The FREE Cybersecurity Glossary by Thor Pedersen!

TCP SYN flood attack: A type of denial-of-service (DoS) attack that aims to make a server unavailable by overwhelming it with connection requests. The attacker sends a series of TCP SYN (synchronization) packets to the target server, each appearing to come from a different source, which prompts the server to allocate resources to await the completion of each connection. However, the attacker never completes the connections, causing the server to become overwhelmed with incomplete connections and eventually making the server unavailable to legitimate users.

Teardrop Attack: A denial-of-service attack that targets the vulnerability in the IP packet reassembly process. The attacker sends fragmented IP packets with overlapping offset field values to the target system, which can cause the system to fail or crash when it tries to reassemble these malformed fragments. This attack exploits the fragmentation logic errors in older operating systems that do not handle such exceptions properly.

Technical controls: Security measures that are based on the use of technology, such as hardware, software, and networking components. They are used to protect against threats and vulnerabilities in a system or network. Examples include firewalls, intrusion detection systems, and encryption algorithms.

Technical infrastructure security: The protection of the underlying systems and services that support an organization's IT environment. This includes ensuring the security of servers, networks, databases, and other technical assets from threats such as malware, unauthorized access, and data breaches. Key elements of technical infrastructure security include patch management, secure configuration, access control, network security, and monitoring for signs of potential security incidents.

Technical vulnerability information: Details about a weakness or flaw in a system or application that can be exploited by an attacker. It is used by security professionals to identify and mitigate risks and by software developers to fix vulnerabilities. Examples include information about a buffer overflow exploit in a web application or a SQL injection attack on a database.

Technology infrastructure: The composite hardware, software, network resources, and services required for the operation, management, and delivery of IT services and solutions. This infrastructure supports the delivery and processing of information across an organization.