Improve Your Cybersecurity Vocabulary

This short glossary of cybersecurity terms is a simple way to raise awareness for terms like “zero-day attack” that employees and executives outside of cybersecurity should know about.

Clickjacking, Linkjacking, Phishing, Smishing And Other Cybersecurity Terms You Need To Know



The industry has its own language which lay people often struggle to understand. This short glossary of cybersecurity vocabulary is a simple way to raise awareness for terms like “zero-day attack” that employees and executives outside of cybersecurity should know about. Regardless of your role in an organization, take the time to learn these commonly used terms and increase your knowledge of the most critical issue of the digital age – cybersecurity.


APT (Advanced Persistent Threat) 

A security breach that enables an attacker to gain access or control over a system for an extended period of time usually without the owner of the system being aware of the violation. Often an APT takes advantage of numerous unknown vulnerabilities.



A secret entry point established to circumvent normal security measures for access to software or a computer system.



Botnets can comprise dozens to over a million individual computers. The term botnet is a shortened form of robotic network – a collection of innocent computers which have been compromised by malicious code to run a remote control agent and perform criminal actions. 


Bug Bounty

Reward offered by some organizations and developers to individuals who report a vulnerability or bug.



When a bad actor creates an online fictional persona for deceptive purposes.



A malicious technique that tricks you into clicking on a URL, button or other screen object other than that intended by or perceived by the user. 


DDoS (Distributed Denial of Service) 

An attack which attempts to block access to a digital resource. It is a variation of the DoS attack (see DOS) that can include flooding, connection exhaustion, and resource demand. The distinction of DDOS from DOS is that the attack traffic may originate from numerous sources or is reflected or bounced off of numerous intermediary systems. DDoS attacks are often waged using botnets. 



A trap or decoy for attackers. A honeypot is used to distract attackers in order to prevent them from attacking actual production systems. A honeypot may also be able to discover new attacks or the identity of the attackers.



Software that records users’ keystrokes to collect passwords and other high-value information.



An unethical practice of redirecting a link to a middle-man or aggregator site or location rather than the original site.


Multi Factor Authentication (MFA)

A security approach that asks users to give at least two credentials, such as a password and biometric, to access an organization’s data or systems.


Penetration Testing

Also known as pen-testing, it’s an attempt to evaluate how hack-proof a system is by trying to exploit it.



When attackers send emails that purport to be from reputable parties to induce recipients to reveal personal information.



A type of malicious software attack that blocks access to a computer system until the victim pays a sum of money to unlock it.


Social Engineering

A cyberattack aimed at stealing user data where the attacker pretends to be a trusted individual or organization to trick the victim. Common techniques include phishing and smishing.



The fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.



A fictitious online identity used for deceptive purposes.



A pre-approved list of software, code, file name, path, file size and hash value. Conversely, any code, whether benign or malicious, excluded from the whitelist will not be able to execute on the protected system (aka blacklist).


Zero-Day Exploit

A software vulnerability that’s either previously unknown or has no developed patch, leaving hackers free to do damage.


Zero Trust

Concept that says devices shouldn’t be automatically trusted, even if they have been verified previously.vocabu

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

Rethinking Cybersecurity: 4 Strategies to Protect Your Business

Discover how to shift your focus to safeguarding raw data in order to strengthen your security infrastructure and protect your business with these 4 strategies.

Your Guide To E-Rate 2023-2024: Application Timeline, Eligibility, and More

As COVID relief funding sunsets next September 2024, the Federal Communications Commission’s (FCC) annual E-Rate Program will become increasingly important for schools and libraries seeking to refresh and maintain their technology stack.

Switching to Windows 11? Then It’s Time To Upgrade Your Devices

Leverage the Windows 11 upgrade to refresh your devices. Discover 4 reasons why a full-coverage lifecycle management solution is key to long-term success.

Improve Remote Work Efficiency and Security With Endpoint Managed Lifecycle

Discover the benefits of Endpoint Managed Lifecycle, which include enhancements to your IT performance and security in remote work setups.

Your Business Needs To Make The Switch to Windows 11—Here’s Why

Technology drives business performance. Delve into why transitioning early to Windows 11 is smart for your business and how it can raise your competitive edge.

5 Reasons Why Every Business Needs A Managed IT Services Provider

Discover the ways Managed IT Services can optimize your business processes, foster sustainable growth, and ensure future readiness.

Experiencing a security breach?

Get immediate assistance from our security operations center! Take the following recommended actions NOW while we get on the case:


  1. Determine which systems were impacted and immediately isolate them. Take the network offline at the switch level or physically unplug the systems from the wired or wireless network.
  2. Immediately take backups offline to preserve them. Scan backups with anti-virus and malware tools to ensure they’re not infected
  3. Initiate an immediate password reset on affected user accounts with new passwords that are no less than 14 characters in length. Do this for Senior Management accounts as well.

Just one more step

Please fill out the following form,