KnowBe4 Cybersecurity Awareness Training for Texas
Acceptable Use Policy (AUP)
A document that lists the restrictions and practices that a user must agree to and follow in order to use the organization’s network or the internet.
Adobe Flash Player
A free software program that allows the user to view multimedia.
Adobe Systems Incorporated
A multinational computer software company, headquartered in San Jose, California, United States.
Adobe Update
An updated version of one of Adobe’s software programs.
Advanced Persistent Threat (APT)
A network attack that is generally difficult to detect by network security controls; thus, allowing it to linger for a long period of time and steal data until it is discovered.
Adware
Software that automatically displays or downloads unwanted advertisements when a user is online, which allows it to collect marketing data without the user's knowledge or redirect search requests to certain advertising websites. Adware that does not notify the user and attains his or her consent is regarded as malicious.
Airplane Mode
A setting on cell phones, smartphones and other mobile devices that prevents the device from sending or receiving calls and text messages. Airplane mode is also known as offline mode, standalone mode and flight mode.
Antivirus Software
Computer software used to prevent, detect, and remove malicious software.
APT
See the definition for advanced persistent threat.
Attachment (Email Attachment)
A computer file that rides along with an email message. Attachments are widely used to transfer photos and documents to another person.
AUP
See the definition for acceptable use policy.
Authentication
A process that provides proof that the person who is trying to log in is, in fact, the correct person and authorized to access the network.
Backdoor
A small, malicious software program that gives an attacker unauthorized access to a computer so they can control it remotely.
Bad Actor
Refers to someone who attempts to infiltrate systems and data banks with malicious intent. Black hat hackers, social engineers and internet scam artists fall under this category.
Bad Guy(s)
A slang term for criminals.
Best Practice
A method or technique that has consistently shown results superior to those achieved with other means.
Bitcoin
A digital currency (also called “cryptocurrency”) that is not sponsored by any country’s central bank or government but can be traded for goods or services with vendors who accept Bitcoins as payment.
Bluetooth
A short-range radio technology (or wireless technology) that simplifies communications between devices and the internet.
Botnet
A botnet (short for robot network) is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to bring a network down, steal data, send spam, and allows the attacker to access the device and its connections.
Bring Your Own Device (BYOD)
The policy of allowing employees to use their personal devices like laptops, tablets, and smartphones for work.
Business Email Compromise (BEC)
A spear phishing attack that utilizes a compromised email address of an executive to request a wire transfer of funds or other sensitive info.
BYOD
See the definition for bring your own device.
Call-to-Action
Words that urge the viewer or listener of a sales promotion message to take an immediate action, such as “Write Now,” “Call Now,” or (on the internet) “Click Here.”
CEO
Chief executive officer.
CEO Fraud
A spear phishing attack that targets people in Accounting, in which the hacker claims to be the CEO (or other executive) and urges an employee to transfer large amounts of money.
Certificate
an electronic "password" that allows a person, organization to exchange data securely over the Internet using the public key infrastructure
CFO/CFOO
See the definition for chief financial officer/chief financial and operating officer.
Chief Executive Officer (CEO)
The highest-ranking person in an organization or other institution, who is ultimately responsible for making managerial decisions.
Chief Financial Officer (CFO)/Chief Financial and Operating Officer (CFOO)
A corporate officer primarily responsible for managing the financial risks of the organization but who is also responsible for financial planning and recordkeeping as well as financial reporting to higher management.
Chief Hacking Officer
An executive who is responsible for information technology security.
CIA Triad
Often referred to as the “pillar of information security,” the CIA Triad is equal parts confidentiality, availability, and integrity.
Classified Information
Sensitive information to which access is restricted by law or regulation to particular groups of people.
Click
To select an object by pressing the mouse button when the cursor is pointing to the required menu option, icon, or hyperlink.
Client
A personal computer that runs browser software, like Internet Explorer, Chrome, or Safari, and communicates with a server to get the information it needs.
Compliance
The goal that organizations aim to achieve by adhering to relevant laws, policies, and regulations specific to their industry. In the context of internet security, compliance means having an IT environment that meets the regulations of the industry in which an organization operates.
Controlled Unclassified Information (CUI)
Unclassified information that is not disclosed to the public.
Credential Hygiene
Credential hygiene is the anticipation, recognition, evaluation, control, and prevention of hazards that might occur if credentials are compromised.
Credentials
A user’s authentication information like username and password.
Crimeware
Malware intended to steal money from an individual or financial institution.
Crimeware-as-a-Service
The process of paying for a crimeware service (such as ransomware or phishing campaigns) instead of developing one’s own.
Cryptographic
Concerned with cryptography which is the process of converting ordinary information (called plaintext) into unintelligible text (called ciphertext). A cipher (or cypher) is a pair of algorithms that are used to create the encrypted ciphertext and the reversing decryption.
CUI
See the definition for controlled unclassified information.
Cybercrime/Computer Crime
Crimes that target computer networks or devices and their users directly.
Cybercriminal
One who participates in cybercrime.
Cyberheist
An incident in which organized crime penetrates the network of an organization and empties its bank accounts through the internet. Also, this is the title of a book by KnowBe4’s CEO, Stu Sjouwerman.
Cyberterrorist
An attacker who is motivated by some ideology and tries to destroy computers, networks, physical infrastructure like water plants and energy plants, and commercial infrastructures like stock markets.
Dark Web
The Dark Web is the part of the World Wide Web that is only accessible by means of special software, allowing users and website operators to remain anonymous or untraceable.
Data Breach
The intentional or unintentional release of secure information to an untrusted environment. Other terms used include “unintentional information disclosure,” “data leak,” and “data spill.”
Data Controller
Decides the purpose and manner to be followed when processing data.
Data Processor
Processes data on behalf of a data controller. Data processors hold and process data but do not have any responsibility or control over that data.
Data Protection Directive
A directive adopted by the European Union (EU) in 1995 that protected the personal information of EU residents and was superseded by the General Data Protection Regulation (GDPR) in May of 2018.
Data Protection Officer
A data protection law expert, such as a lawyer or auditor, that acts as the single point of contact for all data processing notifications and reports to the highest level of management.
Data Subject
An individual who is the subject of personal data.
Disinformation
False information intentionally created to deceive and mislead.
Disk Image (DMG) File
The file format used by the Mac OS X operating system for distributing software.
Distributed Denial-of-Service (DDoS)
An attack—most often carried out by botnets—in which a computer server is overwhelmed by requests for information and subsequently crashes.
Domain
A name used to identify one or more Internet Protocol (IP) addresses. Domain names are formed by the rules and procedures of the Domain Name System (DNS).
Domain Name
The domain name is that part of a web address that tells you who the owner of that webpage is.
Domain Name Registration
is the act of reserving a name on the Internet for a certain period, usually one year. It is important to know that this domain will remain yours for as long as you renew it and there is no way to purchase a domain name forever.
Domain Name System (DNS)
The internet's system for converting alphabetic web addresses into numeric IP addresses. When a web address is typed into a browser, DNS servers return the IP address of the web server associated with that name. For example, the DNS converts the URL “www.company.com” into the IP address 204.0.8.51. Without DNS, you would have to type the series of four numbers and dots into your browser to open the website.
Domains Triad
A security triad covering the three domains—cyber, physical, and people—and how they all overlap in the battle against cybercrime.
Drive-by Download
The unintentional download of malicious code to your computer or mobile device that leaves you open to a cyberattack. This happens without clicking on a link, pressing download or opening an attachment, but just by landing on an infected website.
Email Domain
The web address that comes after the @ symbol in an email address.
Email Spoofing
A form of social engineering in which an email message is forged so that it looks like it’s coming from someone else…like your CEO.
Embedded Hyperlink
A link that, when clicked, leads to somewhere else.
Enable Content/Enable Macros
A button in a Word or Excel file that the user needs to click to activate certain functions.
Encrypt
To convert information using an unreadable code to prevent unauthorized access.
End-to-End Encryption
End-to-end encryption is a system of communication where the only people who can read the messages are the people communicating.
Endpoint (Endpoint Device)
Any device that is connected to a data network. Desktop computers, laptop computers, printers, tablets, and smartphones are all endpoints.
Exactis Breach
Security researcher Vinny Troia discovered that Exactis, a data broker based in Palm Coast, Florida, had exposed a database that contained close to 340 million individual records including very personal information on hundreds of millions of American adults, as well as millions of businesses.
Excel Spreadsheet
Microsoft Excel is a spreadsheet program included in the Microsoft Office Suite package of applications. Spreadsheets present tables of values arranged in rows and columns that can be manipulated mathematically using both basic and complex arithmetic operations and functions.
Exploit
An attack on a computer system that takes advantage of a particular weakness.
External Media
External media refers to storage devices that store information outside a computer.
Fake Profile
Fake profiles are part of a growing trend on social media. The person creates a fake profile with real or fake connections that look very convincing, all designed to trick you into ultimately taking some action that is not in your best interest.
Family Educational Rights and Privacy Act (FERPA)
A United States federal law intended to protect certain education records of students such as family information and disciplinary records.
Federal Energy Regulatory Commission (FERC)
A United States federal agency that regulates the transmission and wholesale sale of electricity, natural gas, and oil.
Federal Financial Institutions Examination Council (FFIEC)
A United States council consisting of five banking regulators for the purpose of supervising financial institutions.
Fidelity
A bank in the U.S.
File Types
Different types of computer files that have different extensions (the letters after the dot), for example, .doc, .txt, .pdf.
Flash
Short for “Adobe Flash Player.”
Format
To format a drive (flash drive, hard drive, or USB drive) means to prepare the chosen partition (part) on the drive by clearing all of the data and setting up a file system.
Gartner, Inc.
A marketing, market research, and advisory firm providing information technology-related insight, headquartered in Stamford, Connecticut, United States.
GDPR
An acronym for “General Data Protection Regulation”—a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).
General Data Protection Regulation (GDPR)
A regulation that goes into effect in May of 2018 and officially replaces the Data Protection Directive. The GDPR applies to all organizations worldwide and is intended to protect European Union residents’ data.
Gramm–Leach–Bliley Act (GLBA)
A United States regulation that sets the standards for the way financial institutions handle private information of individuals.
Hack
To use a computer to gain unauthorized access to files and information on another computer or a system of networked computers.
Hacker
A technically skilled computer expert who uses their technical knowledge to overcome problems. A criminal hacker is anyone who uses their hacking skills for illegal purposes.
Hash
A hash is a string or number generated from a string of text. The resulting string or number is a fixed length and will vary widely with small variations in input. The best hashing algorithms are designed so that it's impossible to turn a hash back into its original string.
Health Insurance Portability and Accountability Act (HIPAA)
A standardization regulating the protection of the private health information of individuals.
Hijacked
When an attacker takes control of an established connection while it’s in progress. The attacker intercepts transmissions and responds to them with false information.
HIPAA
An acronym for “Health Insurance Portability and Accountability Act”—a United States legislation that provides data privacy and security provisions for safeguarding medical information.
HTML
An acronym for “Hypertext Markup Language.” It is a programming language that Tim Berners-Lee created when he invented the Web. Most webpages are created using HTML. A website will often contain many HTML files (webpages) that link to each other and also other pages on the Web. When you look at a webpage and see links and images and colors and different kinds of fonts, you are looking at the result of HTML. It tells your browser how to display the webpage and how it should behave when you view it.
HTTP
An acronym for “Hypertext Transfer Protocol.” It is the communication protocol used to connect to web servers on a network. HTTP is the agreed-upon way information is formatted and transmitted over the World Wide Web. HTTP’s most important task is to define how web browsers should request and display data from websites. Simply put, it gets everyone to agree on how things are done so that communication and exchange of information can occur on the Web.
HTTPS
An acronym for “Hypertext Transfer Protocol Secure.” It is a set of rules for speedy retrieval and transmission of electronic documents over a secure connection. In the beginning, HTTP was adopted as the way information was exchanged over the Web. Once everyone knew how to exchange information, intercepting the exchanged information was easily figured out. The problem of keeping that information private was solved using HTTPS. The “S” stands for “secure.”
Human Firewall
The term human firewall is used to indicate that all users are trained to a point where they do not fall for any social engineering tricks.
Hyperlink
Text or objects in webpages, documents, and emails that allow you to click on them in order to have your computer display another webpage, document, or place in a document.
Identification Number
A national identification number, national identity number, or national insurance number used by the governments of many countries as a means of tracking their citizens, permanent residents, and temporary residents for the purposes of work, taxation, government benefits, health care, and other government-related functions.
Identity Theft
Taking someone else’s Social Security number, date of birth, address, and other important personal information to establish false credentials and commit fraud.
Incident Reporting
The process by which security events of any type are reported—often a part of an organization’s policy.
Incident Response
The method in which an organization responds to a security event. An incident response plan details how to handle every type of compromise and establishes a set of protocols—a step-by-step policy—to mitigate further damage and increase the success of a timely recovery.
Information Security
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, inspection, recording, or destruction.
Information Technology (IT) Security Policy
The rules that a user must follow to keep themselves and their company safe from threats.
Information Workforce
An Information Worker is a person who uses information to assist in making decisions or taking actions, or a person who creates information that informs the decisions or actions of others.
Internet
A network of over 300 billion computers, and this number is growing by the second.
Internet Protocol Address
Like the street address for your home, an internet protocol address (IP address) identifies network computers. It helps traffic flow between computers because each one has its own IP address. An IP address is formatted as a series of four values separated by periods: 192.168.0.1.
Internet Security
The branch of computer security (which also includes mobile devices) that deals with internet-based threats.
iOS
An operating system used for mobile devices manufactured by Apple Inc. Both iPads and iPhones are iOS devices.
Jailbreaking
A device hack that provides users with unrestricted access to the entire file system of their mobile devices. While jailbreaking makes your device more open and gives you complete control over it, your device may be more vulnerable to attacks.
Java Exploit
A malicious application that allows hackers to remotely access your computer, letting them change files, steal personal information, and install more unwanted software. This kind of threat, called a “Trojan horse,” must be sent to you by someone or carried by another program.
Kevin Mitnick
During the mid ’90s, Kevin Mitnick was the world’s most famous hacker. He is now a very successful Fortune 500 security consultant. Based on his 30+ years of firsthand experience with hacking and social engineering, Kevin helped KnowBe4 create its security awareness training. Kevin is part owner of KnowBe4 as well as the company's chief hacking officer.
Keylogger
A small bit of malware that logs what someone types on his or her keyboard and records the keystrokes.
Keynote Talk
Usually, the opening talk at a conference or seminar that sets the mood and introduces the topic.
Link
An object, text, or graphics, linked through hypertext to a document, another object, etc.
LinkedIn Connections
1st-degree – People you’re directly connected to because you have accepted their invitation to connect, or they have accepted your invitation. 2nd-degree – People who are connected to your 1st-degree connections. 3rd-degree – People who are connected to your 2nd-degree connections.
Macros
Bits of computer code that allow you to create shortcuts to tasks you do repeatedly in programs like Microsoft Word, Excel, and PowerPoint. Hackers exploit macros by convincing you to enable them in order to access your computer and run malware.
Malware
An umbrella term used to refer to a wide range of viruses, worms, Trojans, and other programs that a hacker can use to damage, steal from, or take control of endpoints and servers. Most malware is installed without the infected person ever realizing it.
Many Lives Triad
A concept that covers how information security exists in three areas of our lives (personal, professional, mobile) and how those lives continuously overlap.
McAfee AntiVirus
Software developed by McAfee that is used to safeguard computer systems and files from viruses and other security risks.
Media Drop
A technique used by hackers in which malware is loaded on a USB drive, CD/DVD, or other readable form of media, which is then left where it can easily be found or, in some cases, given away at public venues or trade shows. Once the victim loads the drive or disk, the malware does its work and will allow the hacker to commit attacks.
Network
A set of computers connected for the purpose of sharing resources. The most common resource shared today is connection to the internet.
Network Drive
Data storage on a network that is not on the computer itself. Windows PCs usually have drive C: as the local hard disk, but drive F: can be a network drive where files are stored.
Network Sniffer
A device and/or software tool that monitors, or sniffs out the data flowing over computer network links in real time.
North American Electric Reliability Corporation (NERC)
A regulation whose mission is to ensure the reliability of the North American bulk power system.
OAuth
OAuth stands for Open Authentication. This is an authentication standard that allows you to approve one application interacting with another on your behalf without giving away your password.
Open Web Application Security Project (OWASP)
A worldwide, not-for-profit charitable organization focused on improving the security of software.
Passcode
A string of characters that are entered to gain access to such things as a computer or smartphone.
Password Manager
Software that generates and stores all logins and passwords using one master password, thereby eliminating the need for the user to remember multiple logins and passwords. It can be synced across multiple devices and most come with autofill and autologin capabilities on websites.
Patch
A patch is a set of changes to a computer program designed to update, fix, or improve it. This includes fixing security vulnerabilities. Patched is when your computer has had the latest patches installed.
Payment Card Industry Data Security Standard (PCI DSS)
A standard created to increase controls around cardholder data to reduce credit card fraud.
Personal data
Any information relating to an identifiable person such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity.
Personal Health Information (PHI)
All recorded information about an individual that relates to that person’s health, health care history, provision of health care to the individual, or payment for health care. The United States Health Insurance Portability and Accountability Act (HIPAA) governs the protection of PHI information.
Personally Identifiable Information (PII)
Any information such as an individual’s name, social security number, date and place of birth, mother's maiden name, and biometric records that can be used on its own or with other information to identify, contact, or locate a single person.
PHI
See the definition for personal health information.
Phishing
Phishing is the process in which bad guys try to trick you into giving out sensitive information or taking a potentially dangerous action, like clicking on a link or downloading an infected attachment. They do this using emails disguised as contacts or organizations you trust so that you react without thinking first.
PII
See the definition for personally identifiable information.
Policy
A set of rules that specify what requirements must be met.
Pop-up
A (usually small) window that suddenly appears on a user’s computer screen. KnowBe4 uses this technology to present training modules; therefore, users need to turn off pop-up blockers for the KnowBe4 website.
Pretexting
A form of social engineering in which an individual lies to obtain private information. Pretexting can also be used to impersonate people in certain jobs and roles such as technical support or law enforcement to obtain information.
Print Operators
A built-in group in Microsoft Windows NT and Windows 2000. The Print Operators group is a local group on computers that run Windows NT and a domain local group on a Windows 2000 domain controller. Print operators are users who can administer network printers. The initial membership of this group is empty.
Privilege
A privilege is the right of an account, such as a user or group account, to perform various system-related operations on the local computer, such as shutting down the system, loading device drivers, or changing the system time.
Privileged Access
Privileged access grants an account, such as a user or group account, permission to perform various system-related operations, such as shutting down the system, loading device drivers, or changing the system time.
Privileged User
A user who, by virtue of function, and/or seniority, has been given powers within the computer system, which are significantly greater than those available to the majority of users.
Processing (GDPR)
In the context of GDPR, processing means any operation performed on personal data, whether or not by automated means, including collection, use, recording, etc.
Processing of Personal Data
Defined by the GDPR as “the offering of goods or services, whether or not payment is required, to citizens and residents in the Union” or “the monitoring of their behavior so long as their behavior takes place within the Union.”
Proven Practice
Different from a best practice in that a best practice is context-dependent and might not be “best” in all cases, whereas a proven practice is tried and proven to be effective in most cases.
Public Wireless Network
A wireless network in a public area that anyone can use.
Quarantine
A function of antivirus software that isolates infected files on a computer's hard disk so they are no longer capable of infecting their hosting system.
Ransomware
A type of malware that denies access to a computer system until a ransom has been paid.
RAT
See the definition for remote access Trojan.
Red Flag
A warning of danger or a problem.
Remote Access Trojan (RAT)
A piece of malware that hides in a computer and gives remote access to a bad guy who then controls (and really “owns”) your computer.
RFID
A way to store electronic information on a badge, tag, card, or other document that can be read by an RFID reader. RFID stands for Radio Frequency Identification
Root
The name for the administrator or superuser role on a Linux/Unix-based system.
Rootkit
A collection of files that is installed on a computer system to alter the standard functionality of the system in a malicious and stealthy way.
SarbOx
Short for the “Sarbanes-Oxley Act of 2002,” which is a United States regulation intended to protect investors from the possibility of fraudulent accounting activities by corporations.
Security
A series of steps or actions taken to provide protection against danger, damage, loss, and/or crime.
Security Awareness Training
Any training that raises the awareness of a user to potential threats and how to avoid them.
Sensitive Information
Privileged or proprietary information which, if compromised through alteration, corruption, loss, misuse, or unauthorized disclosure, could cause serious harm to the organization owning it. NOTE: For our purposes, the words “sensitive,” “confidential,” and “private” all mean essentially the same thing.
Server
A computer that delivers data and services to other computers on a network. Servers can run software and store information. For example, webpages are stored on servers.
Server Operators:
Members in the Server Operators group can administer domain servers. This group exists only on domain controllers. By default, the group has no members. Members of the Server Operators group can sign in to a server interactively, create and delete network shared resources, start and stop services, backup and restore files, format the hard disk drive of the computer, and shut down the computer. This group cannot be renamed, deleted, or moved.
Short Message Service (SMS)
Commonly referred to as a “text message.” With SMS, a user can send a message of up to 160 characters to another device. Most cell phones support this type of text messaging.
Shoulder Surfing
The practice of physically spying on the user of an ATM, computer, or other electronic device in order to obtain their personal access information.
Smartphone
A cellular phone that is also a powerful computer and can perform all sorts of tasks, including accessing the internet.
Smishing
Smishing stands for “SMS phishing” or phishing that occurs through text messaging. Also see “SMS”.
SMS
See the definition for Short Message Service.
SMS Spoofing
Tricking or deceiving phone messaging systems or users by sending messages from a fake phone number or faking the phone number of another user. Since people are much more likely to read a message from a number they know, hackers will often spoof numbers to trick recipients into taking an action they would not normally take.
Social Engineer
Someone who manipulates others into doing things that are against their own best interest.
Social Engineering
The act of manipulating people into performing actions or divulging confidential information.
Social Network Profile
On a social network, a user’s summary of their personal details, often with a photo.
Spam
Unsolicited, unwanted email. About 70–90 percent of email that goes through the internet is spam.
Spear Phishing
A small, focused, targeted attack via email on a particular person or organization with the goal to penetrate their defenses. The spear phishing attack is done after research on the target and has a specific personalized component designed to make the target do something against his or her own interest.
Spoofing
Tricking or deceiving computer systems or other computer users. This is typically done by hiding one’s identity or faking the identity of another user on the internet. Email spoofing involves sending messages from a fake email address or faking the email address of another user. Since people are much more likely to read a message from an address they know, hackers will often spoof addresses to trick the recipient into taking an action they would not normally take.
Spreadsheet
An electronic document in which tables of values are arranged in rows and columns that can be manipulated mathematically using both basic and complex arithmetic operations and functions.
Spyware
An umbrella term for many “families” of malicious software that send a computer user’s confidential data back to cybercriminals. Some examples of spyware are Trojans, adware, and malicious toolbars.
Sun Tzu
An ancient Chinese general, military strategist and philosopher.
Symantec
American technology company and developer of Norton AntiVirus.
Tailgating
Technique used by information thieves to bypass physical access controls by following closely behind an authorized person or by getting an authorized person to open a door for them.
Technical Vulnerabilities
A weakness in software or hardware that leaves a system open to attack.
TEDx
An international community that organizes TED-style events anywhere and everywhere. TED is a nonprofit devoted to spreading ideas, usually in the form of short, powerful talks (18 minutes or less). TED stands for Technology, Entertainment and Design.
Threat Landscape
The methods used by cybercriminals to break into your device and your organization's network. Today's threat landscape is extensive—and getting bigger every day.
Torrent Sites
A “torrent” is short for “BitTorrent,” which is a technology used to distribute files over the internet. Torrent sites are used to share pirated movies, music, and other copyrighted files.
Tradecraft
A set of techniques hackers and social engineers use to get illegal access to hardware, software or deceive humans.
Trending
To be the subject of many posts on a social media website within a short period of time.
Trigger
A condition that causes a virus payload to be executed, usually occurring through user interaction (e.g., opening a file, running a program, or clicking on an email file attachment).
Trojan Horse
Powerful malware that hides itself on your computer and allows bad guys to run their software on your computer. For instance, Trojans send keylogger files back to the bad guys.
Trojan Listener
A piece of malware that sits on the command-and-control server of a bad guy and waits for an infected computer to “call home” to it. It listens for the Trojan to call in.
Unsubscribe
To cancel a subscription to an electronic mailing list or online service.
Update
A patch, which is a piece of software designed to fix problems with a computer program or its supporting data. It can include fixing security vulnerabilities and other bugs and improving the usability or performance.
URL
When you type a web address, also called a ”URL” (Uniform Resource Locator), into your browser’s address bar, your browser translates that URL into an Internet Protocol address like 209.80.210.10.
USB
Often used for penetration tests. It can have malware on it that exposes a network to an attacker. It is also called a “thumb drive” or “flash drive.”
Virtual Private Network (VPN)
A virtual private network (VPN) is a technology that creates a safe connection over a less secure network, such as the internet. VPN technology was developed as a way to allow remote users and branch offices to securely access corporate applications, email and other resources.
Virus
A computer virus copies itself to another computer and infects files on that computer. Viruses almost always damage the computer they infect.
Vishing
Phone-based social engineering is voice phishing or “vishing.” Like phishing, vishing is when the hacker calls you and tries to con you into surrendering confidential information.
Web Browser
“Browser” for short—a software program that requests and retrieves information from websites. To keep it simple, when you type a web address—also called a “URL” for “Uniform Resource Locator”—like www.cnn.com, into your browser’s address bar, your browser uses some tools to translate that URL into an Internet Protocol address like 151.101.53.67 (which is the address of a server on the internet somewhere). The server that hosts that web page sends it to your browser.
Web Portal
The website of an organization that allows you to perform certain functions like paying bills or other tasks.
Whitelisting Software
Application Whitelisting (AWL) is a technology created to keep computer systems safe from unwanted software, including malware. It works together with Application Blacklisting to keep malware and other unauthorized software from running on a system.
Wi-Fi
A facility allowing computers, smartphones, or other devices to connect to the internet or communicate with one another wirelessly within a particular area.
Wi-Fi Hotspots
A physical location that offers wireless internet access.
Wi-Fi Pineapple
A hacking device that advertises a false access point name like AT&T Wi-Fi. The Wi-Fi Pineapple has two radios: one for you to connect to, thinking it is AT&T Wi-Fi, and one that connects to the real AT&T Wi-Fi, so the device sits in the middle between you and the real AT&T Wi-Fi access point and sees and records everything you do while you are online.
Windows
A computer operating system (the software that supports a computer’s basic functions) made by Microsoft.
Windows Update
A free service from Microsoft that regularly updates your computer with the latest bug fixes and security patches and then reboots the computer. For consumers, it is highly recommended to have this set on automatic.
Wireless Access Point
A device that allows wireless devices to connect to a wired network using Wi-Fi.
World Wide Web
“The Web” for short. A collection of websites filled with information. These websites are searchable and connected to each other by links.
Worm
A standalone malware software program that replicates itself so it can spread to other computers.
Zombie
A computer that has been compromised by a hacker, virus, or Trojan horse program and used to perform malicious tasks under remote direction.
Close and reopen the training to continue.