Learn the basic vocabulary you need to know in order to understand and talk about ethical hacking and cybersecurity concepts.
Becoming an expert in any field requires a strong knowledge of the fundamentals. When it comes to ethical hacking, the fundamentals include knowledge of these ten important terms. If you pay attention to hacking stories on the news, television shows or movies in which hacking is involved, you will often here many of these mentioned – and now you’ll know what they mean!
Bot – A computer system that can be controlled from a remote location. Attackers often use bots to carry out malicious actions while staying far away from that physical location.
Botnet – A collection of bots; an entire group of system under the attacker’s control
Daisy-Chaining – Using access you’ve gained by breaking into one system in order to access others.
Doxing – Publishing Personally Identifiable Information (PII). When a major hack happens and customer data such as medical records, names, addresses, phone numbers and social security numbers have been exposed, a person has been doxed.
Exploit – Taking advantage of a vulnerability in order to break into a system. Exploiting refers to the actual act of hacking into it.
Hack Value – The value that a hacker can get from breaking into a system. This can be in the form of information, monetary value if they sell that information or get paid to complete the hack, or other value. Many times a system is hacked because it’s valuable for one reason or another.
Non-repudiation – The concept of accountability. Non-repudiation means somebody who sent a message cannot deny sending it and the recipient cannot deny receiving it because it is on record. A great example of this would be finding a classified email that Hillary Clinton sent using her personal email account — since it is on record on a server with a timestamp, she cannot deny having sent it.
Payload – The part of malicious code that causes harm once it is on a system. The payload is what a virus or worm will do once it reaches the victim’s system.
Vulnerability – A weakness that can be exploited by an attacker. Examples include poorly written code or database design.
Zero-Day Attack – A new attack exploiting a vulnerability for which there is no known fix. Security professionals need to act quickly and figure out how to recover and prevent further attacks from happening.