Terms you may encounter in some of our cybersecurity training programs.

Data theft

When data is stolen through insider or outsider actions. Examples are hacking with remote exfiltration, unauthorized copying data via USB or other external devices, unauthorized copying data to cloud services, Unauthorized emailing of data, stolen devices or servers, as well as other techniques.

Denial-of-Service attack

Any activity that makes a service unavailable for use by legitimate users, or that delays system operations and functions.

Deny list

Typically handled by an IT administrator. An access control list used to deny specific items (e.g. applications, email addresses, domain names, IP addresses) known to be harmful.


The monitoring and analyzing of system events in order to identify unauthorized attempts to access system resources.

Digital signature

A cryptologic mechanism used to validate an item’s (e.g. document, software) authenticity and integrity.


Converting information from one form to another to hide its content and prevent unauthorized access. Encryption makes data unreadable unless you have a special key (long password) to descramble it.

End-to-end encryption

A confidentiality service provided by encrypting data at the source end-system, with corresponding decryption occurring only at the destination end-system.

End-user systems

End systems for human use, such as a desktop with a personal computer (display, keyboard, mouse, and operating system).


The unauthorized removal of data or files from a system by an intruder.


A security barrier placed between two networks that controls the amount and kinds of traffic that may pass between the two. This protects local system resources from being accessed from the outside.