Glossary
Every key term used in this textbook, in one alphabetical list. Terms link back to the chapters where they appear.
2
- 20-20-20 rule
Every 20 minutes look 20 feet away for 20 seconds.
Appears in: Common ICT Health Issues
3
- 3-2-1 Rule
Three copies, two media types, one offsite.
Appears in: Backups — The 3-2-1 Rule
A
- Active recall
Testing yourself instead of re-reading notes.
Appears in: Quiz Competition and Personal Revision Plan
- Ad blocker
Browser tool that hides adverts and often blocks malicious trackers.
Appears in: Safe-Browsing 10 Rules and VPN Debate
- Ad personalisation
Using your data to target adverts.
Appears in: Privacy Settings — Hands-on
- Aggregation
Combining data points to identify or profile a person.
Appears in: Personal Data, PII and Digital Footprint
- Asset
Anything of value we want to protect — data, hardware, or reputation.
Appears in: The CIA Triad — Confidentiality, Integrity, Availability
- Attack
A realised threat — the harmful event actually occurring.
Appears in: Threat, Vulnerability, Risk and Attack
- Authentication
Proving an identity to a system.
Appears in: Authentication Factors
- Authorisation
Deciding what an authenticated user is allowed to do.
Appears in: Authentication Factors
- Auto-update
Automatic download and install of patches.
Appears in: OS Updates and Patching (Practical)
- Availability
The system is up and reachable when needed.
Appears in: The CIA Triad — Confidentiality, Integrity, Availability
B
- Biometric
A physical or behavioural trait used to identify a person.
Appears in: Authentication Factors
- Blue light
High-energy visible light from screens that affects sleep.
Appears in: Common ICT Health Issues
- Breach
An incident where confidential data was accessed by an unauthorised party.
Appears in: Case Study — Analysing a Real Cyber Incident
- Brute force
Trying every possible combination until the password is found.
Appears in: Strong Passwords and Passphrases
- Bystander effect
The tendency for people to do nothing when others are present.
Appears in: Class Digital Code of Conduct and Cyberbullying Response
C
- CA
Certificate Authority — a trusted issuer of certificates.
Appears in: HTTPS, TLS and Certificates
- Call to action
The specific step you want your audience to take.
Appears in: Security Awareness Campaign Showcase
- Certificate
Digital proof of a website's identity.
Appears in: HTTPS, TLS and Certificates
- CO2 extinguisher
Fire extinguisher safe for electrical fires.
Appears in: Lab Hazards, Electrical and Fire Safety
- Command word
The instruction word (Define, Explain, Compare, Justify) that tells you how to answer.
Appears in: End-of-Term Written Examination
- Concept map
A diagram showing ideas and the links between them.
Appears in: Concept Map — Topics 1 to 4
- Confidentiality
Only authorised people can read the information.
Appears in: The CIA Triad — Confidentiality, Integrity, Availability
- Consent
Explicit permission to share information or images about someone.
Appears in: Future-Self and Personal Online Rules
- Cookie
A small file stored by a browser to remember state or track users.
Appears in: Personal Data, PII and Digital Footprint
- Copyright
Legal right of a creator to control copying of their work.
Appears in: Scenario Analysis and Copyright
- Creative Commons
Standard licences that let creators share on chosen terms.
Appears in: Scenario Analysis and Copyright
- Cyberbullying
Using digital tools to harass, humiliate or threaten someone.
Appears in: Class Digital Code of Conduct and Cyberbullying Response
- Cybercrime
A criminal offence involving a computer or network.
Appears in: Why Laws for Cyberspace — Skim the Act
D
- Defence-in-depth
Stacking multiple security controls so that failure of one is not fatal.
Appears in: Defence-in-Depth — Firewalls and Antivirus
- Diagnostic
A task designed to identify weaknesses.
Appears in: Station Rotation — Mixed Practice
- Dictionary attack
Guessing from lists of common words and leaked passwords.
Appears in: Strong Passwords and Passphrases
- Digital code of conduct
Shared rules a group agrees to follow online.
Appears in: Class Digital Code of Conduct and Cyberbullying Response
- Digital footprint
The trail of data you leave online.
Appears in: Personal Data, PII and Digital Footprint
E
- Ergonomics
Designing tools and workspaces to fit the human body.
Appears in: Workstation Ergonomics — Hands-on
- Evacuation route
The planned path out of a building in an emergency.
Appears in: Lab Hazards, Electrical and Fire Safety
- Evil twin
A rogue Wi-Fi access point mimicking a legitimate network.
Appears in: Wi-Fi Security — WEP, WPA2, WPA3 and Public Wi-Fi
F
- Fair use / fair dealing
Limited use of copyrighted work allowed by law for study, review, etc.
Appears in: Scenario Analysis and Copyright
- Firewall
A filter that controls incoming and outgoing network traffic.
Appears in: Defence-in-Depth — Firewalls and Antivirus
- Full backup
A complete copy of all selected data.
Appears in: Backups — The 3-2-1 Rule
H
- Hazard
A source of potential harm.
Appears in: Lab Hazards, Electrical and Fire Safety
- Heuristic
Behaviour-based detection that catches new, unknown threats.
Appears in: Spot-the-Phish Poster and Antivirus Demo
- HTTPS
HTTP over TLS — encrypted web traffic.
Appears in: HTTPS, TLS and Certificates
I
- Incident
A confirmed security event that harms an asset.
Appears in: Case Study — Analysing a Real Cyber Incident
- Incognito mode
A browsing mode that does not save history locally — but still visible to sites and networks.
Appears in: Safe-Browsing 10 Rules and VPN Debate
- Incremental backup
Copies only files changed since the last backup.
Appears in: Backups — The 3-2-1 Rule
- Integrity
Information is accurate and has not been changed without permission.
Appears in: The CIA Triad — Confidentiality, Integrity, Availability
J
- Jurisdiction
The legal authority of a court or country over a case.
Appears in: Why Laws for Cyberspace — Skim the Act
M
- Malware
Malicious software written to harm or exploit a system.
Appears in: Malware Taxonomy
- MFA
Multi-factor authentication — using two or more different factors.
Appears in: Multi-Factor Authentication (MFA)
- Micro-break
A short pause every 30 minutes to reset posture.
Appears in: Workstation Ergonomics — Hands-on
N
- Neutral posture
Body position with minimum strain on joints and muscles.
Appears in: Workstation Ergonomics — Hands-on
P
- Passphrase
A long password made of multiple words.
Appears in: Strong Passwords and Passphrases
- Password manager
Software that stores and generates unique passwords.
Appears in: Strong Passwords and Passphrases
- Patch
A software fix that closes a known vulnerability.
Appears in: OS Updates and Patching (Practical)
- Payload
The harmful part of malware — what it actually does after infection.
Appears in: Malware Taxonomy
- Permanence
The lasting nature of online content.
Appears in: Future-Self and Personal Online Rules
- Phishing
Fraudulent email that tries to trick the reader into revealing information or running malware.
Appears in: Phishing, Smishing and Vishing
- PII
Personally Identifiable Information — data that identifies an individual.
Appears in: Personal Data, PII and Digital Footprint
- Plagiarism
Presenting someone else's work as your own.
Appears in: Scenario Analysis and Copyright
- Port
A numbered network endpoint used by services (e.g. 443 for HTTPS).
Appears in: Defence-in-Depth — Firewalls and Antivirus
- Privacy setting
A control that decides who can see or use your data on a platform.
Appears in: Privacy Settings — Hands-on
Q
- Quarantine
A safe folder where suspicious files are isolated.
Appears in: Spot-the-Phish Poster and Antivirus Demo
R
- Ransomware
Malware that encrypts files and demands payment.
Appears in: Malware Taxonomy
- Recovery code
One-time backup code used when the second factor is unavailable.
Appears in: Multi-Factor Authentication (MFA)
- Reflection
Looking back on learning to identify progress and next steps.
Appears in: Feedback, Reflection and Bridge to Grade 12
- Restore
Recovering data from a backup.
Appears in: Backups — The 3-2-1 Rule
- Revision plan
A written schedule of what to study and when.
Appears in: Quiz Competition and Personal Revision Plan
- Risk
Likelihood of a threat exploiting a vulnerability × impact.
Appears in: Threat, Vulnerability, Risk and Attack
- Root cause
The underlying vulnerability that made the incident possible.
Appears in: Case Study — Analysing a Real Cyber Incident
- Rotation
Moving through fixed stations at timed intervals.
Appears in: Station Rotation — Mixed Practice
- RSI
Repetitive Strain Injury — pain from repeated small movements.
Appears in: Common ICT Health Issues
S
- Screenshot
A saved image of a screen that survives 'delete'.
Appears in: Future-Self and Personal Online Rules
- Signature
A unique fingerprint of a known piece of malware.
Appears in: Spot-the-Phish Poster and Antivirus Demo
- SIM swap
Attack where a criminal transfers your phone number to their SIM.
Appears in: Multi-Factor Authentication (MFA)
- SMART goal
Specific, Measurable, Achievable, Relevant, Time-bound goal.
Appears in: Feedback, Reflection and Bridge to Grade 12
- Smishing
Phishing carried out over SMS.
Appears in: Phishing, Smishing and Vishing
- Spear phishing
A targeted phishing attack aimed at a specific person or organisation.
Appears in: Phishing, Smishing and Vishing
- Structured question
Multi-part question with related sub-questions.
Appears in: End-of-Term Written Examination
T
- Third-party app
An external app connected to your account via OAuth.
Appears in: Privacy Settings — Hands-on
- Threat
A potential cause of harm to an asset.
Appears in: Threat, Vulnerability, Risk and Attack
- Threat actor
The person or group carrying out an attack.
Appears in: Threat, Vulnerability, Risk and Attack
- TLS
Transport Layer Security — the encryption protocol used by HTTPS.
Appears in: HTTPS, TLS and Certificates
- TOTP
Time-based one-time password, generated by an authenticator app.
Appears in: Multi-Factor Authentication (MFA)
- Two stars and a wish
Feedback format: two positives and one improvement.
Appears in: Security Awareness Campaign Showcase
U
- Unauthorised access
Entering a system you have no right to use.
Appears in: Why Laws for Cyberspace — Skim the Act
V
- Vector
The route malware uses to reach a device (email, USB, download).
Appears in: Malware Taxonomy
- Vishing
Phishing carried out over a voice call.
Appears in: Phishing, Smishing and Vishing
- VPN
Virtual Private Network — encrypts your traffic to a trusted server.
Appears in: Wi-Fi Security — WEP, WPA2, WPA3 and Public Wi-Fi
- VPN provider
The company running the VPN server; they can see your traffic.
Appears in: Safe-Browsing 10 Rules and VPN Debate
- Vulnerability
A weakness that a threat can exploit.
Appears in: Threat, Vulnerability, Risk and Attack
W
- WPA3
The current strongest Wi-Fi encryption standard.
Appears in: Wi-Fi Security — WEP, WPA2, WPA3 and Public Wi-Fi
Z
- Zero-day
A vulnerability unknown to or unpatched by the vendor.
Appears in: OS Updates and Patching (Practical)