APTs: Advanced Persistent Threats; malware that infects and stays in a network to slowly siphon data over a long period of time without being detected
Bots: Autonomous programs that are sent out by attackers to infect machines (see botnets)
Botnets: A network of computers compromised by bots; this network can be used to perform attacks such as DoS. The computers in the net are called zombies (see Zombie Computers)
BYOD: Bring Your Own Device; A system where each person brings their own device to a network. This can be good since the person will be comfortable with the machines (OS, Price, Features etc.) but bad since it could be network vulnerability.
DoS / DDoS attacks: (Distributed) Denial of Service; Preventing a network program, website or resource from being used by its intended users.
Firewalls: A program or harware that filters data coming in from the Internet to block threats in real time.
IDS: short for Intrusion Detection System; IDSs are in-line or embedded into the network’s data traffic flow and can actively prevent and block any malicious activity that occurs.
IPS: short for Intrusion Prevention System; – IPS is an extension to IDS because it incorporates IDS but also tries to do something against the threat rather than simply detect and notify. Multiple types of IPS and IDS exists; some can monitor entire networks, some are only wireless-based, and some are specific to certain machines (host-based).
IM: Instant messaging; a form of immediate communication between devices.
Malware: Any software distributed with malicious intent
Man-in-the-middle: MIM attacks are carried out by a third party intercepting the communication of two devices without them knowing. Using asynchronous cryptography as an example, the MIM can intercept the public keys of the two devices and pass on his own instead, thereby making the devices encrypt their data with his key instead of the real one, which lets him read the data.
Packet-filtering: A system of data security where individual incoming packets are scanned so that they do not compromise a network.
Proxy server: Proxy server is the server that acts behalf of the original, redirecting to a certain website
Script kiddies: Script kiddies are amateur computer users who copy-paste malicious code into their “own” malicious programs, often not knowing what they do.
SIEM: SIEM is an acronym for Security Information and Event Management. SIEM is the integration of real-time monitoring and analysis systems into software. It gives the program the ability to create security alerts and keep a record of activity in a log that may be accessed at any time, among other abilities.
Smurf attacks: A type of DoS which uses Internet Control Message Protocol in which the nodes send pings to other nodes to see if they are operational. Smurf attack uses millions of pings, and overwhelms the system, making it denial of service, as they have to respond to every ping they receive.
Spam: Unsolicited mail that nowadays often contains links to or files infected with malware.
SSL: Secure Sockets Layer Protocol - The predecessor of TLS (see below). There are versions 1.0, 2.0, and 3.0, but it is advisable to use TLS 1.1, 1.2, or 1.3 instead for better security.
Stack-based buffer overflow: An error that occurs when a program writes to a memory address on the program's stack outside of its data structure, which causes the program to crash. This can be used as an attack to cripple network security.
SYN flood: Flooding a target server with massive amounts of SYN (synchronization) requests to render it unable to deal with legitimate requests.
Threat landscape: The threat landscape is the outlook of the threats that are present today. Today, threats are much more serious and complex, to seem as realistic as possible (people are not easy to fool anymore) and to avoid detection by network security.
Toolkits: A set of software tools used to create programs; in context of network security they are a set of software for tailor-making your own viruses for specific purposes and network security types.
TLS: Transport Layer Security Protocol - A security protocol that uses certificates, random numbers, and asymmetric cryptography to authenticate both parties and agree upon a symmetric key to use for the rest of the secure communication session.Vulnerability: Weaknesses or "holes" of networks/systems, through which bots and worms, for example, could get into the system to perform an attack.
Whitelisting: Compiling a list of safe websites and programs and allowing only those to connect with a network and communicate over it (and blocking all others)
Worm: An often malicious quickly self-replication program primarily used to slow down networks with their sheer numbers and infecting ability. Worms have often brought down large computer networks in the past. Worms also bring a network down to a point that other threats can infiltrate the now downed network.
Zero-day attack/vulnerability: An attack on a network or computer system which has never seen before, and therefore cannot be identified and dealt with.
Zombies/zombie computers: Computers infected by bots (see bots) that are often clumped together into a botnet (see botnet).