key –(in the context of cybersecurity) is set of information that can be used to encode or decode encrypted information.
key pair – see asymmetric cryptography.
Keylogger — Any means by which the keystrokes of a victim are recorded as they are typed into the physical keyboard. A keylogger can be a software solution or a hardware device used to capture anything that a user might type in including passwords, answers to secret questions or details and information form e-mails, chats and documents.
keylogging – a form of malicious software that is used to record and disclose entries on a digital device. This type of malware is often used to collect credit card details, user identities and passwords.
Kerberos – a computer network authentication protocol and is ticket-based allowing nodes to communicate over a non-secure. Massachusetts Institute of Technology (MIT) developed the Kerberos to protect network services provided by the Project Athena. This protocol is based on the earlier Needham–Schroeder symmetric key protocol. Kerberos protocol messages are protected against snooping and replay attacks.
Kernel – an essential center of a computer operating system, the core that provides basic services for all other parts of the operating system. A synonym is nucleus. A kernel can be contrasted with a shell, the outermost part of an operating system that interacts with user commands. Kernel and Shell are terms used more frequently in Unix operating systems than in IBM mainframe or Microsoft Windows systems.
kill chain – a conceptual cyber defense model that uses the structure of attack as a model to build a cyber defense strategy. The stages in an advanced persistent threat are typically used as a framework, with cyber defense strategies (detect, deny, disrupt, degrade, deceive, contain) considered at each stage. The model can be a useful adjunct to defense strategy but also has inherent gaps, for example, it works best for internal organization networks but is less effective when applied to information outside of a defended perimeter. This model does very successfully emphasize that cyber attacks are much lower cost to deal with, when they are identified earlier in the cyber attack lifecycle.