP suite and is used by tools like ping and traceroute. Link to Networking.
IDE (Integrated Development Environment): A software application that provides comprehensive facilities to computer programmers for software development. An IDE typically includes a code editor, compiler or interpreter, debugger, and other tools that facilitate the development process. Examples of IDEs include Visual Studio Code, IntelliJ IDEA, and Eclipse. Link to Python.
IDE Extensions: Add-ons or plugins that enhance the functionality of an Integrated Development Environment (IDE). Extensions can provide additional features such as language support, code snippets, linters, debuggers, and tools for version control. In Visual Studio Code, extensions can be easily installed and managed through the built-in Extensions Marketplace. Link to Python.
Information Security Triad: Three principal elements of information security are confidentiality, integrity, and availability. Link to Intro.
Integrity: Ensuring that modifications to data are authorized. Data is stored and transmitted without errors. Link to Intro.
Internet of Things (IoT): A network of physical objects embedded with sensors, software, and other technologies to connect and exchange data with other devices and systems over the internet. Link to Intro.
Internet Protocol: A set of rules governing the format of data sent over the internet or other networks. It is responsible for addressing and routing packets of data so they can travel across networks and arrive at the correct destination. The most commonly used versions are IPv4 and IPv6. Link to Networking.
Internet Service Provider (ISP): A company or organization that provides individuals and businesses with access to the internet. ISPs offer various services, including broadband, dial-up, and wireless internet connections, as well as additional services like email hosting and web hosting. Link to Networking.
Internet: A global network of interconnected computers and other devices that communicate using standardized protocols. It enables the exchange of information and access to a vast array of services, including the World Wide Web, email, and file sharing. Link to Networking.
IPv4 Address: A 32-bit numerical address used to identify devices on a network. It is typically represented in dotted decimal format (e.g., 192.168.1.1). IPv4 addresses are divided into network and host portions, allowing for hierarchical addressing and routing. Link to Networking.
John: Short for "John the Ripper," a popular open-source password cracking tool. It is used to detect weak passwords and recover lost passwords by performing various types of attacks, including dictionary attacks and brute force attacks. Link to Cryptography.
Kali Linux: A Debian-based Linux distribution designed for digital forensics and penetration testing. Developed and maintained by Offensive Security, Kali Linux includes a wide range of security tools and is used by security professionals and ethical hackers for vulnerability assessment and security auditing. Link to Linux.
Kernel Mode: A privileged mode of operation for the CPU that allows unrestricted access to all system resources, including hardware and memory. In this mode, the operating system kernel and core system services run, enabling them to execute critical tasks and manage hardware directly. Link to Hygiene.
Key Escrow: A method of storing cryptographic keys in a secure location so that they can be recovered if they are lost or stolen. Key escrow is used to protect sensitive information and prevent unauthorized access to encrypted data. Link to Hygiene.
Key Exchange: The process of securely exchanging cryptographic keys between parties. In asymmetric cryptography, key exchange protocols like Diffie-Hellman allow two parties to establish a shared secret key over an insecure channel. Link to Cryptography.
Key Fingerprint: A short sequence of bytes used to uniquely identify a cryptographic key. In the context of SSH, a key fingerprint is a hash of a public key, used to verify the authenticity of the key during the SSH handshake process. It helps ensure that the server or client is communicating with the intended party. Link to Networking.
Key Management: The process of handling cryptographic keys throughout their lifecycle, including their generation, distribution, storage, rotation, and destruction. Effective key management is crucial for maintaining the security of encrypted data and ensuring that keys are protected from unauthorized access. Link to Cryptography.
Key Pair: In asymmetric cryptography, a key pair consists of a public key and a private key. The public key can be shared openly, while the private key must be kept secret. Together, they are used for encryption, decryption, and digital signatures. Link to Cryptography.
Last Mile Problem: The challenge of delivering high-speed internet connectivity from the nearest network hub to the end user's location, typically their home or business. This "last mile" can be the most difficult and expensive part of the network to upgrade and maintain, often resulting in slower internet speeds and limited access in rural or underserved areas. Link to Networking.
Linux - sha256sum: A command-line utility in Linux used to compute and verify SHA-256 hash values of files. It reads the file content and generates a SHA-256 hash, which can be used to check the file's integrity. Link to Cryptography.
Linux /dev Directory: The directory that contains device files, which represent hardware devices and peripherals. These files allow software to interact with hardware components. Examples include /dev/sda for a hard drive and /dev/tty for a terminal device. Link to Linux.
Linux /etc Directory: The directory that contains system-wide configuration files and scripts. It includes settings for the operating system, installed applications, and services. Examples of files in /etc include passwd, fstab, and hosts. Link to Linux.
Linux /home Directory: The directory where user-specific files and directories are stored. Each user has a subdirectory within /home named after their username, which contains their personal files, configuration settings, and application data. Link to Linux.
Linux /media Directory: The directory used for mounting removable media such as USB drives, CDs, and DVDs. When a removable device is connected to the system, it is typically mounted to a subdirectory within /media, allowing users to access its contents. Link to Linux.
Linux /root Directory: The home directory for the root user, the superuser with administrative privileges. It is separate from the /home directory to ensure that the root user's files are isolated from regular users' files. Link to Linux.
Linux /var Directory: The directory used for storing variable data that changes frequently. This includes log files, spool files, cache files, and temporary files. Subdirectories within /var include /var/log, /var/spool, and /var/tmp. Link to Linux.
Linux Accounts: User accounts in a Linux operating system that allow individuals to access and interact with the system. Each account has a unique username and is associated with specific permissions and settings. Linux accounts can be for regular users, administrators (root), or system services. Link to Linux.
Linux Directories: The hierarchical structure used to organize files and folders in a Linux operating system. Each directory serves a specific purpose and contains files related to that purpose. The root of this hierarchy is the / directory, from which all other directories branch out. Link to Linux.
Linux Distribution: A complete operating system based on the Linux kernel, bundled with various software packages, system libraries, and tools. Distributions (distros) are tailored for different use cases and user preferences, providing a ready-to-use environment. Examples include Ubuntu, RedHat, Kali, Fedora, and Debian. Link to Linux.
Linux File Permissions: A system that controls the access rights to files and directories in a Linux operating system. Permissions determine who can read, write, or execute a file. They are typically represented by a combination of three sets of permissions (read, write, execute) for three types of users (owner, group, others). For example, rwxr-xr-- indicates read, write, and execute permissions for the owner, read and execute permissions for the group, and read-only permissions for others. Link to Linux.
Linux File: A basic unit of storage in a Linux operating system that can contain data, be it text, binary, or executable code. Linux files are organized within a hierarchical directory structure and can represent various types of data, including regular files, directories, symbolic links, device files, and more. Files in Linux are managed by the file system, which provides mechanisms for creating, reading, writing, and deleting files. Link to Linux.
Linux find: A powerful command-line utility used to search for files and directories within a file system based on various criteria such as name, size, modification date, and permissions. The find command can also execute actions on the found items, such as deleting, moving, or changing permissions. Link to Linux.
Linux Kernel: The core component of the Linux operating system that manages system resources, hardware communication, and system processes. It provides the essential functions required for the operating system to operate and serves as the foundation for all Linux distributions. Link to Linux.
Linux Manual: A comprehensive set of documentation that provides detailed information about Linux commands, system calls, configuration files, and other aspects of the operating system. The manual pages, often accessed using the man command, serve as a reference for users and administrators to understand and use Linux effectively. Link to Linux.
Linux: An open-source, Unix-like operating system kernel created by Linus Torvalds in 1991. Linux is widely used in various distributions (distros) that include the kernel along with system software and libraries. It is known for its flexibility, security, and strong community support. Link to Linux.
Local Account: A user account that is created and stored on a specific computer. It allows access to that computer but does not provide access to network resources or other computers. Link to Windows.
MAC Address: A unique identifier assigned to a network interface card (NIC) for communications at the data link layer of a network segment. MAC addresses are used within a local network to identify devices and facilitate communication between them. They are typically represented as six pairs of hexadecimal digits. They are also known as hardware addresses or physical addresses. Link to Networking.
Main Function: The entry point of a program when it is executed as the main program. Link to Python.
Mainframes: Powerful, large-scale computers used primarily by large organizations for critical applications, bulk data processing, and large-scale transaction processing. Link to Intro.
Malinformation: Information that is based on reality but is used to inflict harm on a person, organization, or country. Malinformation involves the deliberate use of truthful information in a way that is intended to cause damage, such as leaking private information or spreading harmful truths. Link to Threats.
Managed Detection and Response (MDR): A managed security service that combines technology and human expertise to detect, analyze, and respond to threats on behalf of an organization. MDR providers offer 24/7 monitoring, threat intelligence, and incident response services to enhance an organization's security posture. Link to Hygiene.
Managerial Controls: Policies, procedures, and guidelines established by an organization's management to ensure the security and proper functioning of information systems. These controls focus on the administrative aspects of security, such as risk management, security planning, and compliance. Link to Management.
Mandatory Access Control (MAC): A type of access control where access permissions are determined by a central authority based on the classification of the resource and the user's security clearance. Users cannot change access permissions; they can only access resources based on their assigned security level. Link to Management.
Microsoft OneDrive: A cloud storage service provided by Microsoft that allows users to store files and access them from any device with an internet connection. Link to Windows.
Microsoft Windows Home: A version of the Windows operating system designed for home users with features tailored for personal use. Link to Windows.
Microsoft Windows Pro: A version of the Windows operating system designed for professional users and businesses, offering advanced features such as domain join, Group Policy management, and BitLocker. Link to Windows.
Microsoft Windows: A group of several proprietary graphical operating system families developed and marketed by Microsoft. Link to Windows.
Microsoft: A multinational technology company known for its software products, including the Windows operating system, Office suite, and Azure cloud services. Link to Windows.
Misinformation: False or inaccurate information that is spread without the intent to deceive. Misinformation can result from misunderstandings, mistakes, or the unintentional sharing of incorrect data. Unlike disinformation, misinformation is not deliberately created to mislead. Link to Threats.
MIT License: A permissive open source license that allows users to freely use, modify, and distribute the software, provided that the original copyright notice and permission notice are included in all copies or substantial portions of the software. It imposes minimal restrictions on reuse. Link to Linux.
Multi-factor Authentication (MFA): A security process that requires two or more authentication factors from different categories to verify a user's identity. This enhances security by making it more difficult for unauthorized users to gain access. Link to Hygiene.
Mutability: The ability of an object to be changed after it has been created. In programming, mutable objects can have their state or contents modified, while immutable objects cannot be altered once created. For example, in Python, lists are mutable (their elements can be changed), whereas strings and tuples are immutable (their contents cannot be changed after creation). Link to Python.
nano: A simple, user-friendly text editor for Unix-like operating systems. It operates in the terminal and provides basic text editing capabilities, making it easy to create and modify text files. Nano is known for its ease of use, with on-screen prompts and keyboard shortcuts for common actions. Link to Linux.
Network Firewall: A firewall that is implemented at the boundary of a network to protect the entire network from external threats. It can be hardware-based, software-based, or a combination of both. Link to Windows.
Network Mapping: The process of discovering and documenting the devices, connections, and topology of a computer network. Network mapping helps in understanding the structure and layout of the network, identifying active devices, and visualizing the relationships between them. It is essential for network management, troubleshooting, and security assessments. Link to Linux.
Network Switch: A networking device that connects multiple devices within a local area network (LAN) and uses packet switching to forward data to its destination. It operates at the data link layer (Layer 2) of the OSI model. Some advanced switches (i.e., multilayer switches) can also operate at the network layer (Layer 3) for routing purposes. Switches improve network efficiency by reducing collisions and segmenting traffic. Link to Networking.
NIST (National Institute of Standards and Technology): A U.S. federal agency that develops and promotes measurement standards, including cryptographic standards. NIST is responsible for establishing guidelines and standards for information security, such as AES and FIPS 140. Link to Cryptography.
NIST Cybersecurity Framework: A set of guidelines and best practices developed by the National Institute of Standards and Technology (NIST) to help organizations manage and reduce cybersecurity risks. The framework provides a common language and systematic approach to identify, protect, detect, respond to, and recover from cyber threats. It is widely used across various industries to enhance cybersecurity posture and ensure compliance with regulatory requirements. Link to Management.
nmap: Short for "Network Mapper," nmap is a powerful open-source tool used for network discovery and security auditing. It can perform various tasks such as host discovery, port scanning, service detection, and vulnerability scanning. Nmap is widely used by network administrators and security professionals to assess network security and manage network inventory. Link to Linux.
nslookup: A command-line network administration tool used to query the Domain Name System (DNS) to obtain domain name or IP address mapping information. It can be used to perform DNS lookups and troubleshoot DNS-related issues. Link to Networking.
Octal: A base-8 numbering system used to represent file permissions in Unix-like operating systems. Each digit in an octal number represents a set of three binary bits, corresponding to read (4), write (2), and execute (1) permissions. For example, the octal number 755 translates to rwxr-xr-x, where the owner has full permissions (7), the group has read and execute permissions (5), and others have read and execute permissions (5). Link to Linux.
One-time Pad Codebook: A physical or digital book containing a set of pre-shared keys used for one-time pad encryption. Each key is used only once and then discarded. The codebook must be securely distributed and kept secret to maintain the security of the encryption. Link to Cryptography.
One-time Pad: A type of encryption technique that uses a single-use pre-shared key that is as long as the message being sent. Each bit or character of the plaintext is encrypted by combining it with the corresponding bit or character from the key using a modular addition. When used correctly, it provides theoretically unbreakable encryption. Link to Cryptography.
Open Source: A type of software licensing that allows the source code to be freely available for anyone to view, modify, and distribute. Open source software promotes collaboration and sharing, enabling developers to improve and build upon existing code. Link to Linux.
OpenSSH: An open-source implementation of the Secure Shell (SSH) protocol, providing encrypted communication sessions over a computer network. OpenSSH includes tools for secure remote login, file transfer, and tunneling, and it is widely used for secure access to remote systems. Link to Cryptography.
Operational Controls: Day-to-day procedures and practices implemented to protect information systems and ensure their secure operation. These controls include activities such as user training, incident response, and regular system monitoring. Link to Management.
PaaS (Platform as a Service): A cloud computing service model that provides a platform allowing customers to develop, run, and manage applications without dealing with the underlying infrastructure. It includes tools and services for application development, such as databases, middleware, and development frameworks. Examples include Google App Engine, Microsoft Azure App Services, and Heroku. Link to Networking.
Packet Capture: The process of intercepting and logging traffic that passes over a computer network. Packet capture tools collect data packets for analysis, helping network administrators and security professionals diagnose issues and monitor network activity. Link to Networking.
Packet Tracer: A network simulation tool developed by Cisco. It allows users to create network topologies, configure devices, and simulate network traffic to practice and learn networking concepts. Packet Tracer is widely used in educational settings and by individuals preparing for Cisco certification exams. Link to Networking.
Packet: A unit of data transmitted over a network. Packets contain both the data being sent and control information, such as source and destination addresses, necessary for routing the data to its intended recipient. Link to Networking.
Passkeys: A type of passwordless authentication that uses cryptographic keys to verify a user's identity. Passkeys are stored on the user's device and are used to authenticate without requiring a traditional password. Link to Hygiene.
passwd File: A system file located at /etc/passwd that contains information about user accounts. Each line in the file represents a user and includes fields such as username, user ID (UID), group ID (GID), home directory, and shell. The actual passwords are not stored in this file for security reasons. Link to Linux.
Password Attack - Brute Force: A method of password cracking that systematically tries all possible combinations of characters until the correct password is found. Brute force attacks are time-consuming and computationally intensive but can eventually crack any password given enough time and resources. Link to Cryptography.
Password Attack - Dictionary: A method of password cracking that uses a precompiled list of potential passwords (a dictionary) to guess the correct password. The attack systematically tries each password in the list until it finds a match. Link to Cryptography.
Password Complexity: The measure of how difficult a password is to guess or crack. It typically involves a combination of uppercase and lowercase letters, numbers, and special characters, and avoids common words or patterns to enhance security. Link to Hygiene.
Password Cracking: The process of recovering passwords from data that has been stored or transmitted in a hashed or encrypted form. This is typically done using various techniques such as brute force, dictionary attacks, or rainbow tables to guess or systematically try possible passwords until the correct one is found. Link to Cryptography.
Password Dictionary: A list of commonly used passwords or potential passwords compiled for use in dictionary attacks. These dictionaries often include common words, phrases, and variations that users might choose as passwords. Link to Cryptography.
Password Hash: A fixed-size string or number generated from a password using a cryptographic hash function. It is used to securely store passwords by converting them into a format that is difficult to reverse-engineer. When a user logs in, the entered password is hashed and compared to the stored hash to verify the user's identity. Link to Cryptography.
Password Manager: A software application that helps users generate, store, and manage their passwords securely. It often includes features like auto-filling login forms and encrypting stored passwords to protect them from unauthorized access. Link to Hygiene.
Password Vault: A secure, encrypted storage space within a password manager where users' passwords and other sensitive information are kept. It ensures that only authorized users can access the stored data. Link to Hygiene.
Password: A secret string of characters used to authenticate a user and grant access to a system, application, or service. It is a primary method of securing accounts and protecting sensitive information. Link to Hygiene.
Passwordless Authentication: A method of verifying a user's identity without requiring a traditional password. Passwordless authentication methods include passkeys, biometrics, and other forms of authentication that do not rely on passwords. Link to Hygiene.
Penetration Tester: A cybersecurity professional who is authorized to simulate cyberattacks on a system, network, or application to identify and exploit vulnerabilities. Their goal is to improve security by finding and addressing weaknesses before malicious hackers can exploit them. Penetration testers are authorized hackers. Link to Intro.
PEP (Python Enhancement Proposal): A design document that provides information to the Python community or proposes changes to the Python language. PEPs are used to discuss new features, enhancements, and best practices. One of the most well-known PEPs is PEP 8, which outlines the style guide for Python code. Link to Python.
Perfect Forward Secrecy (PFS): A property of secure communication protocols that ensures session keys will not be compromised even if the private key of the server is compromised in the future. PFS achieves this by generating unique session keys for each communication session, which are not derived from the server's private key. Link to Cryptography.
Personal computers: General-purpose computers designed for individual use, typically consisting of a desktop or laptop, used for tasks such as word processing, internet browsing, and gaming. Link to Intro.
Phishing: A type of cyber attack where attackers attempt to deceive individuals into providing sensitive information, such as usernames, passwords, credit card numbers, or other personal data. Phishing attacks are typically carried out through fraudulent emails, messages, or websites that appear to be from legitimate sources. The goal is to trick the victim into clicking on malicious links or attachments, or into divulging confidential information. Link to Threats.
Physical Controls: Security measures designed to protect the physical infrastructure of information systems. These controls include locks, security guards, surveillance cameras, and access control systems to prevent unauthorized physical access to facilities and equipment. Link to Management.
PID (Process Identifier): A unique number assigned by the operating system to each running process. It is used to manage and track processes. Link to Windows.
ping: A network utility tool used to test the reachability of a host on an IP network. It works by sending Internet Control Message Protocol (ICMP) Echo Request messages to the target host and waiting for an Echo Reply. The tool measures the round-trip time for messages sent from the source to the destination and back, helping diagnose network connectivity issues. Link to Networking.
Port Scanning: The process of systematically scanning a computer or network device to identify open ports and the services running on them. Port scanning helps in detecting potential entry points for attackers, assessing the security of networked systems, and ensuring that only necessary services are exposed. Tools like nmap are commonly used for port scanning. Link to Linux.
Potentially Unwanted Program (PUP): Software that a user may perceive as unwanted, often because it was downloaded unintentionally or bundled with other software. PUPs can include adware, toolbars, or other software that may compromise user privacy or system performance, even though they are not classified as malware. Link to Hygiene.
PowerShell - Get-FileHash: A PowerShell cmdlet used to compute the hash value of a file. It supports various hash algorithms, such as MD5, SHA-1, and SHA-256. The cmdlet is useful for verifying file integrity and ensuring that files have not been tampered with. Link to Cryptography.
PowerShell ISE: Integrated Scripting Environment, a graphical user interface for PowerShell that provides features such as syntax highlighting, debugging, and script editing to facilitate writing and testing PowerShell scripts. Link to Windows.
PowerShell Prompt: The command-line interface where users can enter PowerShell commands and scripts. It is typically represented by PS> in the console. Link to Windows.
PowerShell Variables: Storage locations in PowerShell that hold data, which can be used and manipulated within scripts and commands. Variables in PowerShell are prefixed with a $ symbol (e.g., $variableName) and can store various types of data, including strings, integers, arrays, and objects. Link to Windows.
PowerShell: A task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET framework. Link to Windows.
Preventive Controls: Measures taken to prevent security incidents from occurring. These controls aim to stop threats before they can cause harm and include actions such as implementing strong authentication, using antivirus software, and conducting regular security training. Link to Management.
Privacy Paradox: A phenomenon where individuals express a high level of concern about their privacy but simultaneously engage in behaviors that compromise it. This paradox highlights the inconsistency between people's stated privacy preferences and their actual actions, such as sharing personal information on social media or accepting terms and conditions without reading them. Link to Threats.
Privacy: The right of individuals to keep their personal information secure and free from unauthorized access or disclosure. Privacy involves the ability to control who has access to one's personal data and how that data is used. It is a fundamental aspect of personal freedom and security, encompassing various dimensions such as informational privacy, physical privacy, and communication privacy. Link to Threats.
Procedural Programming: A programming paradigm based on the concept of procedure calls, where the program is structured into procedures (also known as functions or subroutines). Each procedure contains a sequence of statements that perform a specific task. Procedural programming emphasizes a clear sequence of steps to achieve a desired outcome and is exemplified by languages such as C, Pascal, and Fortran. Link to Python.
Processes: Instances of running programs or system tasks. In Windows, the Processes tab in Task Manager displays detailed information about each process, including CPU and memory usage. Link to Windows.
Public Key/Private Key Cryptography: Another term for asymmetric cryptography, where a pair of keys—a public key and a private key—are used for encryption and decryption. Link to Cryptography.
Python Comparison Operators: Operators used to compare two values or expressions in Python. They return a Boolean value (True or False) based on the comparison. The main comparison operators in Python are == (equal to), != (not equal to), > (greater than), < (less than), >= (greater than or equal to), and <= (less than or equal to). Link to Python.
Python Conditional Statements: Constructs in Python that allow the execution of specific blocks of code based on certain conditions. The primary conditional statements in Python are if, elif, and else. These statements enable decision-making in code by evaluating expressions and executing code blocks when the expressions are true. Link to Python.
Python Design Philosophy: The guiding principles behind the development and evolution of the Python programming language. These principles emphasize code readability, simplicity, and explicitness. They are encapsulated in "The Zen of Python," a collection of aphorisms that capture the essence of Python's design philosophy. Examples include "Beautiful is better than ugly" and "Simple is better than complex." Link to Python.
Python f-strings: A feature introduced in Python 3.6 that provides a concise and readable way to embed expressions inside string literals using curly braces {}. F-strings, or formatted string literals, are prefixed with the letter f. They allow for inline expression evaluation and formatting, making string interpolation more convenient and efficient. Link to Python.
Python Imports: A mechanism in Python that allows you to include and use code from external modules and packages in your script. By using the import statement, you can access functions, classes, and variables defined in other files, promoting code reuse and modularity. Link to Python.
Python String Concatenation: The process of joining two or more strings end-to-end to form a single string. In Python, string concatenation can be achieved using the + operator. Link to Python.
Python String Functions and Methods: Built-in functions and methods in Python that allow for manipulation and processing of string data. These functions can perform a variety of operations such as searching, replacing, splitting, and formatting strings. Examples include len(), str(), upper(), lower(), split(), and replace(). Link to Python.
Python: A high-level, interpreted programming language known for its readability, simplicity, and versatility. Python supports multiple programming paradigms, including procedural, object-oriented, and functional programming. It is widely used for web development, data analysis, artificial intelligence, scientific computing, and more. Link to Python.
Ransomware: A type of malicious software (malware) that encrypts the victim's data or locks them out of their system, demanding a ransom payment to restore access. Ransomware attacks can cause significant disruption and financial loss to individuals and organizations. The attackers typically demand payment in cryptocurrency to maintain anonymity. Link to Threats.
Reconnaissance: The initial phase in a cyber attack where the attacker gathers information about the target system, network, or organization. This phase involves activities such as scanning for vulnerabilities, mapping network topology, identifying active services, and collecting data on potential entry points. Reconnaissance helps attackers plan their subsequent actions and increase the likelihood of a successful breach. Link to Threats.
Recovery Point Objective (RPO): The maximum acceptable amount of data loss measured in time. RPO defines the point in time to which data must be recovered after a disaster to ensure business continuity. It helps determine the frequency of data backups and replication. Link to Management.
Recovery Time Objective (RTO): The maximum acceptable amount of time that a system, application, or process can be down after a disaster before normal operations must be restored. RTO defines the target time frame for recovering IT and business operations to minimize the impact of a disruption. Link to Management.
RedHat Linux: A commercial Linux distribution developed by Red Hat, Inc. It is known for its stability, security, and enterprise support. RedHat Linux has evolved into Red Hat Enterprise Linux (RHEL), which is widely used in enterprise environments for servers and workstations. Link to Linux.
Regular Expressions: A sequence of characters that define a search pattern, often used for pattern matching within strings. Regular expressions are powerful tools for text processing, allowing complex search and replace operations. They are used in various programming languages and tools, including grep, sed, and text editors. Link to Linux.
Relative Path: A file or directory path that specifies the location relative to the current working directory. It does not start from the root directory but from the current position in the file system. For example, if the current working directory is /home/user, the relative path documents/file.txt refers to /home/user/documents/file.txt. Link to Linux.
Risk Acceptance: A risk management strategy where an organization decides to acknowledge the risk and its potential impact but chooses not to take any action to mitigate it. This approach is typically used when the cost of mitigation exceeds the potential loss or when the risk is deemed acceptable. Link to Management.
Risk Avoidance: A risk management strategy that involves eliminating the risk by discontinuing the activity or process that generates the risk. This approach is used when the risk is deemed too high and cannot be effectively mitigated. Link to Management.
Risk Mitigation: A risk management strategy that involves taking actions to reduce the likelihood or impact of a risk. Mitigation measures can include implementing security controls, patching vulnerabilities, and enhancing monitoring and response capabilities. Link to Management.
Risk Transfer: A risk management strategy that involves shifting the risk to a third party, such as through insurance or outsourcing. This approach allows an organization to reduce its exposure to the risk while ensuring that it is managed by an external entity. Link to Management.
Role-Based Access Control (RBAC): A type of access control where access permissions are based on the user's role within the organization. Users are assigned to roles, and each role has specific access permissions associated with it. Link to Management.
Root User: The superuser account in Unix and Linux operating systems with the highest level of privileges. The root user has unrestricted access to all commands, files, and system resources, allowing them to perform administrative tasks such as installing software, modifying system configurations, and managing user accounts. Due to its powerful capabilities, the root account should be used with caution to avoid unintentional system damage or security risks. Link to Linux.
Rotation Cipher: An encryption cipher in which the letters of the plaintext are rotated by a fixed number of positions in the alphabet. The term "rotation" emphasizes the circular nature of the shift, where after 'Z', the alphabet wraps around to 'A'. Link to Cryptography.
Router: A networking device that forwards data packets between computer networks. Routers direct traffic on the internet by determining the best path for data to travel from its source to its destination. They operate at the network layer (Layer 3) of the OSI model. Link to Networking.
RSA (Rivest-Shamir-Adleman): A widely used asymmetric cryptographic algorithm that relies on the mathematical properties of large prime numbers. RSA is used for secure data transmission, digital signatures, and key exchange. Link to Cryptography.
RSA Key Exchange: A method of securely exchanging cryptographic keys using the RSA algorithm. In this process, a public key is used to encrypt a session key, which is then decrypted by the recipient using their private key. This session key is used for symmetric encryption of the data. RSA key exchange lacks perfect forward secrecy. Link to Cryptography.
RTFM (Read The Fine/Friendly Manual): A colloquial expression often used in technical communities to encourage users to consult the official documentation or manual before asking for help. It emphasizes the importance of self-research and understanding the available resources to solve problems independently. Link to Linux.
SaaS (Software as a Service): A cloud computing service model that delivers software applications over the internet. Users can access and use the software through a web browser without needing to install or maintain it on their local devices. Examples include Google Workspace, Microsoft Office 365, and Salesforce. Link to Networking.
Salt (Hashing): A random value added to a password before hashing to ensure that identical passwords produce different hash values. Salting helps protect against dictionary attacks and rainbow table attacks by making it more difficult for attackers to precompute hash values for common passwords. Link to Cryptography.
Scalability: The ability of a system, network, or process to handle an increasing amount of work or to be easily expanded to accommodate growth. Link to Networking.
Script Piping: A technique in scripting where the output of one command or script is passed directly as input to another command or script. This allows for the chaining of multiple commands to perform complex tasks efficiently. The pipe operator (|) is used to connect these commands. Link to Windows.
Semi-authorized Hackers: Hackers who have some level of permission or responsibility to assess system security, but their actions may sometimes exceed the scope of their authorization. Link to Intro.
Services: Background tasks that run without user interaction to support various system functions and applications. In Windows, the Services tab in Task Manager shows the status of these services and allows users to start or stop them. Link to Windows.
Session Key: A temporary encryption key used for the duration of a single communication session. It is generated at the beginning of the session and discarded after the session ends. Session keys are used in symmetric encryption to ensure the confidentiality and integrity of data exchanged during the session. Link to Cryptography.
SHA2-256: A cryptographic hash function that produces a 256-bit (32-byte) hash value, commonly represented as a 64-character hexadecimal string. It is part of the SHA-2 (Secure Hash Algorithm 2) family and is widely used for secure hashing in various applications, including password hashing and data integrity verification. Link to Cryptography.
shadow File: A system file located at /etc/shadow that stores encrypted password information for user accounts. This file is only accessible by the root user and contains additional fields such as password aging information. The separation of password data into the shadow file enhances security by restricting access to sensitive information. Link to Linux.
Shoulder Surfing: Gaining access to sensitive information by looking at somebody's computer screen. This can be done by standing behind somebody, using mirrors, reflections, etc. Link to Threats.
Smartphones: Mobile devices that combine cellular communication capabilities with advanced computing features, including internet access, touchscreens, and a wide range of applications. Link to Intro.
SMS Authentication: A method of multi-factor authentication where a one-time password (OTP) is sent to the user's mobile phone via SMS. The user must enter this OTP in addition to their regular password to gain access. Link to Hygiene.
Snort: An open-source network intrusion detection and prevention system (IDS/IPS). It analyzes network traffic in real-time to detect and respond to potential security threats based on predefined rules and signatures. Link to Networking.
Social Engineering: A manipulation technique that exploits human psychology to gain access to confidential information or perform unauthorized actions. Social engineering attacks often involve tricking individuals into divulging sensitive information, such as passwords or financial details, or manipulating them into performing actions that compromise security. Common tactics include phishing, pretexting, baiting, and tailgating. Link to Threats.
Software Repository: A centralized storage location where software packages are stored and maintained. Repositories provide a convenient way to distribute and manage software, allowing users to easily install, update, and remove packages using package management tools. Examples include the Debian repository for Debian-based systems and the EPEL repository for Red Hat-based systems. Link to Linux.
Software Updates: The process of installing new versions or patches of software to improve functionality, fix bugs, enhance security, or add new features. Software updates can be applied to operating systems, applications, and firmware, ensuring that the software remains up-to-date and secure. Link to Linux.
Software Wallet: A type of cryptocurrency wallet that is software-based and can be installed on a computer or mobile device. Software wallets store the private keys locally on the device and provide an interface for managing and transacting cryptocurrencies. Examples include desktop wallets, mobile wallets, and web wallets. Link to Cryptography.
Spear Phishing: A targeted phishing attack aimed at a specific individual or organization. Unlike generic phishing attacks, spear phishing involves personalized messages that appear to come from a trusted source, making them more convincing. The goal is to trick the recipient into revealing sensitive information, such as login credentials or financial details, or to install malware. Link to Threats.
SSH (Secure Shell): A cryptographic network protocol used for secure communication over an unsecured network. It provides encrypted and authenticated remote login and other secure network services. SSH operates on port 22 and is commonly used for secure access to remote servers and devices. Link to Networking.
Subnet Mask: A 32-bit number used in IPv4 networking to divide an IP address into network and host portions. It helps determine which part of an IP address identifies the network and which part identifies the specific device (host) within that network. Subnet masks are typically represented in dotted decimal format (e.g., 255.255.255.0). Link to Networking.
Subnetwork: A segmented portion of a larger network, created by dividing an IP network into smaller, more manageable sections. Subnetting helps improve network performance and security by organizing and isolating network traffic. Link to Networking.
Symmetric Encryption Key: The secret key used in symmetric encryption algorithms to both encrypt and decrypt data. The security of symmetric encryption relies on the secrecy of this key, as anyone with access to the key can decrypt the encrypted data. Link to Cryptography.
Symmetric Encryption: A type of encryption where the same key is used for both encrypting and decrypting the data. It is efficient and fast, making it suitable for encrypting large amounts of data. However, the key must be kept secret and securely shared between the communicating parties. Link to Cryptography.
Tailgating: Gaining access to an unathorized area by following an authorized individual. The tailgater relies on the fact that the authorized individual will fail to challenge somebody who does not have valid credentials. Link to Threats.
tar: A Unix-based utility and file format used to create and manipulate archive files. The tar command stands for "tape archive" and is commonly used to bundle multiple files and directories into a single archive file, often with a .tar extension. It does not compress files by itself but is often used in combination with compression tools like gzip or bzip2. Link to Linux.
TCP (Transmission Control Protocol): A core protocol of the Internet Protocol Suite that provides reliable, ordered, and error-checked delivery of data between applications running on hosts in a network. It ensures that data is transmitted accurately and in the correct sequence. Link to Networking.
tcpdump: A command-line packet analyzer tool used to capture and display network traffic. It allows users to filter and analyze packets on a network interface, making it useful for network diagnostics and troubleshooting. Link to Networking.
Technical Controls: Security measures implemented through hardware and software to protect information systems. These controls include firewalls, encryption, access control mechanisms, and intrusion detection systems. Link to Management.
Telnet: A network protocol used to provide bidirectional interactive text-based communication between two computers over a network. It operates on port 23 and is considered insecure because it transmits data, including passwords, in plaintext without encryption. Link to Networking.
Terminal: A software application or hardware device that provides a command line interface for interacting with the operating system. Terminals allow users to execute commands, run scripts, and manage system processes. Examples include GNOME Terminal, Windows Command Prompt, and macOS Terminal. Link to Linux.
Text File: A file that contains plain text without any special formatting or binary data. Text files are typically used for storing readable content such as code, configuration settings, and documentation. They can be created and edited using simple text editors and are often saved with extensions like .txt, .md, or .log. Link to Linux.
Threat: Any potential danger that can exploit a vulnerability to cause harm to a system, network, or organization. Threats can be intentional, such as cyber attacks, or unintentional, such as natural disasters or human errors. Link to Management.
TLS 1.2 (Transport Layer Security 1.2): A old version of the TLS protocol that provides secure communication over a computer network. TLS 1.2 improved upon previous versions of TLS, but allowed for less secure key exchange such as RSA. Link to Cryptography.
TLS 1.3 (Transport Layer Security 1.3): The latest version of the TLS protocol, offering enhanced security and performance over previous versions. TLS 1.3 simplifies the handshake process, reduces latency, and removes outdated cryptographic algorithms, making it more secure and efficient. Link to Cryptography.
traceroute: A network diagnostic tool used to track the path that data packets take from a source to a destination across an IP network. It works by sending packets with incrementally increasing Time-To-Live (TTL) values and records the IP addresses of the intermediate devices (hops) that handle the packets. This helps identify the route and measure transit delays. The Windows equivalent is tracert. Link to Networking.
tracert: The Windows command-line utility equivalent to Linux's traceroute. It performs the same function of tracing the path that data packets take from the source to the destination and provides information about each hop along the way. Link to Networking.
tshark: The command-line version of Wireshark. It provides similar functionality for capturing and analyzing network traffic but is used in terminal environments, making it suitable for scripting and remote analysis. Link to Networking.
Ubuntu Linux: A popular and user-friendly Linux distribution based on Debian. Developed by Canonical Ltd., Ubuntu is known for its ease of use, regular updates, and strong community support. It is suitable for both desktop and server use and is widely adopted by individuals and organizations. Link to Linux.
UDP (User Datagram Protocol): A core protocol of the Internet Protocol Suite that provides a connectionless, lightweight method for sending data packets. Unlike TCP, it does not guarantee delivery, order, or error-checking, making it suitable for applications where speed is more critical than reliability. Link to Networking.
Unauthorized Hackers: Hackers who engage in malicious activities without any authorization. They exploit vulnerabilities for personal gain, financial profit, or to cause harm. Link to Intro.
Unix: A powerful, multiuser, multitasking operating system originally developed in the 1960s and 1970s at AT&T's Bell Labs. Unix has influenced many other operating systems, including Linux, and is known for its stability, portability, and security features. Link to Linux.
User Applications: Applications that users start. They typically have a graphical or command-line interface. Link to Windows.
User Mode: A restricted mode of operation for the CPU where applications and user-level processes run. In this mode, access to system resources is limited, and operations that require higher privileges must be requested through system calls to the kernel. This separation helps ensure system stability and security by preventing user applications from directly interacting with hardware or critical system components. Link to Hygiene.
Variable: A named storage location in a program that holds a value. Variables allow programmers to store, retrieve, and manipulate data. The value of a variable can change during the execution of a program. Variables are fundamental to programming and are used to represent data that can be used and modified by the program. Link to Python.
Vigenere Cipher: A method of encrypting alphabetic text by using a simple form of polyalphabetic substitution. It employs a keyword, where each letter of the keyword shifts the corresponding letter of the plaintext by a number of positions in the alphabet. The Vigenere cipher is more secure than simple substitution ciphers but can still be broken with frequency analysis. Link to Cryptography.
vim Insert Mode: A mode in vim where users can insert and edit text. In Insert Mode, keystrokes are interpreted as text input rather than commands. Users can enter Insert Mode from Normal Mode by pressing keys such as i (insert before the cursor), a (append after the cursor), or o (open a new line below the cursor). Link to Linux.
vim Normal Mode: The default mode in vim where users can navigate the text, delete, copy, paste, and perform other text manipulation tasks. In Normal Mode, keystrokes are interpreted as commands rather than text input. Users can switch to Normal Mode by pressing the Esc key. Link to Linux.
vim: A highly configurable and powerful text editor for Unix-like operating systems. Vim stands for "Vi IMproved" and is an enhanced version of the older vi editor. It supports various modes for different types of text manipulation, extensive customization, and a wide range of plugins. Link to Linux.
Virus: A type of malicious software (malware) that attaches itself to a legitimate program or file and spreads to other programs and files when executed. It can cause harm by corrupting or destroying data, stealing information, or disrupting system operations. Link to Windows.
Vishing: Phishing using a traditional voice phone call. The attacker may purport to be a representative of a company, such as a bank, law enforcement agency, or the IRS. Link to Threats.
Visual Programming: A programming paradigm that allows users to create programs by manipulating graphical elements rather than writing text code. Visual programming environments provide a more intuitive way to design and develop software, often using drag-and-drop interfaces to connect different components. Examples include Scratch, LabVIEW, and Blockly. Link to Python.
Visual Studio Code: A free, open-source code editor developed by Microsoft. It is lightweight yet powerful, supporting a wide range of programming languages and development tasks. Visual Studio Code offers features such as syntax highlighting, code completion, debugging, and integrated Git support. It is highly extensible through a vast library of extensions available in the Visual Studio Code Marketplace. Link to Python.
Vulnerability: A weakness or flaw in a system, application, or network that can be exploited by a threat actor to gain unauthorized access or cause harm. Vulnerabilities can result from software bugs, misconfigurations, or inadequate security practices. Link to Management.
Warm Site: An offsite facility that is partially equipped with hardware and network connectivity, but may not have the latest data or fully configured systems. Warm sites require some setup and data restoration before they can take over business operations, offering a balance between cost and recovery time. Link to Management.
Web 1.0: The first generation of the World Wide Web, characterized by static web pages and limited user interaction, primarily focused on information dissemination. Link to Intro.
Web 2.0: The second generation of the World Wide Web, emphasizing user-generated content, usability, and interoperability, leading to the rise of social media, blogs, and collaborative platforms. Link to Intro.
Whaling: A type of spear phishing attack that targets high-profile individuals within an organization, such as executives, CEOs, or other senior officials. Whaling attacks are highly customized and often involve detailed research to craft convincing messages that exploit the authority and access of the targeted individuals. The objective is usually to steal sensitive information, commit fraud, or gain access to critical systems. Link to Threats.
While Loop: A control flow statement that repeatedly executes a block of code as long as a specified condition is True. In Python, a while loop continues to execute the code block until the condition evaluates to False. Link to Python.
White Hat Hackers: Legacy term for authorized hackers--hackers who have explicit permission to assess security. Link to Intro.
Windows Command Prompt: A command-line interpreter application available in most Windows operating systems. It allows users to execute commands to perform various tasks, such as file manipulation, system configuration, and running scripts. It is accessed by typing cmd in the Run dialog or search bar. Link to Windows.
Windows Defender: A built-in antivirus and anti-malware component of Microsoft Windows. It provides real-time protection against a variety of threats, including viruses, spyware, and other malicious software. Link to Windows.
Windows Explorer: A file management application included with Microsoft Windows operating systems, allowing users to browse, manage, and organize files and folders on their computer. Link to Windows.
Windows Folder Permissions: Settings that determine the level of access users and groups have to folders and files on a Windows operating system. These permissions control actions such as reading, writing, modifying, and executing files within a folder. Link to Windows.
Windows Task Manager: A system monitor and performance tool included with Microsoft Windows operating systems. It provides information about running applications, processes, and services, as well as system performance metrics. Link to Windows.
Wireless Access Point (WAP): A networking device that allows wireless devices to connect to a wired network using Wi-Fi. It extends the wireless coverage of an existing network and can be connected to a router or switch. Link to Networking.
Wireless Router: A device that combines the functions of a router and a wireless access point. It provides wireless connectivity to devices within a local area network (LAN) and routes data between the wireless network and other networks, such as the internet. Link to Networking.
Wireless SSID (Service Set Identifier): A unique identifier or name assigned to a wireless network (e.g., MyHomeWiFi). It allows devices to distinguish between different Wi-Fi networks in the same area. Users select the SSID when connecting to a wireless network. Link to Networking.
Wireshark Capture Filter: A set of criteria used to specify which packets should be captured by Wireshark during a packet capture session. Capture filters are applied before the data is collected, allowing users to focus on specific types of traffic and reduce the amount of data captured. Link to Networking.
Wireshark Display Filter: A set of criteria used to specify which packets should be displayed in Wireshark after the data has been captured. Display filters allow users to focus on specific packets of interest within a larger capture file, making it easier to analyze and troubleshoot network issues. Link to Networking.
Wireshark TCP Stream: A feature in Wireshark that allows users to follow and analyze the sequence of packets that make up a single TCP connection. It reconstructs the data flow between two endpoints, providing a clear view of the communication within that TCP session. Link to Networking.
Wireshark: A popular open-source network protocol analyzer used for network troubleshooting, analysis, and education. It captures and displays data packets in real-time, allowing users to inspect the details of network traffic. Link to Networking.
Working Directory: The current directory in which a user or a process is operating. It serves as the reference point for relative paths. Commands and operations performed in the terminal or command line interface are executed relative to the working directory unless an absolute path is specified. Link to Linux.
WPA2 Enterprise (Wi-Fi Protected Access 2 - Enterprise): A security protocol for wireless networks that uses an authentication server (typically RADIUS) to authenticate users individually. It provides enhanced security and is commonly used in larger organizations and enterprise environments. Link to Networking.
WPA2 Personal (Wi-Fi Protected Access 2 - Personal): A security protocol for wireless networks that uses a pre-shared key (PSK) for authentication. It provides strong encryption and is commonly used in home and small office networks. Link to Networking.
zip: A widely-used archive file format that supports lossless data compression. The zip format can contain multiple files and directories, and it compresses them to reduce storage space. Link to Linux.