refers to the extra work or cost that results from taking shortcuts or quick fixes in software development instead of implementing the best long-term solution.
It’s like cutting corners when building a house — it’s faster now, but you’ll spend more time and money fixing the problems later.
Technical Debt
is a security behavior where, if a security control (like a firewall, intrusion prevention system, or authentication server) fails or goes offline, it allows traffic or access to continue instead of blocking it.
If an authentication server fails and the system is in ___, users might be granted access to continue working — even without proper authentication.
fail-open mode
means that if a security device or control (like a firewall, authentication system, or intrusion prevention system) fails or stops working, it blocks all access or traffic until it’s restored.
Fail-closed mode
a formal contract between a service provider and a customer that defines the expected level of service — including performance standards, responsibilities, and consequences if those standards aren’t met.
A cloud provider guarantees 99.9% uptime per month.
If downtime exceeds this, the provider must give a service credit to the custome
SLA
promotes the seamless collaboration of security teams and developers by integrating code changes regularly into a shared repository. This practice helps in identifying and addressing security issues early in the development process, ensuring that security is prioritized throughout the software development lifecycle.
Ex. Github
Continuous integration
happens when two or more processes or threads try to access or modify the same resource at the same time, and the final outcome depends on which one finishes first. This can lead to unpredictable behavior or security vulnerabilities.
Ex. An attacker might exploit a banking app by sending two withdrawal requests at nearly the same time — before the balance updates — causing double withdrawal.
Race Condition
is the process of digitally signing software or code using a cryptographic certificate to verify who created it and ensure that it has not been altered or tampered with since it was signed.
Ex. It’s like putting a wax seal on a letter — if the seal is intact, you know who sent it and that nobody changed the contents.
Code signing
is the process of testing and evaluating software while it’s running to find vulnerabilities, bugs, or security issues that only appear during execution.
ex. A cybersecurity analyst runs an unknown executable in a sandbox to see if it tries to connect to a malicious server or modify system files — revealing if it’s malware.
Dynamic analysis
the latest Wi-Fi security standard, designed to provide stronger encryption, better password protection, and improved defense against attacks compared to older versions
ex. If an attacker captures Wi-Fi traffic at a coffee shop using ___, they can’t read your data — even if the network is public or they later learn your password.
WPA3
framework for network authentication — it allows different methods (like passwords, certificates, or smart cards) to verify a user’s identity before granting network access, especially in wireless and VPN connections.
ex. When an employee connects to a company’s secure Wi-Fi, __ ensures they can only join if their device has a valid digital certificate, preventing outsiders from logging in.
EAP (Extensible Authentication Protocol)
is a network protocol that provides centralized authentication, authorization, and accounting (AAA) for users who connect to a network. It’s commonly used for Wi-Fi, VPNs, and remote access.
Ex. An employee connects to the company’s WPA2-Enterprise Wi-Fi. The access point sends their username and password to the __, which verifies the credentials and allows network access if valid.
RADIUS server
is a protocol used to access and manage directory services over a network. Directory services store information about users, groups, devices, and resources, making it easier to organize, search, and authenticate them.
Ex. A company uses __ to manage employee accounts. When an employee logs into their workstation, the system queries the __ directory to verify the username and password, then grants access to network resources based on their group membership.
LDAP (Lightweight Directory Access Protocol)
is how malicious software spreads from one system to another. It’s the set of techniques attackers use to make malware move, multiply, and infect more devices or systems.
ex. A user receives an email with an attachment that runs a downloader. The downloader installs a worm that scans the LAN for vulnerable RDP servers, brute‑forces weak passwords, and copies the malware to other systems — quickly turning one infected PC into dozens.
Malware propagation
the channel attackers use to send instructions to compromised machines (bots/agents) and to receive data (stolen files, status, logs) from them. It’s how a threat actor controls and coordinates malware or a botnet after initial compromise.
ex. A laptop gets infected with malware that secretly connects to a remote server on the internet. The server tells the malware what to do, like stealing files or spreading to other devices. The attacker can watch and send new instructions through this channel.
C2 Communication
A company’s access control mechanism determines access to resources based on users’ job functions. The system enforces access control based on these predefined responsibilities, and users do not have the discretion to modify or override access permissions.
RBAC
It’s like granting access depending on multiple factors — not just the job title, but also things like location, time, device, or security clearance.
Ex. An employee can access financial reports only if they are in the Finance department, using a company laptop, and it is during business hours.
ABAC
Grants or denies access to resources based on predefined rules or conditions set by administrators, rather than roles or attributes.
Ex. A server is configured so that any login attempts after 8 PM are denied, no matter who the user is.
Rule-Based Access Control
is a quantitative measure, usually expressed as a number between 0 and 1, or as a percentage, indicating the statistical likelihood of a risk event
Probability
is a way to categorize the seriousness or impact of a problem, vulnerability, or incident, usually from low to critical, to help prioritize responses.
ex. A vulnerability that allows an attacker to take full control of the company’s main database is rated critical, while a bug that causes a minor display error on a website is low severity.
Severity ranking
the percentage of an asset’s value that would be lost if a specific threat or incident occurs. It helps quantify potential financial or operational impact in risk assessments.
Exposure factor
the process of identifying, assessing, and prioritizing risks to an organization’s assets, systems, or operations, often to decide how to manage or mitigate them.
ex. A web server stores customer data. A vulnerability in the server software could be exploited. The security team:
-Identifies the vulnerability.
-Estimates a 10% chance it’s exploited and a potential $50,000 loss.
-Calculates risk: 0.1 × 50,000 = $5,000 expected loss.
-Decides whether to patch immediately or implement additional controls.
Risk analysis
The process of detecting, investigating, and responding to cybersecurity incidents to minimize damage, recover quickly, and prevent future incidents.
ex. t’s like a fire drill for cyberattacks — when something goes wrong, you follow a plan to contain the problem, fix it, and learn from it.
Incident response
is an individual or organization that determines the purposes and means of processing personal data. They decide what data is collected, how it is used, and for what reasons.
ex. An online store collects customer names, addresses, and payment info to process orders. The store is the data __ because it decides what information is collected and how it’s used.
Data Controller
is the individual or entity responsible for the overall management, protection, and classification of specific data. They ensure that the data is accurate, secure, and used properly.
ex. In a hospital, the medical records department head is the data ___ of patient records. They determine who can access the records, how long they are stored, and how they must be protected.
Data Owner
