Access Control List (ACL)

A list of rules that allow or deny network traffic based on criteria such as IP address

Authentication

The process of verifying a user’s identity.

Authorization

Determining what resources an authenticated user can access.

Availability

Ensuring systems and data are accessible when needed.

Banner Grabbing

A technique used to gather system information from network services.

Buffer Overflow

An attack where excessive data overwrites memory buffers.

CIA Triad

Three fundamental goals of security: Confidentiality, Integrity, Availability

Countermeasure

A safeguard used to reduce or eliminate vulnerabilities.

Covert Channel

A hidden communication path used to bypass security controls.

Defense in Depth

Using multiple layers of security to protect systems.

Denial of Service (DoS)

An attack designed to disrupt system availability.

Distributed Denial of Service (DDoS)

A DoS attack launched from multiple compromised systems.

DMZ (Demilitarized Zone)

A network segment used to host systems accessible from the internet.

Firewall

A system that monitors and controls network traffic based on security rules.

Hardening

Reducing system vulnerabilities by disabling unnecessary services and strengthening configurations.

IDS (Intrusion Detection System)

A system that detects and alerts administrators about suspicious activity.

IPS (Intrusion Prevention System)

A system that automatically blocks malicious activity.

Integrity

Ensuring information has not been altered improperly.

Latency

The delay in data transmission across a network.

Least Privilege

Granting users only the minimum permissions required.

Man-in-the-Middle Attack

An attack where communication between two parties is intercepted.

Network Address Translation (NAT)

Allows private IP addresses to communicate with the internet.

Nonrepudiation

Ensuring someone cannot deny performing an action.

Socket

The combination of an IP address and port number.

Topology

The layout of devices in a network.

Reconniassance

Gathering information about the target

Scanning

Identifying live hosts and detecting open ports

Enumeration

Extracting system details such as users or services

Attacking

Exploiting vulnerabilities

OSI Layer 1

Physical

OSI Layer 2

Data Link

OSI Layer 3

Network

OSI Layer 4

Transport

OSI Layer 5

Session

OSI Layer 6

Presentation

OSI Layer 7

Application

Intranet

Internal trusted network

DMZ

Hosts systems accessible from outside networks

Internet

Lowest trust level

DoS

An attack that attempts to make a system or service unavailable by overwhelming it with traffic or requests.

DDOS

A denial-of-service attack launched from multiple compromised systems to overwhelm a target.

Buffer overflow

An attack where excessive data overwrites a memory buffer, potentially allowing code execution or system crashes.

Replay attack

An attack where valid data transmissions are maliciously repeated or delayed to gain unauthorized access.

Eavesdropping

Intercepting and listening to private network communications without authorization.

Session hijacking

Taking control of a valid user session to gain unauthorized access to a system or account.

Man-in-the-middle attack

An attack where communication between two parties is secretly intercepted and possibly altered.

Spoofing

Impersonating another device, user, or system (such as an IP address) to gain unauthorized access or deceive systems.

SQL injection

An attack where malicious SQL code is inserted into input fields to manipulate or access a database.

Cross-site scripting

A web attack where malicious scripts are injected into trusted websites and executed in a user’s browser.

Ping

Test connectivity between devices

tracert/traceroute

Shows the path packets take through networks

ipconfig/ifconfig

Displays network interface configurations

netstat

Displays network connections and ports