The road to cybersecurity is a path that takes you from a zero IT background to becoming someone who understands the theory behind cyber-attacks and security protocols, to knowing how to put in action the industry’s best practices, and to learning a whole new vocabulary filled with new words, acronyms, and even phrases with particular meanings. As part of our effort to help you go through this road more smoothly, we have crafted a glossary with 20 cybersecurity terms you should definitely learn if you want to become a success in front of the eyes of recruiters, teammates, and even your future boss.
20 Cybersecurity Terms for Entry-Level Professionals
- Anti-Phishing: refers to the efforts of blocking phishing attacks. Phishing is a type of cyber-crime where the attacker poses as known or trusted entities while contacting (email, phone, text) an individual to get ahold of sensitive information.
- Bot/Botnet: a botnet is a network of computers infected by malware under the control of a single attacking party. Bot refers to each machine under the control of the attacker or bot-herder.
- Breach: refers to an incident that results in unauthorized access to sensitive information and data in computers, networks, and/or devices.
- DoS/DDoS: a Denial-of-Service is a security incident in which a server is flooded with malicious traffic and data resulting in an unavailable website. A Distributed Denial-of-Service (DDoS) is not other than a DoS attack using multiple computers or machines to flood the targeted resource.
- Encryption: the process of encoding data or converting it into secret codes only accessible to authorized parties that can decipher it and access the original information.
- Ethical Hacking: legally breaking into computers, networks, and/or devices to test their security protocols and discover vulnerabilities.
- Firewall: a network security system that filters and blocks outsiders from accessing private data on your devices. It creates a barrier between trusted and untrusted networks.
- IP Spoofing: an attack in which a hacker modifies the source address of a packet header to hide the sender’s identity and/or launch a DDoS attack.
- Malware: also known as malicious software, designed to damage or enable unauthorized access to a computer system.
- Phishing: a type of cyber-crime where the attacker poses as known or trusted entities while contacting (email, phone, text) an individual to get ahold of sensitive information.
- Ransomware: a form of malware that encrypts a victim’s files in exchange for a ransom. Usually, the victim receives instructions of what and how to pay to gain their access back.
- Rootkit: considered one of the most dangerous attacks in cybersecurity. It is a type of malware designed to stay undetected in a computer or software designed to enable access and control.
- Single Sign-On (SSO): refers to an authentication scheme in which a user has a single ID and password for several software systems.
- Spoofing: a type of cyber-attack in which a scammer disguises himself to gain access to data, computers, or software.
- Spyware: a category of malware designed to secretly gather information about a person or organization and share it with a third party.
- SSL Decryption: is the ability to inspect encrypted traffic and confirm that no malicious content is delivered.
- Virtual Private Network (VPN): encrypted connection over the Internet from a device to a network that ensures that sensitive data is safely transmitted.
- Virus: a malicious piece of computer code designed to alter the way a computer operates.
- Vulnerability Scanning: an automated inspection that looks for and reports potential weaknesses in computers, networks, and communications equipment.
- Worm: type of malware that can self-replicate from computer to computer or networks.
Understanding these basic cybersecurity terms is key for anyone who wants to get started in the cybersecurity working field. Not only are they are asked in any job interview, but they will help you understand other content.