internet security terms

38 Internet Security Terms You Should Know

Internet security can be an overwhelming topic. It can feel like the only people who can understand it are computer geniuses. There are some terms that anyone who uses the internet should be aware of. We’ve put together this list to help you get started!

Access Control

Access control, simply, is a security technique that controls or regulates who can view or use a specific resource in a computing system. It is split into two different types of control: physical access control and logical access control.

Access control involves authenticationauthorization and audit. What this means is that the system has to determine who is seeking access and if they are someone who should be granted access. The audit process involves checking who has been granted access and if any unwanted parties have slipped through the system.


Adware is an unwanted computer program that’s main purpose is to display ads on your computer. It generates ad revenue for its developer while providing little to no actual value for people who have downloaded it.

Many legitimate software applications and websites use online advertising. Adware is different because it can be installed on your computer without you noticing, and puts unwanted ads on your computer.

Read More: What is Adware and How to Get Rid of It?

Antivirus Software

Antivirus software runs on your computer and scans files or directories for any patterns that match malware or malicious characteristics. The software can alert you if it finds any threats on your machine.

One thing to note about antivirus software, along with any privacy and security measure, is that they aren’t perfect. Because computer viruses are constantly changing in how they work and how they look, it’s impossible for a program to catch everything.

Asymmetric Encryption

Asymmetric encryption is also known as public key cryptography. It is a newer alternative to symmetric encryption. Asymmetrical encryption uses two separate keys to encrypt a message, a public key and a secret key.

Asymmetric Encryption

The public key is freely available to anyone who could possibly send you a message. The private key is where the security comes in. It’s kept a secret and is used for the receiving party to decrypt your message.

Read More: What is Encryption and How Does It Work?


Authentication is the process or action of verifying your identity or a process’ identity. It’s important because it allows organizations to keep their networks secure by only allowing authenticated, and authorized, users or processes to access protected resources.

Authentication goes hand in hand with authorization which then determines if the authenticated user has the appropriate permissions to view the requested resources. It is possible for a user to be authenticated but then denied authorization to view certain files or other assets on the network.


Backdoors are undocumented portals that allow administrators or other third parties to enter the system for troubleshooting, upkeep or other reasons. A backdoor can also be a secret portal that allows hackers and intelligence agencies to access a certain system.

Administrative backdoors, while useful for remote administration or maintenance, they also create security vulnerabilities. Even if they aren’t fully disclosed, someone could still access the backdoor and crack the administrative credentials or find another way in.

 Browser Hijacker

Browser hijackers, according to Norton, are a form of unwanted software that modifies a web browser’s settings without the users’ permission. These programs often take control of a user’s browser and replace their home page or other pages with ads. Browser hijackers may also contain spyware or discreetly ask for user permission to obtain banking information or other sensitive data.

Certificate Authority

Certificate authorities acts as a trusted third party that issues digital certificates. These certificates are electronic documents used to prove the ownership of a public key. These public keys are used by anyone to encrypt messages intended for a certain recipient. The recipient then uses its key (the private key) to decrypt the message.


Cookies are small files  which are stored in a user’s browser or computer. They are designed to hold a small amount of data from a particular client or website. Either the web server or the client device can access the cookie. The information in the cookie tells the sites you visit small bits of information about customizing the sites you visit.

Read More: What Are Cookies? Computer Cookies Explained


DDoS stands for distributed denial of service. DDoS is closely associated with attacks involving breaking or crashing a computer network by flooding it with data sent from many computers all at once. According to Cloudflare, “exploited machines can include computers and other networked resources such as IoT devices.” It also compares DDoS attacks to traffic jams, clogging up highways, preventing regular users and traffic from reaching its desired destination.

Read More: What is a DDoS Attack? – Cloudflare

Dynamic Host Configuration Protocol (DHCP)

Dynamic Host Configuration, or DHCP, is a protocol used to provide quick, automatic, and central management for the distribution of IP addresses within a network. DHCP automatically configures network information and issues unique IP addresses.

In most cases, a router acts as the DHCP server. In larger, enterprise networks a single computer may act as the DHCP server.

Read More: What is DHCP? – Lifewire

Digital Certificate

Digital certificates are attached to electronic messages used for security purposes. These certificates are most widely used to verify that a user sending a message is actually who he or she claims to be and to provide the receiver with the tools to encode a reply.

For a user to send an encrypted message applies for a digital certificate from a certificate authority. The certificate authority issues an encrypted digital certificate with a public key and other identifying information.


A domain is essentially the words used to identify a specific website. Your devices, like your computer or phone, use IP addresses to identify websites. However, it’s much simpler for people to remember words than the numbers in an IP address.

The words you type in your address bar at the top of your browser, like

Read More: What is a Domain Name? – Namecheap

Domain Name System (DNS)

The Domain Name System (DNS) is the way that domain names are found and then translated into their IP address format. DNS maps the URLs of the sites you visit to the correct IP address, so that when you visit a website like you will actually be taken to Facebook and not some random website.


Encryption is a process that encodes a message or file so that it can be only be read by certain people. Encryption uses an algorithm to scramble, or encrypt, data and then uses a key for the receiving party to unscramble, or decrypt, the information. The message contained in an encrypted message is referred to as plaintext. In its encrypted, unreadable form it is referred to as ciphertext.

Read More: What is Encryption & How Does It Work?

File Transfer Protocol (FTP)

File Transfer Protocol is an internet protocol used to transfer files between computers over the internet using TCP/IP connections. It relies on two communication channels between the client and the server: one channel to control the communication, and one to actually transfer the data.

Once the client’s computer is connected to the server, the client can do a number of file manipulation function, including uploading or downloading files and monitoring network connection requests.

Read More: File Transfer Protocol – TechTarget

Gap Analysis

Gap Analysis is the process of checking the systems or software application against the business requirements or goals you’re working towards. The gap you are looking at is the space between your current system performance compared to where it needs to be to reach your business’ goals.

Ideally, a gap analysis considers the current state and the future state of your business to make security systems sustainable for the long term.

Read More: What is a Gap Analysis? – Lucidchart


The term hacker is sort of an umbrella term that includes people that use their computer skills and technical knowledge to overcome a problem. Actually “hacking” something can be positive or negative. It could be ethically solving a problem or breaking into a system to access sensitive information.

Read More: What is a Hacker – Computer Hope


HTML is short for hypertext markup language. It is the standard markup language for creating web pages. HTML is used to describe the structure and general appearance of websites. The purpose of a web browser is to read the HTML and transform the code into its visual appearance.


HTTP stands for hypertext transfer protocol. It is essentially the basis of data communication for the internet. This transfer protocol defines how messages are formatted and transmitted on the internet. HTTP is called stateless protocol because every command is run independently, without any knowledge of the commands that have run before.

HTTPS denotes the secure version of HTTP. The ‘S’ at the end of HTTPS stands for secure. This secure protocol encrypts your connection between your computer and the websites you’re visiting.

IP Address

An IP Address is a unique identifier for device connected to a network. Your ISP, or internet service provider, is responsible for assigning you an IP address. However, you don’t always carry the same IP address around with you. If you’re on a public WiFi network at a coffee shop, you will have a different IP address than if you’re on your own network.

Your IP address works kind of like an address in the physical world. If you’re downloading something or just visiting a website, your IP address identifies where to send that data.

ISP (Internet Service Provider)

Internet service providers, are the companies that provide users with internet access. For most people their ISP is a cable company, or a company like Google Fiber. ISPs act as the gateway to your (and everyone else’s) internet access. Your ISP is how your computer on your network gets connected to all of the other servers on the internet.

Read More: What is an Internet Service Provider? – What is My IP Address


Keyloggers are typically malicious programs designed to monitor and log what you type into your computer. These tools have legal and appropriate uses including parental control, enterprise security and other security functions. However, there are countless malicious uses for keyloggers.

If you are unaware of a keylogger running on your computer it could potentially gather your financial information or bank login information and steal your money. A keylogger could collect your password to your email or other accounts to collect other information that could be harmful in the wrong hands.

Read More: Keyloggers: How They Work and How to Detect Them – Kaspersky Lab

Local Area Network (LAN)

A local area network (LAN) is a group of computers and other devices that share a common link to a server. LANs can serve a small amount of users in devices in a small office, all the way up to hundreds of devices in a large company.

Computers and these other devices use a LAN connection to share resources such as a printer or network storage.

Read More: What Is A Local Area Network (LAN)? – How-To Geek


Malware is short for malicious software. Generally, it is software created with the sole purpose of harming people’s devices, stealing people’s data or just spy on people. There are a few different kinds of malware: viruses, trojans, spyware and adware are a few common ones.

Each kind of malware has its own way of affecting the devices it’s installed on. Most anti-virus software can detect and prevent most malware threats.

Read More: What is Malware and How Can We Prevent It? – Comodo Antivirus


Phishing is when someone sends fraudulent emails or messages posing as a reputable person or company. The purpose of this is to convince someone to share personal information like passwords or credit card numbers.

Common signs of phishing attacks are if someone is offering you something that is too good to be true or has an email address or identifier that doesn’t align with the company or group they claim to be representing.

Read More: What is Phishing? –

Platform-as-a-service (PaaS)

A platform-as-a-service is when a provider offers hardware and software tools over the internet. PaaS originally was intended for applications on public cloud services. It can also provide “virtual hardware” such as storage and network infrastructure.

Proxy Server

Proxy Servers are ways for internet users to redirect their internet connections through a proxy so their connection appears to come from a different IP address identity. Proxies work by making the requests for the websites you navigate to so that the connection comes from the proxy and not your IP address. You can use a proxy to bypass firewalls at work or at school.

Read More: What is a Proxy Server and How Does it Work? – Varonis


According to the United States Computer Emergency Readiness Team, “Ransomware is a type of malicious software or malware, designed to deny access to a computer system or data until a ransom is paid.” It commonly spreads through phishing emails or by users unknowing visiting an infected website.


server is an instance of a computer program or device that accepts and responds to requests made by a client. According to Computer Hope, “a good metaphor would be a customer (client) ordering a package then the mailman (server) delivering it to them or someone else.”

Servers are used to manage resources on a network. A user may set up a server to control access to a network, send and receive emails, manage print jobs, or host a website.

Software-as-a-service (SaaS)

Software-as-a-service is related to platforms-as-a-service. This type of software offering involves offering a software to an individual or company as a recurring service rather than a one time investment. Examples of SaaS include Salesforce, Microsoft Office 365, Amazon Web Services and Dropbox.

It’s advantageous for companies to use these types of software rather than the traditional software model because the service provider takes care of the security, availability and performance.

Read More: 10 Popular Software as a Service (SaaS) Examples – Nerdio


Spoofing is when communication is sent from an unknown source disguising itself as a reliable and familiar source to the receiver. It is most common in systems with weak or poor security. Spoofing is a commonly used tactic for email phishing.

SSL & SSL Certificates

SSL stands for Secure Sockets Layer. It is a cryptographic protocol that helps encrypt communications over a computer network. It creates a secure transfer of sensitive information, like financial information, passwords, and Social Security numbers (websites that collect credit card information are required to have an SSL certificate on their site).

SSL Certificates are small data files that digitally bind or connect a cryptographic key to an organization’s details. Sites with these certificates enabled are denoted by HTTPS and typically a padlock in the address bar, depending on the browser you use.

Read More: What is an SSL Certificate? – GlobalSign

Two-Factor Authentication

Two-factor authentication is when a website or service requires you to use two methods to verify your identity. In addition to using a password, you may receive a code via text message or you may have to identify certain images before being granted access.

You may already be using two factor authentication on your online accounts without noticing. If you’ve ever had to type in a code you received via text message to log-in, or identify pictures of your friends before being able to log in to Facebook, you’ve used it. Two factor authentication, also referred to as 2FA, adds extra security to your accounts and helps prevent your accounts from getting hacked.

Read More: What is Two-Factor Authentication? What Does It Do?

Virtual Private Network (VPN)

VPN stands for virtual private network. Through the use of software VPNs create a virtual network between two separate physical networks. For example, if you are connected to your home Wi-Fi network, but need to connect to your office internet to access your company’s intranet VPNs allow you to do this. Along with this functionality, you can use VPNs to direct your internet connection through a number of locations to hide your true location or identity.

Read More: 22 VPN Services to Protect Your Privacy


A computer virus is much like an actual virus like the flu. These are designed to spread from one computer to another, and from one file to another on a computer. There are thousands of types of viruses, all with different ways of getting into your computer, affecting your device, or spreading on your device.

Read More: What is a Computer Virus? – Norton

Wide Area Network (WAN)

A wide area network (WAN)  is a geographically distributed private network that interconnects multiple local area networks. In a large company, a WAN may be made up of connections to a company’s headquarters, branch offices, and other locations.

Read More: What Is a Wide Area Network (WAN)?


XML stands for extensible markup language which is used to store and transport data. It is specifically a language and does not actually do anything on its own. XML is similar to HTML in that it is a language designed to transmit data. Where they diverge is that XML’s purpose is to carry data, while HTML is intended to display data.

Read More: What is XML? – W3Schools

Let us know if you think there are any important terms we may have missed. This list isn’t a complete representation of the terms surrounding cybersecurity, but it’s a good place to start for the uninitiated.