Glossary of Cyber Security Terms
Essential Vocabulary for Navigating the World of Cyber Security
C
Cache
A swift-access storage mechanism, potentially an independent high-speed storage device or a specific section of main memory, employed for storing and swiftly retrieving frequently accessed data.
Cache Cramming
A deceptive technique that prompts a browser to execute Java code stored in cache from the local disk rather than from the internet zone, enabling the code to run with more relaxed permissions.
Cache Poisoning
A cyberattack that involves storing malicious or deceptive data from a remote name server by another name server, often seen in DNS cache poisoning attacks.
Call Admission Control (CAC)
A characteristic of voice firewalls that inspects and governs all inbound and outbound voice network traffic according to user-defined guidelines.
Cell
In the realm of Asynchronous Transfer Mode (ATM) network, a cell represents a unit of data transmitted across the network.
Certificate-Based Authentication
The practice of using SSL and certificates to authenticate and encrypt HTTP traffic, boosting web security.
Common Gateway Interface (CGI)
A standard that guides how web server software can delegate web pages' generation to a console application. These applications are typically known as CGI scripts or simply CGIs and are often scripted in a scripting language.
Chain of Custody
Refers to the systematic documentation or trail illustrating the seizure, custody, control, transfer, analysis, and disposition of physical or electronic evidence.
Challenge-Handshake Authentication Protocol (CHAP)
An authentication mechanism that uses a unique challenge response approach where the response differs with each challenge to prevent replay attacks.
Checksum
A computed value based on the content of a data object. This value is transmitted or stored alongside the object, assisting in the detection of data changes.
Cipher
A cryptographic algorithm employed for the processes of encryption and decryption, safeguarding data integrity.
Ciphertext
The encrypted state of a plaintext message, rendering it unreadable without the appropriate decryption key.
Circuit Switched Network
A network configuration in which a direct, uninterrupted physical circuit connects two points. Once established, this route remains unchanged.
Client
A system or process that solicits a service from another system or process, commonly known as a server.
Cloud Computing
The technology enabling the use of a network of remote servers hosted on the Internet for storing, managing, and processing data, replacing the need for a local server or personal computer.
Cold Warm Hot Disaster Recovery Site
The different states of readiness for an organization's recovery site in a disaster scenario. A Hot Site is fully equipped to take over primary site operations within minutes or hours. A Warm Site maintains some redundancy but may require hours or days to become operational. A Cold Site is the least prepared and may take weeks or longer to become operational.
Collision
In the networking context, a condition that arises when several systems attempt to transmit data over the same medium simultaneously.
Competitive Intelligence
The practice of legally gathering intelligence about business competitors to gain a competitive edge.
Computer Emergency Response Team (CERT)
An organization specializing in researching computer and network security, providing incident response services, publishing vulnerability and threat alerts, and delivering additional information to enhance computer and network security.
Computer Network
A collection of computers, printers, servers, and other devices connected by communication protocols for sharing resources and information.
Confidentiality
A principle of security that ensures that information is only accessible to those authorized.
Configuration Management
The process of managing changes systematically so that a system maintains its integrity over time.
Cookie
A data piece sent from a website and stored on the user's computer by the user's web browser while the user is browsing. It is primarily used for tracking user activity.
Corruption
An activity that negatively modifies system functions or data, undesirably altering the system's operation.
Cost Benefit Analysis
A systematic method for evaluating the strengths and weaknesses of alternatives. This is used to ascertain options that provide the best approach to achieving benefits while maintaining savings.
Countermeasure
An action, process, device, or system that can prevent or mitigate the threats to a computer, server, network or computing environment.
Covert Channels
A form of communication channel that allows two collaborating processes to transfer information in a way that breaches the system's security policy.
Crimeware
A category of malware specifically designed to automate cybercrime. It acts as a toolkit to simplify the process for hackers to create their own viruses, trojans, and spam campaigns.
Cron
A utility in Unix and Linux that allows tasks to be run automatically in the background at regular intervals by the cron daemon.
Crossover Cable
A type of Ethernet cable used for connecting computing devices directly, bypassing the typical connection via a network switch, hub, or router, such as connecting two personal computers directly.
Cryptanalysis
The practice of analyzing information systems to uncover the hidden aspects of the systems. Cryptanalysis aims to breach cryptographic security systems and gain access to encrypted message contents, even in the absence of the cryptographic key.
Cryptographic Algorithm or Hash
An algorithm used in cryptography that leverages the science of encoding and decoding messages to maintain data security. This encompasses encryption algorithms, cryptographic hash algorithms, digital signature algorithms, and key agreement algorithms.
Cryptographic Hash Functions
Cryptographic hash functions are the maestros of data integrity, crafting unique checksums for larger data pieces, which can't easily be undone. They're vital for ensuring larger files remain untampered, with popular options being MD5 and SHA1.
Cut-Through
A switching technique used in networking devices where the switch forwards the packet before it has received the entire packet.
Cyclic Redundancy Check (CRC)
A method employed by computers to verify the accuracy of data on disks (hard disk drive, optical disks). It is used to detect unintentional changes to raw data in digital networks and storage devices.