Cybersecurity Terms You Should Know – Part 2

Cybersecurity requires a ton of knowledge across many different areas and seemingly all at once. This short series of articles aims to give newer friends some guidance. If I did something dumb, please let me know on twitter @digibeard_yt or you can email at howdy@digibeard.io. Let’s Go!

Here’s Part 1, if you’d like to start at the beginning.

Dictionary Attack

An attack on a system with a pre-defined list of information, usually username and password combinations or password hashes.

Dumpster Diving

The act of finding sensitive information in the dumpster or shred bins.

Denial of Service(DoS)/Distributed Denial of Service(DDoS)

A single machine preventing access to a resource by sending too many requests is a denial of service. When multiple machines across a wide area send too many requests, it’s a distributed denial of service attack.

DevSecOps

A form of systems designs where you combine DEVelopers and SECurity with OPerations to form your initial system design.

Directory Traversal

This is a type of vulnerability where an attacker gains access to files and folders present on the server. You could also exploit the server to display system configurations or passwords.

Domain Name System (DNS)

DNS is the translator standing between humans and computers. DNS works by looking up the IP address for Google and making it into 8.8.8.8.

DNS Spoofing

DNS spoofing is an attack technique where you hijack a legitimate request to a site and redirect the user to your malicious site. Often used by phishing attacks.

Encryption

Encoding and decoding messages with a secret key that only appropriate persons can read the message.

Exploit

A piece of code that takes advantage of a vulnerability present on the target system. Buffer overflows, for example, can get you root access on the server.

Enumeration

The action of establishing the number of something. In cybersecurity, this usually stands in for mapping out a network after gaining access to a single system.

Footprinting

This is a method of information gathering through active methods such as scanning and enumeration.

Flooding

Sending an extreme amount of data to a target system in an attempt to exhaust all resources and render the system inaccessible. This could be a Denial of Service attack by a different name.

Firewall

A software or hardware filter that can be configured to prevent many different sorts of attacks.

Fork Bomb

A technique which forks processes infinitely on a target system to exhaust all available resources and render the system unavailable.

Fuzzing

A form of vulnerability testing where one sends random data in an automated manner to see if a program has appropiate error handling capacity.

Here’s Part 1, if you’d like to start at the beginning.