# Common cybersecurity terminology

#   


<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">As you’ve learned, </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**cybersecurity**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> (also known as security) is the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation. In this reading, you’ll be introduced to some key terms used in the cybersecurity profession. Then, you’ll be provided with a resource that’s useful for staying informed about changes to cybersecurity terminology.</span>

## <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Key cybersecurity terms and concepts</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">There are many terms and concepts that are important for security professionals to know. Being familiar with them can help you better identify the threats that can harm organizations and people alike. A security analyst or cybersecurity analyst focuses on monitoring networks for breaches. They also help develop strategies to secure an organization and research information technology (IT) security trends to remain alert and informed about potential threats. Additionally, an analyst works to prevent incidents. In order for analysts to effectively do these types of tasks, they need to develop knowledge of the following key concepts. </span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Compliance**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Security frameworks**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> are guidelines used for building plans to help mitigate risks and threats to data and privacy.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Security controls**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Security posture**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> is an organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">A</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> **threat actor**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">, or malicious attacker, is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">An </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**internal threat**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">*intentionally*</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> engages in risky activities, such as unauthorized data access.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Network security**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> is the practice of keeping an organization's network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Cloud security**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> is the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Programming**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> is a process that can be used to create a specific set of instructions for a computer to execute tasks. These tasks can include:</span>

<div class="rc-CML" dir="auto" id="bkmrk-automation-of-repeti" style="box-sizing: border-box; -webkit-font-smoothing: antialiased; color: rgb(31, 31, 31); font-family: OpenSans, Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;"><div class="rc-CML" dir="auto" style="box-sizing: border-box; -webkit-font-smoothing: antialiased; color: rgb(31, 31, 31); font-family: OpenSans, Arial, sans-serif; font-size: 14px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;"><div style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"><div data-track="true" data-track-action="click" data-track-app="open_course_home" data-track-component="cml" data-track-page="item_layout" role="presentation" style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"><div data-track="true" data-track-action="click" data-track-app="open_course_home" data-track-component="cml_link" data-track-page="item_layout" style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"><div class="css-18w79dz" data-testid="cml-viewer" style="box-sizing: border-box; -webkit-font-smoothing: antialiased; white-space: pre-wrap; overflow-wrap: break-word;">- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Automation of repetitive tasks (e.g., searching a list of malicious domains)</span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Reviewing web traffic </span>
- <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Alerting suspicious activity</span>

</div></div></div></div></div></div>## <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Key takeaways</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">Understanding key technical terms and concepts used in the security field will help prepare you for your role as a security analyst. Knowing these terms can help you identify common threats, risks, and vulnerabilities. To explore a variety of cybersecurity terms, visit the </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">[National Institute of Standards and Technology glossary](https://csrc.nist.gov/glossary)</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">. Or use your browser to search for high-quality, reliable cybersecurity glossaries from research institutes or governmental authorities. Glossaries are available in multiple languages.   
i also have a bunch of data in this glossary search on this site  
</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">[https://library.naruzkurai.tk/search?term=glossary](https://library.naruzkurai.tk/search?term=glossary)</span>