Innovative Digital Solutions for SMBs
Glossary of terms and definitions for IT (Information Technology), the Internet and cyber security.
This glossary provides more than 480 clear and concise definitions of commonly used terms in the fields of information technology, the internet, and cyber security. It is designed to support users of all levels in understanding key concepts, technical jargon, and acronyms frequently encountered across digital platforms and security-related discussions. Whether you are a business owner, student, professional, or simply interested in the digital landscape, this resource aims to enhance your knowledge and confidence in navigating the ever-evolving world of technology.
Information that is stored, processed, or transmitted by a computer.
Example: The survey collected data from thousands of respondents.
An organised collection of structured information that can be easily accessed, managed, and updated. Databases are used in a wide range of applications, from storing customer records to powering websites and apps.
Example: The school's database contains student enrolment details and academic records.
An incident where confidential or sensitive data is accessed or disclosed without authorisation.
Example: Hackers break into a retail company's database and steal customers' credit card details.
A facility used to house computer systems, storage, and networking equipment, providing centralised infrastructure for storing, managing, and processing data. Data centres are critical to cloud services and internet operations.
Example: The bank's data centre is located in a high-security building with backup power and climate control.
The process of converting data into a coded format to prevent unauthorised access. Only those with the decryption key can read it.
Example: Your online banking app encrypts your data, so even if it's intercepted, it can't be read without the correct key.
See also: Encryption, Decryption
The unauthorised transfer of data from a computer or network to an external location, often performed stealthily.
Example: An attacker gains access to a company's database and secretly sends customer records to a remote server.
Ensuring that data remains accurate, consistent, and unaltered during storage or transmission.
Example: A financial report is transmitted securely to ensure it isn't tampered with during transfer.
The unintended deletion or corruption of digital information.
Example: He experienced data loss after his hard drive failed.
See also: Data
Tools and strategies designed to prevent unauthorised access, use, or sharing of sensitive data.
Example: A company uses DLP software to prevent employees from sending confidential information via email.
See also: Data Loss
The process of obscuring sensitive data by replacing it with fictional or altered data, maintaining usability while protecting privacy.
Example: In a training database, real customer names and credit card numbers are replaced with fake data.
A small unit of data transmitted over a network that includes both the actual data and metadata such as destination address and sequence information. Data is broken into packets for efficient transfer and reassembled upon arrival.
Example: During a video call, data packets were lost due to a weak Wi-Fi connection.
The process of retrieving lost, corrupted, deleted, or inaccessible data from storage devices such as hard drives, SSDs, or USB drives.
Example: A technician performs data recovery on a damaged external hard drive to retrieve a client's family photos.
The process of securely erasing data to prevent it from being recovered or misused.
Example: Before disposing of old hard drives, a company uses data sanitisation techniques to wipe all information.
The movement or transmission of digital information between devices, networks, or storage systems. Data transfer speed, often measured in megabits per second (Mbps) affects how quickly files can be uploaded or downloaded.
Example: The cloud backup service offers unlimited data transfer for all subscriptions.
A data protection and privacy regulation enacted by the European Union (EU) that governs how organisations collect, store, process, and share the personal data of EU citizens. Although it is an EU regulation, GDPR applies to any organisation worldwide, including Australian businesses, that handle the personal data of individuals located in the EU.
Example: An e-commerce business selling products to customers in Europe must ensure its website complies with GDPR requirements, such as obtaining explicit consent for data collection, providing clear privacy notices, and offering customers the ability to delete their personal data upon request.
Data that provides information about other data, such as details about its content, origin, format, or creation. Metadata helps organise, find, and manage information efficiently.
Example: The photo's metadata included the date and GPS location.
A set of security standards for protecting credit card data during processing, storage, and transmission.
Example: Online retailers must comply with PCI DSS to ensure customer payment information is secure.
An access control model that grants permissions based on user attributes such as role, location, or department.
Example: Employees can only access financial data if they are in the finance department and working from the office.
A set of mechanisms and policies designed to restrict unauthorised users from accessing systems, networks, or data. Access control typically involves authentication (verifying identity) and authorisation (granting permissions).
Example: In an office, employees may need to use a swipe card (authentication) to enter certain areas, and only managers may have permission (authorisation) to access sensitive files.
A prolonged, targeted cyberattack where an intruder gains unauthorised access to a network and remains undetected for an extended period, often to steal sensitive data.
Example: A hacker group infiltrates a government agency's network and remains hidden for months, slowly exfiltrating classified documents.
The discovery, interpretation, and communication of meaningful data patterns, often for web traffic.
Example: The marketing team reviewed website analytics to understand visitor behaviour.
The process of removing or altering personal identifiers in data sets to prevent individuals from being identified.
Example: Customer data is anonymised by replacing names and email addresses with generic IDs before being shared with researchers.
Techniques used to prevent or hinder digital forensic investigations by erasing or obscuring evidence.
Example: A hacker uses anti-forensics tools to delete logs and hide their tracks after a data breach.
A digital file that is sent along with an email or electronic message, which can include documents, images, videos, or other types of data.
Example: She included a PDF attachment with her application to the council.
A copy of data stored separately to restore original information in case of loss.
Example: She made weekly backups of her laptop to an external drive.
See also: Off-site Backup
Baiting is a social engineering attack where an attacker lures a victim into performing a specific action by offering something tempting, such as free software, a USB drive, or access to exclusive content. The bait often contains malware or leads to a phishing site.
Example: An employee finds a USB drive labelled "Confidential Payroll Data" in the office car park. Curious, they plug it into their work computer, unknowingly installing malware that grants the attacker remote access to the system.
The maximum amount of data that can be transmitted over a network connection in a specific period, usually measured in megabits per second (Mbps), affecting the speed and capacity of internet connections.
Example: Streaming multiple HD videos simultaneously consumed a large portion of their available bandwidth.
BitLocker is a full disk encryption feature included with Microsoft Windows (Enterprise and Pro editions) that protects data by encrypting entire volumes.
Example: An organisation uses BitLocker to encrypt the hard drives of employee laptops to prevent data theft if devices are lost or stolen.
See also: Data Encryption
The rate at which bits of data are transmitted or processed, typically measured in kilobits or megabits per second, and often used to describe the quality of audio or video files.
Example: The video was streamed at a high bitrate to maintain clarity on larger screens.
A hacker who violates security for personal gain, malicious intent, or to cause damage to systems or data.
Example: A black hat hacker breaches a company's database and sells the stolen customer data on the dark web.
See also: White Hat Hacker, Hacker
A wireless technology for exchanging data over short distances.
Example: She connected her phone to the car stereo via Bluetooth.
The process of informing affected individuals and authorities about a data breach, often required by law.
Example: After a data breach, a company sends emails to customers notifying them that their personal information may have been exposed.
A process where data is preloaded into a reserved area of memory to ensure smooth playback.
Example: The video kept buffering due to a slow internet connection.
A basic unit of digital information storage equal to eight bits, commonly used to represent a single character of text and measure file sizes and memory capacity.
Example: The data file used 700 bytes of storage space.
A temporary storage area in computers or browsers used to store frequently accessed data or files to speed up future access. Caching improves performance by reducing the need to re-download or reprocess information each time it is requested.
Example: Clearing the browser cache resolved the website loading issue.
Software that acts as a gatekeeper between users and cloud services to enforce security policies and protect data.
Example: A CASB monitors and controls employee access to cloud services like Google Drive and Dropbox.
A set of measures designed to protect data, applications, and services hosted in cloud environments.
Example: Encrypting data stored in Google Drive and using multi-factor authentication to access your cloud account.
Cloud Storage is a service model where data is stored on remote servers accessed via the internet, maintained by third-party providers.
Example: An Australian business uses cloud storage to back up client files.
Complementary Metal-Oxide-Semiconductor (CMOS) is a technology used to store BIOS settings and system configuration data in a computer, typically powered by a small battery on the motherboard.
Example: After replacing the CMOS battery, the technician reconfigured the system time and boot order in the BIOS.
See also: BIOS
A username and password that has been stolen or exposed, allowing unauthorised access to accounts.
Example: Hackers use compromised credentials from a data breach to log into victims' email accounts.
A small piece of data stored on the user's device by a website to remember preferences or login details.
Example: The website asked for cookie consent to track usage.
An unexpected failure of a software program or operating system that causes it to stop functioning properly, often resulting in data loss or the need to restart the system.
Example: The word processor experienced a crash and closed before she could save her document.
A type of cyber attack where attackers use large sets of stolen username and password combinations, often obtained from previous data breaches, to gain unauthorised access to multiple online accounts. This attack exploits the common practice of people reusing the same credentials across different platforms and services.
Example: After acquiring a database of stolen login credentials from a breached e-commerce website, attackers attempt to access users' social media and banking accounts using the same email and password combinations.
Any deliberate attempt to damage, disrupt, or gain unauthorised access to computer systems, networks, or data.
Example: A hacker launches a ransomware attack on a hospital, encrypting patient records until a ransom is paid.
The practice of protecting systems, networks, and digital data from unauthorised access, attacks, or damage. Cyber security includes measures such as firewalls, encryption, authentication, and user education to defend against threats like malware and hacking.
Example: The company implemented new cyber security protocols after a phishing incident.
The process of converting encrypted data back into its original form.
Example: The file could only be accessed after successful decryption.
See also: Encryption
The collection of data and traces left behind by a user's activity on the internet, including browsing history, social media posts, email interactions, and online purchases. This information can be used to build a profile of user behaviour and preferences.
Example: Posting on social media contributes to your digital footprint.
A set of attributes and credentials that represent a person or entity online.
Example: Her digital identity includes her email, username, and biometric data.
A virtual container or folder used to organise and store files on a computer or network. Directories help keep data structured and can include subdirectories within them.
Example: The images were stored in a separate directory on the server.
The process of receiving digital data from the internet or a remote system onto a local device, typically for storage or offline use.
Example: She downloaded a report from the government website.
See also: Upload
A physical or virtual storage unit used to save and retrieve digital data, such as a hard drive, USB drive, or cloud-based storage drive.
Example: He transferred the files onto a USB drive.
See also: Hardware
A mathematical process used to encrypt and decrypt data, ensuring secure communication and data protection.
Example: AES (Advanced Encryption Standard) is an encryption algorithm widely used to encrypt sensitive data like financial transactions.
A string of characters used in encryption algorithms to encode or decode data, ensuring secure communication.
Example: Your messaging app encrypts messages using an encryption key so only the recipient can read them.
Protective measures and tools designed to secure endpoint devices such as desktops, laptops, tablets, and smartphones from cyber threats. It typically includes antivirus software, firewalls, encryption, and advanced threat detection to prevent unauthorised access and data breaches.
Example: Installing antivirus software and encrypting data on company laptops.
See also: Endpoint
A system where encryption keys are held by a trusted third party, allowing access in emergencies or by authorised request.
Example: A company stores encryption keys with a third party to ensure they can access data if their systems fail.
A restricted network that allows external parties, such as partners or suppliers, limited access to an organisation's internal systems and data.
Example: The company used an extranet to share data with its suppliers.
A high-speed transmission technology that transmits data as light through flexible glass or plastic cables. It is widely used in Australia's NBN to deliver faster and more reliable broadband.
Example: They switched to fibre optic internet for faster downloads.
A unit of digital information stored on a computer or network, containing text, images, audio, video, or other data types.
Example: She uploaded the file to the company server.
Malware that resides in a computer's memory rather than the hard drive, making it difficult to detect and remove.
Example: An attacker exploits a vulnerability in a web browser to run fileless malware that steals data during a session.
The process of preparing a storage device for use by erasing existing data and setting up a new file system.
Example: Before installing Windows, the technician formats the hard drive to remove all previous data.
A person who uses technical skills to access systems or data. Hackers can be ethical (white hat) or malicious (black hat).
Example: A white hat hacker finds vulnerabilities in a company's system and helps them fix it.
See also: White Hat Hacker, Black Hat Hacker
A physical device that securely manages and protects cryptographic keys, performing encryption and decryption operations.
Example: Banks use HSMs to secure customer transaction data and protect encryption keys from theft.
When two different pieces of data produce the same hash value, potentially compromising data integrity.
Example: An attacker exploits a hash collision to trick a system into accepting a malicious file as legitimate.
An algorithm that converts data into a fixed-length string (hash) for verification purposes. Hashes are used to ensure data integrity.
Example: When you download a file, its hash value can be compared with the original to ensure it hasn't been altered.
A data storage device used for storing operating systems, software, documents, and other digital files, either internally or externally.
Example: The hard drive failed and all data was lost.
A decoy system designed to lure attackers, allowing security teams to observe their methods and gather intelligence.
Example: A fake database is set up to attract hackers and track their activities without risking real data.
A protocol used for transmitting data over the internet. It defines how messages are formatted and transmitted, and how web servers and browsers should respond to various commands. HTTP is the foundation of data communication on the World Wide Web.
Example: The website uses HTTP to load pages.
Policies and technologies for managing user identities and controlling access to systems and data.
Example: IAM ensures that only authorised employees can access sensitive HR records.
A structured set of instructions and procedures designed to help an organisation detect, respond to, and recover from cyber security incidents.
Example: When a data breach occurs, the IT team follows the incident response plan, which outlines steps like isolating affected systems, notifying stakeholders, and restoring data from backups.
See also: Incident Response
The process by which search engines or software organise and store data in a structured format to enable fast and efficient retrieval. In the context of websites, indexing refers to a search engine scanning and adding pages to its database.
Example: Search engines use indexing to list relevant web pages.
The practice of protecting information from unauthorised access, disclosure, alteration, or destruction. It encompasses policies, procedures, and technologies designed to safeguard data in all forms, ensuring confidentiality, integrity, and availability.
Example: The company implemented strict information security measures to protect customer data.
Data or commands entered into a computer system by a user or device. Input can be provided through various methods such as keyboards, mice, touchscreens, or sensors, and is processed by the system to produce an output.
Example: The user provided input through the keyboard.
A security risk posed by individuals within an organisation, such as employees or contractors, who may misuse their access for malicious purposes or due to negligence.
Example: An employee with access to sensitive customer data copies it onto a USB drive and sells it to competitors.
A network of connected devices that can collect and exchange data, such as smart home gadgets and industrial sensors.
Example: A smart thermostat that you control via a mobile app is part of the IoT.
Internet Protocol Address; a unique numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. It identifies and locates devices on the network, allowing data to be routed correctly.
Example: The IP address 192.168.1.1 is commonly used for routers.
A technique where an attacker falsifies the source IP address of a data packet to disguise their identity or impersonate a trusted source.
Example: An attacker sends a malicious email that appears to come from a colleague's IP address to trick you into clicking a harmful link.
An input device consisting of keys used to enter data and commands into a computer.
Example: She typed the report using a wireless keyboard.
See also: Peripheral, Hardware, Mouse
The delay between a user's action and the response from a network or system, typically measured in milliseconds. In networking, it refers to the time it takes for data to travel from the source to the destination.
Example: High latency caused lag during the video call.
Linux Unified Key Setup (LUKS) is a standard for hard disk encryption in Linux, allowing secure management of multiple user passwords and encryption configurations.
Example: A systems administrator uses LUKS to encrypt a Linux server's storage to ensure sensitive data is protected from unauthorised access.
See also: Data Encryption
A general term for any malicious software designed to damage, disrupt, or exploit computers, networks, or data. Types include viruses, worms, ransomware, and spyware.
Example: A user downloads some free software from an unofficial website, unknowingly installing malware that tracks their keystrokes and steals their login credentials.
Typically referring to RAM (Random Access Memory), it is a computer component that stores data temporarily while the system is running.
Example: The computer has 32GB of memory, allowing it to run multiple applications simultaneously without slowing down.
An attack where a cybercriminal intercepts and possibly alters communication between two parties without their knowledge.
Example: An attacker intercepts data transferred between your laptop and a public Wi-Fi network, stealing login credentials for your email.
Measures taken to protect mobile devices from threats like malware, data theft, and unauthorised access.
Example: Using device encryption, biometric authentication, and remote wipe features to secure smartphones.
A common audio file format that compresses sound data.
Example: She downloaded her favourite songs as MP3 files.
An open-source relational database management system.
Example: The website stored user data in a MySQL database.
See also: SQL
A dedicated file storage device connected to a network, allowing multiple users to access and share data centrally.
Example: A small office in Sydney uses a NAS to store shared documents and backups accessible to all staff.
See also: Hardware
A collection of interconnected computers, devices, or systems that communicate and share resources such as data, files, and internet access. Networks can be connected using wired technologies like Ethernet cables or wireless technologies such as Wi-Fi.
Example: The office network included both wired desktop computers and Wi-Fi access for mobile devices.
The capture, analysis, and investigation of network traffic to identify security incidents or breaches.
Example: After a data breach, analysts review network logs to trace the source of the attack.
The process of capturing and analysing data packets on a network to identify potential threats or gather information.
Example: A security analyst uses a network sniffer to detect unauthorised data transfers.
A hardware device that connects devices on a local area network (LAN) and uses MAC addresses to forward data to the correct destination.
Example: The office network uses a switch to connect multiple computers and printers for efficient communication.
A high-speed interface protocol for accessing solid-state drives connected via PCIe, providing faster data transfer rates.
Example: The new laptop featured an NVMe SSD for rapid file loading.
A copy of data that is stored at a different physical location from the original, used to protect against data loss due to disasters, theft, or hardware failure.
Example: The company regularly performs off-site backups to cloud storage to ensure data safety.
See also: Backup
A small unit of data transmitted over a network, containing both the payload (the actual data) and control information such as source and destination addresses.
Example: The video was streamed by sending thousands of data packets over the internet.
A firewall technique that controls the flow of data packets based on predefined security rules, such as IP addresses and ports.
Example: A firewall blocks packets from an unknown IP address trying to access the company network.
Packet Loss occurs when data packets travelling across a network fail to reach their destination, which can result in reduced performance, delays, or interruptions.
Example: During a video call, the user experienced audio issues due to packet loss caused by an unstable internet connection.
See also: Packet
The component of malicious software (malware) responsible for executing the intended harmful action, such as data theft, system damage, or unauthorised access, once the malware has infiltrated a system.
Example: A ransomware payload encrypts files on a victim's computer and displays a ransom note demanding payment to restore access.
PCI Express (PCIe) is a high-speed serial computer expansion bus standard designed to replace older PCI, PCI-X, and AGP standards, offering faster data transfer rates.
Example: A gamer upgrades their computer by installing a new graphics card into a PCI Express x16 slot to improve performance.
Measures designed to protect physical assets, such as buildings, servers, and devices, from theft, damage, or unauthorised access.
Example: Installing CCTV cameras and secure entry systems to protect a data centre.
A numerical identifier in networking used to direct data to specific applications or services on a device. Ports enable multiple programs to use the network simultaneously without interference.
Example: The firewall blocked external access to port 21.
A secret cryptographic key used to decrypt data or create digital signatures, kept confidential by its owner to ensure security.
Example: Only the recipient can decrypt the message with their private key.
See also: Public Key, Encryption
A set of rules for data communication between devices.
Example: HTTP and FTP are common internet protocols.
A cryptographic key shared openly to encrypt data or verify digital signatures, paired with a private key in asymmetric encryption.
Example: The sender used the public key to encrypt the file.
See also: Private Key, Encryption
Quality of Service (QoS) is a networking feature that prioritises certain types of traffic to ensure reliable performance, especially for time-sensitive data like voice or video.
Example: The network administrator enabled QoS to prioritise video conferencing traffic over general web browsing in the office.
A type of two-dimensional barcode that stores data and can be scanned using a smartphone or other camera-enabled device to quickly access information such as URLs, contact details, or other information.
Example: The restaurant menu was available by scanning a QR code on the table.
A method of encrypting data using principles of quantum mechanics to ensure secure communication that is resistant to hacking.
Example: Quantum key distribution is used to exchange encryption keys securely between two parties.
A request for data or information from a database.
Example: She ran a query to find all orders from July.
A data storage technology that combines multiple physical drives to improve performance, redundancy, or both.
Example: The server used RAID 5 to protect data against drive failures.
A type of temporary computer memory that stores data and instructions currently in use, allowing quick access by the processor. RAM is cleared when the device is turned off.
Example: Adding more RAM improved the computer's performance.
A type of malware that encrypts a user's data or system, with attackers demanding payment (ransom) to restore access.
Example: An employee opens a malicious email attachment, causing ransomware to encrypt company files until a ransom is paid.
See also: Malware
Malware that allows attackers to remotely control an infected system, often used for surveillance or data theft.
Example: An attacker uses a RAT to activate a victim's webcam and monitor their activity.
An attack where valid data is captured and resent to trick a system into unauthorised actions.
Example: An attacker intercepts and replays a login request to gain access to a secure system.
See also: Wormhole Attack
A central location where data or software code is stored and managed.
Example: The source code was stored in a GitHub repository.
The process of reducing the likelihood or impact of security threats through proactive measures and controls.
Example: Encrypting sensitive data and enforcing strong passwords to mitigate the risk of data breaches.
An unauthorised Wi-Fi access point installed on a network, often used by attackers to intercept traffic.
Example: A hacker sets up a rogue access point in a coffee shop to steal data from users who connect.
A type of non-volatile storage in a computer that contains permanent data and instructions, which cannot be easily modified or erased by the user.
Example: The computer's firmware is stored in ROM, ensuring it remains intact even when powered off.
A networking device that forwards data packets between computer networks, typically connecting a local network to the internet and managing traffic within the network.
Example: They reset the router to fix the Wi-Fi connection.
A high-speed network that provides access to consolidated block-level storage, typically used in data centres.
Example: A Sydney-based data centre uses a SAN to provide scalable and reliable storage to multiple servers.
A security technique that isolates applications, processes, or files in a controlled environment to prevent them from affecting the main system. This method allows security professionals or systems to test or analyse suspicious code safely without risking harm to the primary network or data.
Example: Before deploying a new software update, the IT team runs it in a sandbox environment to check for potential vulnerabilities or compatibility issues.
A set of standards for connecting and transferring data between computers and peripheral devices.
Example: An older server uses a SCSI interface to connect to external tape backup devices.
See also: Hardware
An attack where an attacker takes over an active user session to gain unauthorised access to data or services.
Example: An attacker intercepts a user's session token to gain access to their email account.
An attack that exploits indirect information, such as power consumption or timing data, to extract sensitive information.
Example: Analysing the power usage of a device to determine encryption keys.
A security solution that collects, analyses, and correlates log data from various systems to identify security threats, ensure compliance, and provide real-time incident alerts.
Example: A retail company uses a SIEM system to monitor login attempts across all its branches, detecting an unusual spike in failed login attempts from foreign IP addresses, indicating a potential brute-force attack.
Malicious software that secretly gathers information about a user's activities without their knowledge, often to steal sensitive data.
Example: Spyware installed on a smartphone monitors calls, messages, and location, sending the data to an attacker.
See also: Malware
A programming language used to manage and manipulate relational databases.
Example: An analyst writes an SQL query to retrieve customer data from a company's database.
See also: MySQL
A type of attack where malicious SQL code is inserted into a database query to manipulate or steal data.
Example: An attacker enters specially crafted input into a website's login field to bypass authentication and access the database.
A storage device that uses flash memory to store data, offering faster access speeds and greater durability compared to traditional hard drives.
Example: Installing an SSD significantly reduced the computer's boot time.
SSL (Secure Sockets Layer) = A cryptographic protocol designed to establish a secure and encrypted connection between two systems over a network. SSL ensures that data transmitted between these systems remains confidential, authenticated, and protected from interception or tampering. While commonly associated with securing communication between web browsers and web servers (HTTPS), SSL can also secure email communications, file transfers, instant messaging, and other network services. Although SSL has been largely replaced by its successor, TLS (Transport Layer Security), the term "SSL" is still widely used to refer to secure communication protocols.
Example: When you see a padlock icon in your browser's address bar, it indicates the website is using SSL/TLS encryption.
See also: TLS, SSL Certificate
The practice of hiding secret information within other non-suspicious data, such as images or audio files.
Example: Someone embeds a confidential message within an image file and sends it via email. Only the intended recipient, who knows how to extract the hidden text, can read the message.
TLS (Transport Layer Security) = A cryptographic protocol designed to provide secure and encrypted communication between two systems over a network. TLS ensures data confidentiality, integrity, and authentication during transmission, protecting it from interception, tampering, or forgery. TLS is the successor to SSL (Secure Sockets Layer) and offers improved security, stronger encryption algorithms, and better performance. It is widely used to secure web traffic (HTTPS), email communications, file transfers, instant messaging, and other network-based services.
Example: Websites with HTTPS use TLS to protect data during transactions, such as online banking or shopping.
See also: SSL
The process of replacing sensitive data, like credit card numbers, with unique tokens that have no exploitable value, enhancing security.
Example: When making an online payment, your credit card number is replaced by a token so the actual data isn't stored on the retailer's server.
The process of monitoring and examining network traffic to detect patterns, anomalies, or potential security threats.
Example: Analysts notice an unusual amount of data being sent to an external server, indicating potential data exfiltration.
A type of malware (malicious software) that appears to be legitimate or useful but, once installed, performs hidden malicious activities, such as stealing data, installing additional malware, or providing remote access to attackers.
Example: A user downloads what appears to be a free software program, but once installed, it secretly allows attackers to remotely control the computer.
The process of sending data through a secure, encrypted channel within a network, often used in VPNs.
Example: A remote worker uses a VPN to tunnel their internet traffic securely through the company's network.
See also: VPN
The process of sending data from a local device to a remote server or system over a network, typically the internet.
Example: She uploaded her resume to the job application website.
See also: Download
Malicious code that attaches itself to legitimate files and spreads when the infected file is executed, causing harm to systems or data.
Example: You open a file attachment from an unknown sender, and it infects your computer with a virus that deletes important files.
A technology that securely extends a private network across a public network, allowing users or multiple networks to connect as if they were directly linked to the private network. A VPN creates an encrypted tunnel that protects data integrity and confidentiality while in transit. This enables remote users to securely access private resources and allows organisations to securely connect multiple office locations over the internet.
Example: A company uses a VPN to connect its headquarters' network with branch offices, allowing employees to share resources and data securely between locations.
See also: Tunnelling, VPN Service
A commercial offering provided by third-party companies that allows users to encrypt their internet traffic, mask their IP address, bypass geographical restrictions, or attempt to maintain privacy while browsing the internet. However, while a VPN service can help protect data in transit and obscure a user's location, it carries its own risks and does not guarantee complete anonymity or security from all types of cyber threats.
Example: A user subscribes to a VPN service to encrypt their internet connection while using public Wi-Fi at an airport, preventing potential attackers from intercepting their sensitive information.
See also: VPN
The automated extraction of data from websites, which can be used for legitimate purposes or malicious activities.
Example: A company scrapes product prices from competitors' websites to adjust their pricing strategy.
A website is a collection of related web pages accessible under a single domain, hosted on a server and available via the internet.
Example: The Australian Bureau of Statistics maintains a website with national data and reports.
See also: Web Page
A network security attack where an attacker captures data packets at one location in a network, tunnels them to another location, and then replays them, disrupting communication or bypassing security measures. This attack is commonly seen in wireless networks, such as ad hoc or sensor networks.
Example: In a corporate Wi-Fi network, an attacker sets up rogue devices to intercept data packets from employees' laptops, tunnels them to a remote server, and replays them to gain unauthorised access to confidential business data.
See also: Replay Attack
A security protocol designed to protect wireless networks by encrypting data and ensuring secure communication.
Example: WPA3 encryption is used on home Wi-Fi routers to prevent unauthorised access.
An advanced security solution that integrates multiple security layers (such as endpoint, network, cloud, and email security) into a unified platform to provide enhanced threat detection and response capabilities.
Example: An XDR platform detects a phishing email sent to an employee, tracks the related network activity, and automatically blocks any malicious connections to prevent data exfiltration.
An attack that targets a vulnerability unknown to the software vendor, giving them "zero days" to provide a fix.
Example: An attacker discovers a flaw in a web browser and uses it to steal data before a patch is released.