Lecture 1: Terms & Concepts

Terms you should know

Paul Krzyzanowski

September 11, 2020

- CIA Triad - Confidentiality - Privacy - Secrecy - Integrity - Data integrity, origin integrity, system integrity - Availability - Exfiltration - Hack-back - Prevention - Detection - Recovery - Forensics - Security Policy - Policy Language - Security Mechanism - Assurance - Security Architecture - Security Engineering - Risk Analysis - Vulnerability - Attack Vector - Exploit - Attack - Attack Surface - Threat - Adversary - Malicious Insider - White Hat vs. Black Hat Hackers - Disclosure - Deception - Disruption - Usurpation
- Snooping (Eavesdropping) - Modification (Alteration) - Masquerading (Spoofing) - Repudiation of Origin - Denial of Receipt - Delay - Denial of Service - Action at a Distance - Asymmetric Force - Anonymity - Lack of Distinction - Botnet - Command and Control Server - Social Engineering - Ransomware - Cryptojacking - Threat Matrix - Opportunistic vs. Targeted Threats - Unskilled vs. Skilled Threats - Stuxnet - Air Gap - Threat Models - Trusted Computing Base (TCB) - Supply Chain - Meltdown & Spectre - Security Theater - Principal (from the reading) - Subject (from the reading) - Authenticity vs. Integrity (from the reading)
Last modified September 12, 2020.

© Paul Krzyzanowski. All rights reserved.

For questions or comments about this site, contact Paul Krzyzanowski, gro.kp@ofnibew

recycled pixels

The entire contents of this site are protected by copyright under national and international law. No part of this site may be copied, reproduced, stored in a retrieval system, or transmitted, in any form, or by any means whether electronic, mechanical or otherwise without the prior written consent of the copyright holder. If there is something on this page that you want to use, please let me know. Any opinions expressed on this page do not necessarily reflect the opinions of my employers and may not even reflect my own.

Page design derived from: HTML5 UP.