Scribd
Upload
33 views3 pages

IEH - Glossary Terms

This document defines key terms related to ethical hacking. It provides definitions for over 20 terms including types of hackers (black hat, gray hat, white hat), security concepts (CIA triad, defense-in-depth), threats (human, natural, technology), and testing methods (penetration testing, external testing). The glossary aims to introduce readers to common language and concepts within the field of ethical hacking.

Uploaded by

Juan C. Battaglini S.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
33 views3 pages

IEH - Glossary Terms

This document defines key terms related to ethical hacking. It provides definitions for over 20 terms including types of hackers (black hat, gray hat, white hat), security concepts (CIA triad, defense-in-depth), threats (human, natural, technology), and testing methods (penetration testing, external testing). The glossary aims to introduce readers to common language and concepts within the field of ethical hacking.

Uploaded by

Juan C. Battaglini S.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Glossary Terms • Introduction to Ethical Hacking 1-800-418-6789

Introduction to Ethical Hacking


Glossary Terms
version 05132014

LearnSmart 1 http://www.learnsmartsystems.com
Glossary Terms • Introduction to Ethical Hacking 1-800-418-6789

Attack – occurs when a system is compromised based on a vulnerability by an unknown exploit

Availability – authorized personnel accessing the data at appointed times. Involves a comprehensive
planning of hardware, software, facility, people, and connectivity.

Black hat – malicious hackers that try to hack systems with malicious intent

CIA Triad – a model promoted to define and practice policies related to information security; uses
confidentiality, integrity, and availability

Confidentiality – keeping access to the information only to the intended audience; does two things:
ensures that the right people get the intended information and prevents sensitive information from
reaching the wrong people

Defense-in-depth – the use of layered security mechanisms; the layers could be data, applications,
host levels, Internet networks, perimeter levels, physical securities, etc.

Ethical Hacking – testing the resources for a good cause and for the betterment of technology;
another term for “penetration testing.”

Exploit – written to take advantage of a vulnerability; could be a piece of software; a technology; or


data that can cause damage or change the behavior of a computer

External Testing – focused on the server’s infrastructure and underlying software pertaining to the
target; can be performed with no prior knowledge of the site or with full disclosure of the topology
and environment

Gray hat – hackers that can aid companies in informing them about any vulnerabilities they have
found, but are not hired by the companies to perform such tests

Hacking – the skill of exploring various security breaches and posting unwanted content on websites,
stealing data, etc.; concentrates on exploits and vulnerabilities

Human threats – insiders who have authorization to access systems, and hackers who use exploits to
attack

Integrity – maintaining the sanctity of information and keeping the data accurate throughout its life,
whether it is on the same computer or shared over a network

Malware – any type of program that is created with the intent to cause damage, steal data, or abuse

LearnSmart 2 http://www.learnsmartsystems.com
Glossary Terms • Introduction to Ethical Hacking 1-800-418-6789

computer system resources; includes computer viruses, worms, and Trojan horses

Natural threats – can be a flood causing areas to be waterlogged, or a hurricane or a tornado causing
a lot of damage.; often impact the availability of systems

Patch – a fix to a vulnerability

Penetration Testing – uses the same methods a hacker uses to gain unauthorized access to a network
or system with a view to compromise them, but uses the methods to help companies

Script Kiddies – naïve hackers try hard to get their hands on such zero-day attacks, instead of writing
their own

Technology threats – caused by malware, zero-day attacks, exploits, or web attacks

Technology threats – caused by malware, zero-day attacks, exploits, or web attacks

Vulnerability – a weak link in the software, settings, etc., through which, if not fixed early, someone
can get access to the computer, application, and/or network and can cause damage

White hat – gets permission from the data owner before any hacking and use their hacking skills for
defensive purposes only. They use their knowledge and skills to locate weaknesses and implement
countermeasures and for defense purposes and preventing losses.

Zero-day Attack – exploits that have not been published

LearnSmart 3 http://www.learnsmartsystems.com

You might also like