Cybersecurity terms and definitions to know for certification prep, interviewing, and resume writing.
Cybersecurity is a branch of technology that focuses on protecting information and devices from malicious characters. Cybersecurity professionals use their technological skills to assess systems, patch weaknesses, and build systems that are secure against harm and theft.
You can use the terms in this cybersecurity glossary to familiarize yourself with essential terminology. Whether you’re preparing to earn a cybersecurity certification or interview for a new role, studying these cybersecurity terms and acronyms can help you feel more confident and prepared.
Study key cybersecurity terms and definitions in the glossary below.
Adware is a type of malware. It downloads to your device and displays advertisements based on your online activity or browsing history. Adware can appear as intrusive interstitials (pop-ups) and may slow down your device.
An advanced persistent threat, or APT, is a cybersecurity threat that establishes a long-term, unauthorized presence on a network or computer system. APTs pursue their objectives repeatedly through multiple types of cyberattacks.
Antivirus software is sometimes referred to as anti-malware. It is a program used to prevent, identify, and remove viruses and other malicious software from your computer. Examples of commonly used antivirus software include Norton and McAfee.
The term attack vector can be used to describe any technique a hacker uses to gain access to or harm a system.
Authentication is an identity verification process that verifies the identities of users, devices, and other entities within a computer system.
A botnet is a network of private computers infected with malicious software. A botnet may be controlled without the owner's knowledge or used to send spam messages.
A bug is an unintended software or hardware problem. These can be minor problems or error screens that don’t necessarily compromise a system. However, it can also be more significant and render a system inoperable.
Read more: Getting Started With Bug Bounties: 2024 Guide
Business continuity refers to an organization’s ability to continue with essential functions during a disruption, such as a cyberattack or natural disaster. A business continuity plan (BCP) is the protocol and processes an organization follows to ensure that operations continue with as little disruption as possible.
Scammers generate money using fake clicks. They will sometimes hire people and pay them to click on ads from several devices to earn affiliate or advertising cash for an app install or website visit.
Cloud computing refers to the delivery of computing and IT resources through the internet. Examples of these resources include data storage, servers, and development tools. Users and organizations typically pay a monthly fee to access these resources based on their specific cloud computing service needs and how frequently they will be used.
Cryptography is the practice of securing information and communication through writing and solving codes. It ensures that information is only readable to the party intended to read it. A cryptographer is responsible for converting plain data into an encrypted format.
Cyberattacks refer to attempts by hackers to cause harm, destroy, or access sensitive information in a computer system.
Cyber espionage is the use of computer networks to gain unauthorized access to sensitive information. Purposes may include spying, economic gain, or political motivation. Cyber espionage typically involves data held by a government or an executive organization.
The dark web or darknet is a part of the World Wide Web only accessible through special software or tools. This keeps its users and visitors hidden because they often exchange illegal and stolen information, such as people’s personally identifiable information. This information may include Social Security numbers, phone numbers, and credit card numbers.
Decryption is the process of converting coded or encrypted data to its original form. Decryption allows information to be understood without an encryption key.
Defense-in-depth is the concept of stacking several layers of security so backup protection is available if one fails.
A detection deficit is a gap between the time an attack occurs and the time it is discovered. This term refers to the severity of attacks and how long they can cause harm undetected.
DDoS, or distributed denial of service, occurs when a cybercriminal floods a server with traffic to prevent users from accessing a network, site, or system.
In cybersecurity terms, a domain is a group of connected computers. They typically share account information and security policies. A domain controller handles relevant administrative tasks.
Encryption is the process of converting information into a code to prevent unauthorized access. This practice helps hide sensitive information from those it is not intended for.
In cybersecurity, an endpoint is a physical device connected to a computer network. Examples of endpoint devices include mobile devices, desktop computers, and embedded systems.
These cybersecurity acronyms are used to describe a solution that continuously monitors and mitigates potential threats in endpoint devices.
Ethical hacking is sometimes referred to as white hat hacking. It describes authorized hacking that is meant to simulate malicious hacking. Ethical hacking helps organizations identify vulnerabilities in their cybersecurity systems, protocols, and processes.
In cybersecurity terms, an evil twin refers to a fraudulent Wi-Fi access point (AP). An evil twin attack occurs when someone disguises a fraudulent Wi-Fi AP as legitimate by mimicking a legitimate Wi-Fi network name and settings. Connecting to this network allows the attacker to eavesdrop and steal sensitive data.
A firewall is a network security device. It creates a barrier between a trusted network and an untrustworthy network. For example, a firewall can restrict internet traffic from accessing your private network. It acts like a gatekeeper, controlling incoming and outgoing traffic according to a predetermined set of security rules.
File transfer protocol or FTP refers to the policies organizations implement to regulate and secure file exchange.
A gateway is an intersection where networks with different transmission protocols meet. Gateways serve as the entry and exit points for all data, converting information from one format to another. For example, a Wi-Fi router is a gateway between your computer and your internet service provider’s network.
Read more: Information Technology Terms: A to Z Glossary
Guessing entropy is a measurement of difficulty. It is used to determine how many tries a hacker may need to guess a password or some other unknown variable.
A hacker is someone who tries to access data they aren’t authorized to view. Hackers can be cybercriminals (black hat hackers) or cybersecurity professionals attempting to secure a system by exposing its vulnerabilities (white hat hackers).
Identity theft occurs when someone gains unauthorized access to personal, identifying information and uses it maliciously. Someone committing identity theft may use the victim’s information to open new accounts, steal money, and damage their credit.
InfoSec stands for information security. It refers to a subcategory of cybersecurity that focuses on the practices, systems, and processes used to protect sensitive information.
The Internet of Things, or IoT, is a network of physical devices. These devices can transfer data to one another without human intervention. IoT devices are not limited to computers or machinery. The Internet of Things can include anything with a sensor assigned a unique identifier (UID).
An intrusion detection system, or IDS, is a monitoring device or software. It detects vulnerabilities, policy violations, and malicious activity in a system. An expanded IDS blocks threats and identifies them.
An internet protocol address, or IP address, is a string of numbers associated with a computer. IP addresses are used to identify each computer using the internet through a network.
An IP packet is sometimes referred to as a network packet. It is a unit of data that contains the information needed to transmit data between devices over a network. Similar to the way a postal envelope works, an IP packet contains information about where the data comes from, where it’s going, and other information that may help route it.
IP spoofing refers to disguising the source of IP packets, making it difficult to determine their origin. These IP packets can masquerade as a different computer or hide the sender’s identity. Hackers often use this tactic for DDoS attacks.
Malware is short for malicious software. Malware attacks are the most common form of cyberattack among businesses and organizations. It is designed to disrupt computer systems like mobile devices.
Malicious code is code designed to cause harm, create vulnerabilities, or otherwise threaten a system's security.
An operating system (OS) is system software that manages a computer’s resources and processes. They are also responsible for your computer’s ability to run and execute programs. Operating systems enable you to communicate with your computer without needing to speak your computer’s language.
The five Cs of cybersecurity refers to a framework for ensuring an organization's systems and data are secure. They are:
Change: Continuous adaptation is needed due to the constantly evolving nature of cyber threats.
Compliance: An organization mitigates legal risks and demonstrates integrity when it complies with industry and internal security policies and regulations.
Cost: Prioritizing budget expenditures on security is necessary to acquire needed tools, personnel, and training while balancing costs with available resources.
Continuity: Backup and recovery plans are essential for business operations to continue even during a cyberattack or its aftermath.
Coverage: Identifying all possible security vulnerabilities within an organization lowers the risk of attacks on networks, applications, devices, and data.
Penetration testers, or pen testers for short, perform simulated cyberattacks on a company’s computer systems and networks. These authorized tests help identify security vulnerabilities and weaknesses before malicious hackers have the chance to exploit them.
Phishing is a form of fraud that involves contacting victims through email, telephone, or text to trick them into sharing personal information. Typically, phishing scams aim to persuade victims to transfer money, reveal financial information, or share system credentials.
Programming refers to a technological process for telling a computer which tasks to perform in order to solve problems. You can think of programming as a collaboration between humans and computers, in which humans create instructions for a computer to follow (code) in a language computers can understand.
Ransomware is a form of malware. It is designed to block users from accessing a computer system until a sum of money has been paid.
A rootkit is a set of software tools that give users access to another machine without being detected.
Security engineering is the practice of designing and implementing core security measures in an information system. Security engineers build systems used to protect computer systems and networks and track incidents.
Social engineering occurs when a hacker gains a person's trust, then exploits this trust to gain access to data or systems. For example, a malicious character may pretend to be an organization's IT team member to access the network’s username and password.
Spoofing is when cybercriminals disguise their identity as a trusted source to exploit an unassuming user. For example, someone may pose as a legitimate website to steal usernames and passwords or use a fake email address to appear legitimate.
In cybersecurity terms, a threat assessment refers to an evaluation of an organization's risks and potential threats.
This term describes the use of two authentication methods to log into a system. Two-factor authentication prevents attackers from gaining access with just one exploited password. For example, you may still need to enter a code from an authenticator app after entering your password to log in.
A virus is a malicious program that infects computers without user knowledge or permission. Viruses have the ability to replicate themselves to spread to other computers.
A virtual private network or VPN is an encrypted internet connection. VPN services aim to provide a secure, private network connection for safe data transmission from network devices.
A vulnerability, in cybersecurity terms, refers to a weak point or flaw. Security vulnerabilities can arise in security procedures or processes or in a computer system or design.
This cybersecurity term describes recently discovered exploits, suggesting the company has just realized the exploit exists and has zero days to fix it.
Cybersecurity protects information and devices from unauthorized access through a combination of tools and techniques. You can learn in-demand cybersecurity skills on your own time from industry leaders in technology with the Microsoft Cybersecurity Analyst Professional Certificate or the IT Fundamentals for Cybersecurity Specialization from IBM and get qualified for one of the many open jobs in cybersecurity.
Editorial Team
Coursera’s editorial team is comprised of highly experienced professional editors, writers, and fact...
This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.