Cengage Mod3-4 Vocab

active reconnaissance

Using methods and tools that directly engage a target to gather intelligence.

Censys

A passive reconnaissance tool and website used to discover, monitor, and analyze data about Internet‑accessible devices.

common vulnerabilities and exposures (CVE)

A database of cybersecurity flaws discovered in software and hardware.

Common Weakness Enumeration (CWE)

A database of cybersecurity weaknesses in servers, applications, and hardware.

computer emergency response team (CERT)

An organization providing cybersecurity information globally.

crawling

Navigating a website's structure to discover pages, links, and folders.

dig

A Linux tool used to query and transfer DNS information.

distribution group

A collection of user identities used to send messages to all members.

Domain Name System (DNS)

A hierarchical naming system resolving computer names into IP addresses.

domain registrar

An authority that controls and distributes domain names.

domain registration authority

An authority managing domain distribution.

enumeration

Analyzing and recording characteristics such as IPs, services, and operating systems.

ExifTool

Software for manipulating file metadata.

Fingerprinting Organizations with Collected Archives (FOCA)

A tool analyzing file metadata.

firewall

A security device allowing or blocking network traffic.

Google Hacking Database (GHDB)

A set of search terms revealing sensitive information via Google.

hop

A router an IP packet travels through.

Internet Assigned Numbers Authority (IANA)

Oversees global IP address allocation and DNS root zone management.

load balancer

Hardware/software distributing requests among servers.

Maltego

An OSINT tool showing relationships between open‑source data.

metadata

Data describing other data.

network topology

A diagram of how network devices connect.

open source intelligence (OSINT)

Free publicly available information.

packet sniffing

Intercepting IP traffic with tools like Wireshark.

passive reconnaissance

Gathering intelligence without direct engagement.

password dumps

Collections of breached passwords used in attacks.

ping sweep

Determining active IP addresses using automated ping tools.

public source‑code repository

Library of freely accessible code.

Recon-ng

A framework for open‑source web reconnaissance.

scraping

Retrieving information from websites.

security group

Access‑control object assigning permissions.

share

A folder available remotely to other computers.

Shodan

A search engine scanning Internet‑connected devices.

social media scraping

Collecting intelligence from social networks.

spidering

Following links to discover website content and structure.

SSL/TLS certificate

Provides identification and encryption.

theHarvester

Tool discovering emails, ports, banners, and other data.

traceroute

Linux command determining router paths.

tracert

Windows version of traceroute.

war driving

Scanning for wireless access points while moving.

web application firewall (WAF)

Firewall protecting websites.

well‑known port number

Ports 0-1023 assigned to standard services.

Whois service

Tool for gathering domain name information.

Wireshark

Packet‑sniffing and analysis application.

Zenmap

Graphical front‑end for nmap.

zone transfer

DNS data sharing between servers.

best practice

A procedure proven to produce optimal results.

black box test

Test where the pen tester has zero knowledge.

cardholder data environment (CDE)

Systems handling cardholder data.

compliance

Ensuring activities meet laws, regulations, and policies.

compliance‑based assessment

Testing mandated by compliance rules.

data protection officer (DPO)

GDPR‑mandated data protection role.

FIPS

U.S. federal computer system standards.

GDPR

EU law governing personal data protection.

goal‑based assessment

Testing focused on specific systems or processes.

governance

Ensuring organizational activities align with goals.

GLBA

U.S. law requiring financial institutions to safeguard data.

gray box test

Test with partial knowledge.

HIPAA

U.S. law protecting patient health information.

impersonation

Pretending to be someone else to gain access.

ISSAF

A now‑outdated pen‑testing standard.

IaaS

Cloud service providing virtualized computing resources.

insider threat

Threat originating from inside an organization.

ISO 27001

International information security standard.

master service agreement (MSA)

Governs the relationship between client and tester.

MITRE ATT&CK

Global framework of threat behaviors and techniques.

nondisclosure agreement (NDA)

Legal agreement preventing information disclosure.

OSSTMM

Peer‑reviewed security testing methodology.

OWASP

Web application security community and resources.

PCI DSS

Payment card data security standard.

PTES

Penetration Testing Execution Standard.

phishing

Fraudulent messages to steal data.

PaaS

Cloud platform allowing user‑installed apps.

pseudonymization

Removing personal identifiers from stored data.

red‑team assessment

Simulated targeted attack.

regulatory compliance

Following required rules or laws.

risk

Potential loss of confidentiality, integrity, or availability.

rules of engagement (ROE)

Defines boundaries for a pen test.

Sarbanes‑Oxley Act (SOX)

U.S. law regulating corporate finances.

scope

The limits and definitions of a project.

scope creep

Uncontrolled growth of project scope.

service level agreement (SLA)

Agreement detailing service expectations.

shoulder surfing

Observing someone's activities to steal information.

social engineering

Manipulating people into compromising security.

Software as a Service (SaaS)

Access to hosted cloud applications.

spear phishing

Targeted phishing aimed at a specific group.

statement of work (SOW)

Contract defining project details.

threat modeling

Identifying and prioritizing threats.

whaling

Phishing targeting high‑level executives.

white box test

Test with full system knowledge.