Testing for Network Security
Expert-defined terms from the Professional Certificate in Network Performance Testing Techniques course at London School of Business and Administration. Free to read, free to share, paired with a professional course.
Access Control List refers to a set of rules used by a network device to… #
Related terms include Firewall, Packet Filtering, and Network Segmentation. Access Control Lists are commonly used to restrict access to sensitive areas of a network, such as a database or a file server, and to prevent unauthorized access to the network.
Authentication refers to the process of verifying the identity of a user, device… #
Related terms include Authorization, Identification, and Verification. Authentication is a critical component of network security, as it ensures that only authorized users have access to the network and its resources.
Authorization refers to the process of granting or denying access to a user, dev… #
Related terms include Authentication, Access Control, and Privileges. Authorization is an important aspect of network security, as it ensures that users only have access to the resources and data that they are authorized to access.
Availability refers to the ability of a network or system to be accessed and use… #
Related terms include Reliability, Uptime, and Redundancy. Availability is a key aspect of network performance, as it ensures that users can access the network and its resources when needed.
Backdoor refers to a secret or unauthorized means of accessing a network… #
Related terms include Vulnerability, Exploit, and Rootkit. Backdoors can be used by attackers to gain unauthorized access to a network or system, and can be difficult to detect and remove.
Botnet refers to a network of compromised devices, such as computers or smart… #
Related terms include Zombie Network, Malware, and DDoS Attack. Botnets can be used by attackers to conduct cyber attacks, such as distributed denial-of-service attacks, or to spread malware.
Certificate Authority refers to an entity that issues digital certificates</b… #
Related terms include Public Key Infrastructure, Digital Signature, and Encryption. Certificate Authorities play a critical role in secure communication over the internet, as they help to establish trust between users and websites.
Cloud Computing refers to the practice of delivering computing resources, such a… #
Related terms include Virtualization, Scalability, and On-Demand Service. Cloud computing has become increasingly popular in recent years, as it offers a flexible and cost-effective way to access computing resources.
Confidentiality refers to the ability to protect sensitive information, such as… #
Related terms include Integrity, Availability, and Security. Confidentiality is a key aspect of network security, as it ensures that sensitive information is protected from unauthorized access.
Denial of Service Attack refers to a type of cyber attack that involves o… #
Related terms include Distributed Denial of Service Attack, Flood Attack, and Malicious Traffic. Denial of Service Attacks can be difficult to mitigate, as they can come from multiple sources and can be difficult to block.
Encryption refers to the process of converting plaintext data into ciphertext… #
Related terms include Decryption, Key Management, and Secure Communication. Encryption is a critical component of network security, as it ensures that sensitive data is protected from unauthorized access.
Firewall refers to a network device or software that controls incoming and outgo… #
Related terms include Packet Filtering, Access Control List, and Network Segmentation. Firewalls are commonly used to protect networks from unauthorized access, and to block malicious traffic.
Honeypot refers to a decoy system or resource, designed to attract and de… #
Related terms include Honeynet, Trap Network, and Intrusion Detection System. Honeypots can be used to detect and analyze malicious activity, and to improve network security.
Intrusion Detection System refers to a system or software that monitors network… #
Related terms include Intrusion Prevention System, IDS, and IPS. Intrusion Detection Systems are commonly used to detect and respond to cyber attacks, and to improve network security.
IP Address refers to a unique address assigned to a device on a network,… #
Related terms include IP Addressing, Subnet Mask, and Gateway Address. IP Addresses are used to route traffic across the internet, and to identify devices on a network.
Malware refers to malicious software, designed to harm or exploit a netwo… #
Related terms include Virus, Worm, and Trojan Horse. Malware can be used to steal sensitive information, disrupt operations, or gain unauthorized access to a network or system.
Network Segmentation refers to the practice of dividing a network into smaller,… #
Related terms include Subnetting, VLAN, and Firewall Configuration. Network Segmentation can help to prevent the spread of malware and unauthorized access, and can improve overall network security.
Packet Sniffing refers to the practice of capturing and analyzing network tra… #
Related terms include Network Monitoring, Traffic Analysis, and Protocol Analysis. Packet Sniffing can be used to detect security threats, troubleshoot network issues, and optimize network performance.
Penetration Testing refers to the practice of simulating a cyber attack,… #
Related terms include Vulnerability Assessment, Pen Test, and Red Teaming. Penetration Testing can help to identify vulnerabilities and weaknesses in a network or system, and can improve overall security posture.
Phishing refers to a type of social engineering attack, designed to trick… #
Related terms include Spear Phishing, Whaling, and Pretexting. Phishing attacks can be used to steal sensitive information, such as passwords or financial data.
Proxy Server refers to a server that acts as an intermediary between a cl… #
Related terms include Reverse Proxy, Cache Server, and Content Filtering. Proxy Servers can be used to improve network performance, filter out malicious traffic, and protect user identity.
Ransomware refers to a type of malware that encrypts files or data, and d… #
Related terms include CryptoLocker, WannaCry, and Malicious Software. Ransomware attacks can be devastating, as they can result in the loss of sensitive data and disruption of business operations.
Rootkit refers to a type of malware that hides or disguises itself, in or… #
Related terms include Trojan Horse, Backdoor, and Malicious Code. Rootkits can be used to gain unauthorized access to a network or system, and can be difficult to detect and remove.
Security Information and Event Management refers to a system or software that mo… #
Related terms include Log Management, SIEM System, and Incident Response. Security Information and Event Management systems can help to improve network security, by providing real-time threat detection and incident response.
Social Engineering refers to a type of attack that involves manipulating… #
Related terms include Phishing, Pretexting, and Psychological Manipulation. Social Engineering attacks can be used to steal sensitive information, gain unauthorized access to a network or system, or disrupt business operations.
SQL Injection refers to a type of attack that involves injecting maliciou… #
Related terms include Database Security, SQL Injection Attack, and Input Validation. SQL Injection attacks can be used to steal sensitive information, disrupt database operations, or gain unauthorized access to a network or system.
Trojan Horse refers to a type of malware that disguises itself as legitim… #
Related terms include Backdoor, Rootkit, and Malicious Code. Trojan Horses can be used to steal sensitive information, disrupt system operations, or gain unauthorized access to a network or system.
Virus refers to a type of malware that replicates itself, in order to spr… #
Related terms include Worm, Trojan Horse, and Malicious Software. Viruses can be used to steal sensitive information, disrupt system operations, or gain unauthorized access to a network or system.
Virtual Private Network refers to a secure and encrypted connection betwe… #
Related terms include VPN Tunnel, Encryption, and Secure Communication. Virtual Private Networks can be used to protect sensitive data and communications, and to provide secure access to a network or system.
Vulnerability refers to a weakness or flaw in a network or system,… #
Related terms include Exploit, Patch, and Vulnerability Assessment. Vulnerabilities can be used by attackers to gain unauthorized access to a network or system, and can be difficult to detect and remedy.
Worm refers to a type of malware that spreads from device to device, with… #
Related terms include Virus, Trojan Horse, and Malicious Software. Worms can be used to steal sensitive information, disrupt system operations, or gain unauthorized access to a network or system.
Zero #
Day Exploit refers to a type of exploit that takes advantage of a previously unknown vulnerability, before a patch or fix is available. Related terms include Zero-Day Attack, Exploit Kit, and Vulnerability Disclosure. Zero-Day Exploits can be used by attackers to gain unauthorized access to a network or system, and can be difficult to detect and respond to.
Zone Transfer refers to the process of transferring domain name system (D… #
Related terms include DNS Zone, Transfer Protocol, and Domain Name System. Zone Transfers are used to distribute DNS records across multiple servers, and to improve the availability and reliability of DNS services.