4. General Terminology

  • Vulnerability: A weakness that can be exploited
  • Threat: One who exploits a vulnerability
  • Risk: Damage caused by exploiting the vulnerability
  • Asset: Which needs to be accessed after exploiting

  • Bug: Error, fault or flaw in a computer program that may cause unexpected behaviour
    Pasted image 20260603120211.png

  • Impact: The aftereffect of exploiting vulnerabilities

  • Hacker: Gain access with or without malicious intent
  • Cracker: Gain access to damage assets and cause harm, always malicious
  • Infosec: Information Security
  • Penetration Testing: Testing and reporting the security loopholes
  • Vulnerability assessment: Testing and reporting the security loopholes, and telling how to fix them
  • Cyber Espionage: Spying to someone to gain illicit access to confidential information (large institutions)
  • Exploits: Designed to cause unexpected behaviours that an attacker can take advantage of to perform harmful actions
  • Script Kiddie: Newbies/Noobs so called hackers without any skills
  • Zero-day: Vulnerability not known to professionals only to be exploited by hackers