Kathmandu – In today’s digital era, alongside the expansion of the internet, its dark sides and terrifying risks are continuously surfacing. Many naive users unknowingly fall into the complex traps of cybercriminals, while others face various troubles due to their inability to understand the sensitivity and fundamental principles of cyberspace.

This comprehensive cybersecurity glossary provides essential knowledge for staying safe in the digital world and avoiding potential threats. Understanding these critical terms has become indispensable for navigating cyberspace securely.

Authentication and Access Control Terms

Two-Factor Authentication (2FA)

Two-factor authentication is a security system that uses two different methods to verify user identity. The first element is typically a password that users remember, while the second element comes from an external device.

Examples include hardware tokens generating one-time passwords (OTP), smart cards, SMS messages to mobile phones, or biometric identifiers like fingerprints. This cybersecurity glossary term ensures that even if someone discovers your password, they cannot access your online account without the second authentication factor.

Authentication (Verification)

Authentication refers to the process of verifying user or information identity and validating the authenticity of provided information. In computing, this involves identifying individuals or systems using usernames, passwords, and other credentials. Authentication helps computer systems grant access authorization based on identity verification and prevent unauthorized access.

Backdoor

A backdoor is a secret method used by attackers to gain access to computers or networks. This cybersecurity glossary term describes programs designed to bypass security checks and enter computer systems, preparing for future attacks. Attackers can use backdoors to access computers or networks without proper authorization.

Malware and Threat Categories

Adware

Adware is software that continuously displays advertisements and pop-up windows on users’ computers or mobile devices, creating frustrating experiences. This cybersecurity glossary term represents software that can pose real threats to devices. Unwanted advertisements may contain malware or redirect users to malicious websites, increasing personal data theft risks.

Adware programs are often hidden in free software or shareware. These programs conceal themselves within systems and are difficult to detect. Uninstallation processes are typically unavailable, and manual removal attempts may damage original software.

Banker Trojan

A banker trojan is malicious computer program that steals sensitive personal information and passwords used for accessing online banking or payment accounts. This cybersecurity glossary entry describes software that secretly records banking details when users type them.

Botnet

A botnet is a network of hacked computers running malicious programs, controlled remotely by cybercriminals through command and control servers. This cybersecurity glossary term describes groups of unknowingly compromised computers used by controllers for illegal activities like DDoS attacks.

Brute-Force Attack

Brute-force attacks systematically attempt large numbers of character combinations until finding correct passwords or encryption keys. This cybersecurity glossary method reduces risk through limiting password entry attempts, such as allowing only three failed attempts followed by 15-minute delays.

Advanced Threat Terminology

Advanced Persistent Threat (APT)

APT represents sophisticated, long-term cyber attacks where attackers use advanced tools and techniques to infiltrate high-level networks, remaining undetected for weeks, months, or years while gathering information. This cybersecurity glossary term describes attacks typically conducted by resource-rich attackers aiming to cause significant economic and political damage.

Advanced Threat Protection (ATP)

ATP is a security solution protecting against sophisticated malware or hacking attacks targeting sensitive data. This cybersecurity glossary term includes both software and systematic security services, blocking threats that traditional antivirus cannot detect.

Attack Vector

Attack vectors represent collections of potential vulnerabilities that attackers can exploit to enter targeted systems. This cybersecurity glossary concept includes technical weaknesses and human behavioral factors that attackers skillfully exploit for network access.

Data Protection and Encryption

Archive Files

Archive files contain multiple other files, often compressed for storage or bulk downloading. ZIP and RAR files exemplify this cybersecurity glossary category. Users must exercise caution when downloading such files due to potential security risks.

Cache

Cache refers to temporary storage locations for various data. Web pages browsed are stored in browser cache directories on hard disks. This cybersecurity glossary term describes how browsers can retrieve recently browsed pages from cache rather than original servers, saving time and reducing network traffic.

CAPTCHA

CAPTCHA tests verify that website users are real humans, not bots. This cybersecurity glossary mechanism includes simple mathematical calculations and image-based questions that are difficult for bots to answer correctly.

Encryption/Decryption

Encryption converts readable data into coded format for security, while decryption reverses this process. These cybersecurity glossary terms are essential for maintaining information confidentiality and secure data transmission.

Network Security Concepts

Denial of Service (DoS)

DoS attacks overwhelm internet-connected machines or network resources with excessive traffic, disrupting services temporarily or indefinitely. This cybersecurity glossary term describes attacks that make services unavailable to legitimate users.

Distributed Denial of Service (DDoS)

DDoS attacks involve multiple computers overwhelming websites or online services with excessive traffic. This cybersecurity glossary concept describes how overloaded services cannot fulfill legitimate user requests, effectively shutting down websites temporarily.

Firewall Protection

Firewalls monitor and control incoming and outgoing network traffic based on predetermined security rules. This cybersecurity glossary tool creates barriers between trusted internal networks and untrusted external networks.

Digital Forensics and Investigation

Digital Forensics

Digital forensics involves collecting, preserving, analyzing, and presenting digital evidence in courts of law. This cybersecurity glossary field provides crucial tools for investigating various crimes, from computer-related offenses to traditional crimes leaving digital footprints.

Deleted Files

Individuals may delete files to destroy evidence, but file recovery depends on deletion methods. This cybersecurity glossary concept explains how forensic experts can often recover all or portions of deleted files in most cases.

Emerging Cybersecurity Threats

Cryptojacking

Cryptojacking occurs when hackers use hacked devices’ computing power to generate or “mine” cryptocurrency without owners’ knowledge. This cybersecurity glossary term describes mining through malicious program installation or various fileless malware types.

Clickjacking

Clickjacking tricks users into clicking different objects than intended on web pages. This cybersecurity glossary attack involves loading transparent pages over legitimate content, making victims think they’re clicking legitimate items while actually clicking attackers’ invisible pages.

Phishing Protection

Anti-phishing protects users from fraudulent websites that closely replicate legitimate sites, making detection difficult. This cybersecurity glossary tool provides security by detecting suspicious emails and blocking phishing websites.

Cloud and Modern Computing Security

Cloud Computing

Cloud computing refers to networks of remote servers hosted on the internet that store, manage, and process data instead of local servers or personal computers. This cybersecurity glossary concept revolutionizes how organizations manage their IT infrastructure.

Bring Your Own Device (BYOD)

BYOD policies allow employees to use personal devices like smartphones, tablets, and laptops for official business purposes and accessing organizational systems and data. This cybersecurity glossary trend requires careful security consideration.

Business Continuity and Risk Management

Business Continuity Plan

Business continuity plans detail how organizations operate during emergency situations like major cyber attacks. This cybersecurity glossary concept provides disaster recovery measures and strategies for maintaining normal business operations during significant cyber incidents.

Business Disruption

Business disruption refers to any interruption in normal operational processes or events. This cybersecurity glossary term describes how cyber attacks interrupt business operations and increase organizational risk exposure.

This comprehensive cybersecurity glossary serves as an essential reference for understanding digital security terminology and protecting against evolving cyber threats. Regular updates to cybersecurity knowledge remain crucial as threat landscapes continue evolving in our interconnected digital world.