The world of cybersecurity can sometimes be full of jargon, a natural feature of such a technical environment. It isn’t a bad idea to read up on important cybersecurity terms, so you can have a better appreciation of what goes on when system protection efforts are underway. Understanding these terms can also help you make sure that your cybersecurity provider is bringing in value for your money.
Here are some important cybersecurity terminologies you should know about:
Adware refers to software programs that display advertisements of some sort. It is typically related to a specific website that is cached in your web browser. Adware isn’t generally considered to be malicious in nature and is therefore not considered a virus. However, some adware may be coded to change the homepage of your browser to redirect to a specific website.
Attack scenarios are potential scenarios that enumerate and describe ways attackers may exploit vulnerabilities in a system.
Binary file virus
Binary file viruses, also called file infector viruses, are composed of binary instructions interpreted directly by the computer’s central processing unit (CPU). These viruses attach themselves parasitically to binary executable files.
Blended threats are attacks that use multiple methods for transmission and spreading. They tend to cause rapid and widespread damage, and protection from them would require multiple layers of defense and response mechanisms.
Bugs are programming errors in software programs. They often have unwanted side effects, such as security and compatibility issues.
A certificate authority (CA) is a third-party organization or company that confirms digital certificates that are necessary in the creation of digital signatures and public-private key pairs. A CA serves as the guarantor that the entity issuing the unique certificate is, in fact, who they claim to be. CAs are critical to data security and electronic commerce because they fact-check parties that exchange information, such as a buyer (through a payment facility like PayPal) and a seller (through a sales platform such as Amazon or eBay).
Challenge Handshake Authentication Protocol
The Challenge Handshake Authentication Protocol (CHAP) is an authentication technique wherein a server sends a “challenge” to a requester once a link between the two has been established. A server may be a corporate server that is used for official online functions such as banking, while a requester can be any user that requests access to information in the server, such as a banking client.
The requester responds to the challenge with a value obtained by using a one-way hash function (See: One-way hash), and the server checks the response by comparing it to its own calculation of the hash value. If the values match, the authentication is acknowledged and access is granted.
A denial-of-service (DoS) attack is a network-based attack wherein an intruder attempts to prevent legitimate users from using the network’s services, or simply deny legitimate users access to a computer or server. A DoS attacker typically executes a program that sends many request packets to a target server. This aims to flood the server’s processing capability to render the system unusable.
Some attackers ramp up their DoS attacks by first infecting other computers with malware, turning each one into a bot (See: Zombie). A set of such infected computers can be virtually strung together to create a botnet, which the attacker can use to hit their target, typically one that has a large enough server capability to overcome a simple DoS attack. This is called a distributed denial-of-service (DDoS) attack.
Encryption is a process of scrambling or encoding data in such a way that it prevents unauthorized users from reading or tampering with said data. The process makes use of an algorithm to convert sensitive data into a form that is unreadable except by authorized users. Encryption is necessary for the secure transfer of sensitive files and folders.
Embedded file virus
An embedded file virus attaches itself to a host data file with embedded executable content. To illustrate further: A program installer is an example of a host data file with executable content. These installers can sometimes be posted by third-party websites as available for download, and often contain an embedded file virus. When the installer is run, it will install the program as usual — except that it will also secretly run the embedded virus file, which can contain malware such as sniffers or spyware (See: Sniffers and Spyware).
Cybersecurity is the name of Arnet Technologies’ game. We arm your network with top-notch defense systems against destructive and malicious cyber attacks. Call today to schedule your consultation!