This glossary is from Learning Ransomware Response & Recovery by W. Curtis Preston and Dr. Mike Saylor. Browse all letters of the glossary or get the book.
Acceptable Use Policy – A policy that defines how an organization’s devices and systems can and cannot be used by employees.
ACLs (Access Control Lists) – Network security rules that control which traffic is allowed or blocked between network segments or devices.
ACSC (Australian Cyber Security Centre) – Australia’s national cybersecurity agency providing 24/7 incident support via 1300 CYBER1.
Active Directory (AD) – Microsoft’s directory service that manages network resources, user authentication, and permissions in Windows environments.
AI (Artificial Intelligence) – Computer systems that can perform tasks requiring human-like intelligence, used in detection systems to identify patterns and anomalies.
Air Gap/Air-gapped – A security measure where systems or data are physically isolated from networks, with no direct connection to other systems or the internet.
Alert Fatigue – A condition where security personnel become desensitized to alerts due to excessive false positives, potentially causing them to ignore genuine threats.
ALPHV/BlackCat – A sophisticated ransomware variant known for polymorphic code and double extortion tactics.
Antivirus/Anti-malware – Software designed to detect, prevent, and remove malicious software from systems.
API (Application Programming Interface) – A set of protocols that allows different software applications to communicate with each other.
Application Whitelisting/Allowlisting – Security approach that only allows pre-approved applications to execute on a system, blocking all others.
Asset Inventory – A comprehensive catalog of all IT assets including hardware, software, and data within an organization.
ATA SECURE ERASE – A command that instructs a storage device’s firmware to cryptographically erase all data, including hidden areas like remapped sectors and over-provisioning space.
Attack Surface – The total number of points where an attacker could potentially gain unauthorized access to a system or network.
Availability Zone – Independent data centers within a cloud region, separated by miles but close enough for fast data transfer, protecting against individual data center failures.
AWS CloudTrail – Amazon’s audit logging service that records API calls and activities across AWS infrastructure.
Azure Activity Logs – Microsoft Azure’s logging service that tracks resource access, modifications, and security events.