Glossary

Glossary of Technology Terms

0-9 | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

0-9

A

Access Control

Access controls provide users with rights and/or privileges to access and perform functions using information systems, applications, programs, or files. Access controls should enable authorized users to access the minimum necessary information needed to perform job functions.

ACK

The acknowledgement packet can be used by either the client or server to acknowledge that a series of messages/packets have been successfully received.

Administrative Safeguards

Administrative safeguards are the policies and procedures that help protect against a breach. They determine documentation processes, roles and responsibilities, training requirements, data maintenance policies and more. Administrative protections ensure that the physical and technical protections are implemented properly and consistently.

B

Backlink

A backlink is a link from one website to another. Search engines use backlinks to indicate ranking because it may indicate higher quality content. Valuable backlinks on high indexed websites can help to increase a site’s ranking and visibility in search engine results.

Business Continuity

Business continuity is about having a plan to deal with difficult situations, so your organization can continue to function with as little disruption as possible. Whether it's a business, public sector organization, or charity, you need to know how you can keep going under any circumstances.

C

Checksum

This value is what gives TCP integrity. A mathematical calculation is made where the output is remembered. When the receiving device performs the mathematical calculation, the data must be corrupt if the output is different from what was sent.

Clearnet

Clearnet refers to the indexed web that is generally publicaly accessible to individuals. This excludes the darknet and deep web (even though the deep web is publicly accessible) and is often considered the opposite of the darknet.

Compliance

In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that organizations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws, policies, and regulations.

D

Disaster Recovery

Disaster Recovery involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster.

Disinformation

Disinformation, in privacy and security work, is the intentional provision of inaccurate information.

DDoS

Distributed Denial of Service. In a DDoS attack, service is made unavailable by flooding the target with requests, overloading the target so legitimate requests can't get through.

DNS

DNS (Domain Name System) provides a method to communicate with devices on the internet without remembering their complex IP address. FOr example, instead of remembering 122.12.11.233, we use names like aegisec.org to connect to the server our aegisec.org website is on.

Doxing

Doxing or doxxing. The act of publicly revealing private personal information about an individual or group, such as full name, address, phone number, place of work, etc. Typically found by utilising OSINT techniques.

E

Encryption

Encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Only authorized parties can decipher a ciphertext back to plaintext and access the original information.

F

FTP

This protocol is used by a file-sharing application built on a client-server model, meaning you can download files from a central location.

  • Port 21

G

GUI

Graphical User Interface: A visual representation of communication presented to the user for simpler interaction with a computer or other electronic or tech devices. This is in lieu of a command line interface in which text-based commands would be input.

H

HIPAA

The Health Insurance Portability And Accountability Act (HIPAA) was signed into law in the year 1996, by President Bill Clinton. It is a legislation which provides security provisions and data privacy, in order to keep patients' medical information safe.

HIPAA Breach Notification Rule

The HIPAA (Health Insurance Portability and Accountability Act) Breach Notification Rule mandates that covered entities and their business associates notify patients and HHS (U.S. Department of Health & Human Services) following a breach of the individuals’ unsecured protected health information (PHI).

HIPAA Enforcement Rule

The U.S. Department of Health and Human Services' (HHS) HIPAA Administrative Simplification Enforcement Rule contains rules on compliance, investigations, hearings, and penalties for violations. It also details the procedures and amounts for imposing civil money penalties on covered entities that violate any HIPAA Administrative Simplification requirements.

HIPAA Omnibus Rule

The Omnibus Rule is a composite of four closely related final rules. Its primary purpose is to implement Health Information Technology for Economic and Clinical Health Act mandates. The act is part of the American Recovery and Reinvestment Act of 2009, and provided for the EHR adoption and meaningful use incentives.

HIPAA Privacy Rule

The HIPAA Privacy Rule establishes national standards to protect individuals' medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.

HIPAA Security Rule

The HIPAA Security Rule establishes national standards to protect individuals' electronic personal health information that is created, received, used, or maintained by a covered entity.

HTTP/HTTPS

HyperText Transfer Protocol - The browser uses this to download text, images, videos, and all other webpage content. HTTPS is the same, but stands for secure utilizing encryption.

  • Port 80: HTTP
  • Port 443: HTTPS

I

J

K

L

M

N

O

OSINT

Open-source intelligence is a method for collecting and analyzing information from publicly accessible sources for use in intelligence. This refers to data acquired through purely public sources rather than classified or covert sources.

OSINT differs from research in that it applies intel processes to create knowledge supportive of a specific goal.

OSI Model

The OSI model stands for Open Systems Interconnection Model, is the framework for how networked devices send, receive, and interpret data. The model consists of 7 layers. Review this section for more on the OSI Model

P

Q

R

RAT

A RAT stands for remote administration tool or remote access trojan. In the first case (remote administration tool), this refers to any method of controlling a computer from a remote location. RAT and remote access trojan refers to a type of malware that controls a system through a remote network connection.

Noteworthy RAT Malware:

  • PoisonIvy
  • Sub Seven
  • Beast Trojan
  • Bifrost
  • Blackshades
  • DarkComet
  • Back Orifice

RDP

Remote Desktop Protocol - This protocol is a secure means of logging in to a system using a visual desktop interface (as opposed to the text-based limitations of the SSH protocol).

S

SEO

Short for Search Engine Optimization, which is the process of improving the quality and quanitity of traffic to a website or web page from search engines. This method targets unpaid traffic results, referred to in digital marketing as "organic" traffic or results.

SMB

This protocol is similar to the File Transfer Protocol (FTP); however, as well as files, SMB allows you to share devices like printers.

  • Port 445

SOCMINT (Social Media Intelligence)

Gathering intelligence from social media platforms, including posts, comments, profiles, and interactions.

Source Port

This value is the port opened by the sender to send the TCP packet from. This value is chosen randomly (out of the ports from 0-65535 that aren't already in use at the time).

SQL Injection

SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).

SSH

This protocol is used to securely login to systems via a text-based interface for management.

  • Port 22

SYN

A SYN message is the initial packet sent by a client during the handshake. This packet is used to initiate a connection and synchronise the two devices together

SYN/ACK

This packet is sent by the receiving device (server) to acknowledge the synchronisation attempt from the client.

T

TCP

TCP (or Transmission Control Protocol for short) is another one of these rules used in networking.This protocol is very similar to the OSI model that we have previously discussed in room three of this module so far. The TCP/IP protocol consists of four layers and is arguably just a summarised version of the OSI model.

These layers are:

  • Application
  • Transport
  • Internet
  • Network Interface

Time to Live (TTL)

This field sets an expiry timer for the packet, so it doesn't clog up your network if it never manages to reach a host or escape

U

V

W

X

Y

Z

Network Segmentation and Vlans