glossary:start
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| glossary:start [2022/07/01 10:25] – 45.89.242.233 | glossary:start [2023/07/17 15:57] (current) – peter | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| - | ^ Item ^ Description ^ | + | ^Item^Description^ |
| - | | 3DES (Triple Digital Encryption Standard) | In cryptography, | + | |3DES|Triple Digital Encryption Standard.| |
| - | | 3G | 3G refers to the third generation of cellular data standards. | + | |:::|In cryptography, |
| - | | 3-Way Handshake | Machine A sends a packet with a SYN flag set to Machine B. B acknowledges A's SYN with a SYN/ACK. A acknowledges B's SYN/ACK with an ACK.| | + | |3G|3G refers to the third generation of cellular data standards.| |
| - | | 4G | 4G is the fourth generation of cellular data standards. | + | |:::|Cell phone companies often market mobile phones as "3G devices," |
| - | | 802.11b | 802.11b is a Wi-Fi standard developed by the IEEE for transmitting data over a wireless network. | + | |3-Way Handshake|Machine A sends a packet with a SYN flag set to Machine B. B acknowledges A's SYN with a SYN/ACK. A acknowledges B's SYN/ACK with an ACK.| |
| - | | 802.11g | 802.11g is a Wi-Fi standard developed by the IEEE for transmitting data over a wireless network. | + | |4G|4G is the fourth generation of cellular data standards. |
| - | | AAA | Authentication, | + | |802.11b|802.11b is a Wi-Fi standard developed by the IEEE for transmitting data over a wireless network. |
| - | | AAC | Application Asset Controls, | + | |802.11g|802.11g is a Wi-Fi standard developed by the IEEE for transmitting data over a wireless network. |
| - | | AAR | Authorized Asset Repository. | + | |AAA|Authentication, |
| - | | ABC | Anti-Bribary and Corruption.| | + | |AAC|Application Asset Controls, |
| - | | ACA | Application Criticality Assessment.| | + | |AAR|Authorized Asset Repository. |
| - | | ACK PIGGYBACKING | + | |ABC|Anti-Bribary and Corruption.| |
| - | | ACL (Access Control List) | A list of permissions attached to an object.| | + | |ACA|Application Criticality Assessment.| |
| - | | Access Control | Access Control ensures that resources are only granted to those users who are entitled to them.| | + | |ACKPIGGYBACKING|The practice of sending an ACK inside another packet going to the same destination.| |
| - | | Access Control List (ACL) | A list of permissions attached to an object.| | + | |ACL|Access Control List. |
| - | | Access Control Service | A security service that provides protection of system resources against unauthorized access. | + | |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.| |
| - | | Access Matrix | An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| | + | |Access Control List|ACL.| |
| - | | Account Harvesting | The process of collecting all the legitimate account names on a system.| | + | |:::|A list of permissions attached to an object.| |
| - | | Active Content | Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| | + | |Access Control Service|A security service that provides protection of system resources against unauthorized access. |
| - | | Active Directory | + | |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| |
| - | | Activity Monitors | Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| | + | |Account Harvesting|The process of collecting all the legitimate account names on a system.| |
| - | | AD (Active Directory) | A directory service implemented by Microsoft for Windows domain networks. | | + | |Active Content|Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| |
| - | | ADAL | Authoritive Data Access Layer.| | + | |Active Directory|AD.| |
| - | | Address Resolution Protocol | + | |:::|A directory service implemented by Microsoft for Windows domain networks. | |
| - | | ADS | Authoritive Data Source.| | + | |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| |
| - | | ADSL (Asymmetric Digital Subscriber Line) | Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | + | |AD|Active Directory. |
| - | | Advanced Encryption Standard | + | |ADAL| Authoritive Data Access Layer.| |
| - | | AEOD | After End-of-Day.| | + | |Address Resolution Protocol|ARP.| |
| - | | AES (Advanced Encryption Standard) | An encryption standard being developed by NIST. Intended to specify an unclassified, | + | |:::|A protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network. |
| - | | AIRB | Advanced Internal Rating Based Approach.| | + | |ADS|Authoritive Data Source.| |
| - | | A&L | Assets and Liabilities | | + | |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. |
| - | | Algorithm | A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| | + | |Advanced Encryption Standard|AES.| |
| - | | AML (Anti-Money Laundering) | + | |:::|An encryption standard being developed by NIST. Intended to specify an unclassified, |
| - | | AMSC | Application Management Service Centre.| | + | |AEOD|After End-of-Day.| |
| - | | aPass | Application Platform as a Service. | + | |AES|Advanced Encryption Standard. |
| - | | Applet | An applet is any small application that performs one specific task, sometimes running within the context of a larger program, perhaps as a plug-in. | + | |AIRB|Advanced Internal Rating Based Approach.| |
| - | | AQM | Active Queue Management.| | + | |A& |
| - | | ARM | Approved Reporting Mechanism.| | + | |Algorithm|A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| |
| - | | ARP (Address Resolution Protocol) | A protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network. | + | |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.| |
| - | | ARPANET | Advanced Research Projects Agency Network. | + | |AMSC|Application Management Service Centre.| |
| - | | ASCII | American Standard Code for Information Interchange.| | + | |aPass|Application Platform as a Service. |
| - | | ASN (Autonomous System Number) | A globally unique number assigned by a registrar for the purposes of Internet routing, | | + | |Applet| An applet is any small application that performs one specific task, sometimes running within the context of a larger program, perhaps as a plug-in. |
| - | | Asymmetric Cryptography | Public-key cryptography. | + | |AQM|Active Queue Management.| |
| - | | Asymmetric Warfare | Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' | + | |ARM|Approved Reporting Mechanism.| |
| - | | Auditing | The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| | + | |ARP|Address Resolution Protocol. |
| - | | Asymmetric Digital Subscriber Line (ADSL) | Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | + | |ARPANET|Advanced Research Projects Agency Network. |
| - | | Asynchronous Transfer Mode (ATM) | Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. | + | |ASCII|American Standard Code for Information Interchange.| |
| - | | ATM (Asynchronous Transfer Mode) | Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. | + | |ASN|Autonomous System Number.| |
| - | | ATP | Accelerated Training Program.| | + | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing, | |
| - | | AUA | Assets Under Administration.| | + | |Asymmetric Cryptography|Public-key cryptography. |
| - | | AUM | Assets Under Management.| | + | |Asymmetric Warfare|Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' |
| - | | Authentication | The process of confirming the correctness of the claimed identity.| | + | |Auditing|The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| |
| - | | Authorization | The approval, permission, or empowerment for someone or something to do something.| | + | |Asymmetric Digital Subscriber Line|ADSL.| |
| - | | Autonomous System | One network or series of networks that are all under one administrative control. | + | |:::|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. |
| - | | Autonomous System Number | + | |Asynchronous Transfer Mode|Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. |
| - | | Availability | The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| | + | |ATM|Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. |
| - | | Backdoor | A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| | + | |ATP|Accelerated Training Program.| |
| - | | Bandwidth | Commonly used to mean the capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second.| | + | |AUA|Assets Under Administration.| |
| - | | Banner | A banner is the information that is displayed to a remote user trying to connect to a service. | + | |AUM|Assets Under Management.| |
| - | | BAP | Business and Personal.| | + | |Authentication|The process of confirming the correctness of the claimed identity.| |
| - | | Basic Authentication | Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| | + | |Authorization|The approval, permission, or empowerment for someone or something to do something.| |
| - | | Bastion Host | A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| | + | |Autonomous System|One network or series of networks that are all under one administrative control. |
| - | | BAU | Business as Usual.| | + | |Autonomous System Number|ASN.| |
| - | | BBS (Bulletin Board System) | A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, | + | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing.| |
| - | | BCM (Business Continuity Management) | The management of a Business Continuity Plan (BCP).| | + | |Availability|The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| |
| - | | BCP (Business Continuity Plan) | A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | + | |Backdoor|A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| |
| - | | BDC | Business Delivery and Control.| | + | |Bandwidth|Commonly used to mean the capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second.| |
| - | | BEOD | Before End-of-Day.| | + | |Banner|A banner is the information that is displayed to a remote user trying to connect to a service. |
| - | | Berkeley Internet Name Domain | + | |BAP|Business and Personal.| |
| - | | BIOS | Basic Input Output System. | + | |Basic Authentication|Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| |
| - | | BGP (Border Gateway Protocol) | An inter-autonomous system routing protocol. | + | |Bastion Host|A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| |
| - | | BIA (Business Impact Analysis) | A Business Impact Analysis determines what levels of impact to a system are tolerable.| | + | |BAU|Business as Usual.| |
| - | | BIND (Berkeley Internet Name Domain) | BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. | + | |BBS|Bulletin Board System.| |
| - | | Biometrics | Biometrics use physical characteristics of the users to identify the user.| | + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, |
| - | | Bit | The smallest unit of information storage; a contraction of the term " | + | |BCM|Business Continuity Management. The management of a Business Continuity Plan (BCP).| |
| - | | Block Cipher | A block cipher encrypts one block of data at a time.| | + | |BCP|Business Continuity Plan. A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| |
| - | | Blog | Blog is a direct means for an individual to share ideas, thoughts, opinions, and information concerning a particular topic with an audience, using the Web as the medium. | + | |BDC|Business Delivery and Control.| |
| - | | BLoR | Business List of Records. | + | |BEOD|Before End-of-Day.| |
| - | | BOM | Business Only Membership.| | + | |Berkeley Internet Name Domain|BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. |
| - | | Border Gateway Protocol | + | |BIOS|Basic Input Output System. |
| - | | Boot Record Infector | A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| | + | |BGP|Border Gateway Protocol. An inter-autonomous system routing protocol. |
| - | | Bot | Also called ‘Internet bots’; refers to computers that perform tasks without human input. | + | |BIA|Business Impact Analysis.| |
| - | | Botnet | A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.| | + | |:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.| |
| - | | B&R | Books and Records.| | + | |BIND|Berkeley Internet Name Domain.| |
| - | | BRD | Business Requirements Document. | + | |:::|BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. |
| - | | Break Glass | Temporary limited access to a production environment. | + | |Biometrics|Biometrics use physical characteristics of the users to identify the user.| |
| - | | Bridge | A mechanism (software or hardware) which connect two communication segments. Bridges generally operate at OSI Layer 2 or 3, but may operate from the physical layer up to the application layer. | + | |Bit|The smallest unit of information storage; a contraction of the term " |
| - | | BRM | Business Risk Managers.| | + | |Block Cipher|A block cipher encrypts one block of data at a time.| |
| - | | Broadcast | To send the same message to an unknown number of destinations without addressing. Examples: ARP, Radio. See also multicast.| | + | |Blog|Blog is a direct means for an individual to share ideas, thoughts, opinions, and information concerning a particular topic with an audience, using the Web as the medium. |
| - | | Broadcast Address | An address used to broadcast a datagram to all hosts on a given network using UDP or ICMP protocol.| | + | |BLoR|Business List of Records. |
| - | | Browser | A client computer program that can retrieve and display information from servers on the World Wide Web.| | + | |BOM|Business Only Membership.| |
| - | | Brute Force | A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, | + | |Border Gateway Protocol|BGP.| |
| - | | BSM | Balance Sheet Management.| | + | |:::|An inter-autonomous system routing protocol. |
| - | | BSS 7799 | British Standard 7799. A standard code of practice and provides guidance on how to secure an information system. | + | |Boot Record Infector|A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| |
| - | | BST | British Summer Time.| | + | |Bot|Also called ‘Internet bots’; refers to computers that perform tasks without human input. |
| - | | Buffer Overflow | A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| | + | |Botnet|A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.| |
| - | | Bullet-proof hosting | Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. | + | |B& |
| - | | Bulletin Board System | + | |BRD|Business Requirements Document. |
| - | | Business Continuity Management | + | |Break Glass|Temporary limited access to a production environment. |
| - | | Business Continuity Plan (BCP) | A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | + | |Bridge|A mechanism (software or hardware) which connect two communication segments. Bridges generally operate at OSI Layer 2 or 3, but may operate from the physical layer up to the application layer. |
| - | | Business Impact Analysis | + | |BRM|Business Risk Managers.| |
| - | | Business Intelligence | Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; | + | |Broadcast|To send the same message to an unknown number of destinations without addressing. Examples: ARP, Radio. See also multicast.| |
| - | | BYOD | Bring Your Own Device.| | + | |Broadcast Address|An address used to broadcast a datagram to all hosts on a given network using UDP or ICMP protocol.| |
| - | | Byte | A fundamental unit of computer storage; the smallest addressable unit in a computer' | + | |Browser|A client computer program that can retrieve and display information from servers on the World Wide Web.| |
| - | | CA | Certificate Authority.| | + | |Brute Force|A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, |
| - | | CAB | Change Advisory Board.| | + | |BSM|Balance Sheet Management.| |
| - | | CAC (Call Admission Control) | The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| | + | |BSS 7799|British Standard 7799.| |
| - | | Cache | Pronounced cash, a special high-speed storage mechanism. | + | |:::|A standard code of practice and provides guidance on how to secure an information system. |
| - | | Cache Cramming | Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| | + | |BST|British Summer Time.| |
| - | | Cache Poisoning | Malicious or misleading data from a remote name server is saved [cached] by another name server. | + | |Buffer Overflow|A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| |
| - | | Call Admission Control | + | |Bullet-proof hosting|Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. |
| - | | CAMS | Cash Management System.| | + | |Bulletin Board System|BBS| |
| - | | Carding | Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. | + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, |
| - | | Cash-out | The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| | + | |Business Continuity Management|BCM.| |
| - | | CCO | Chief Controls Office. | + | |:::|The management of a Business Continuity Plan (BCP).| |
| - | | CDC | Client Data Controls.| | + | |Business Continuity Plan|BCP.| |
| - | | CDI | Client Data Interface.| | + | |:::|A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| |
| - | | Cell | A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| | + | |Business Impact Analysis|BIA.| |
| - | | CERT (Computer Emergency Response Team) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.| |
| - | | Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| | + | |Business Intelligence|Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; |
| - | | CFF | Common File Format.| | + | |BYOD|Bring Your Own Device.| |
| - | | CGI (Common Gateway Interface) | This mechanism is used by HTTP servers (web servers) to pass parameters to executable scripts in order to generate responses dynamically.| | + | |Byte|A fundamental unit of computer storage; the smallest addressable unit in a computer' |
| - | | Chain of Custody | Chain of Custody is the important application of the Federal rules of evidence and its handling.| | + | |CA|Certificate Authority.| |
| - | | Challenge Handshake Authentication Protocol | + | |CAB|Change Advisory Board.| |
| - | | CHAP (Challenge Handshake Authentication Protocol) | The Challenge-Handshake Authentication Protocol uses a challenge/ | + | |CAC|Call Admission Control.| |
| - | | Chatroom | The name for a discussion group or chat room.| | + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| |
| - | | Checksum | A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| | + | |Cache|Pronounced cash, a special high-speed storage mechanism. |
| - | | CI | Configuration Item.| | + | |Cache Cramming|Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| |
| - | | CIP | Customer Identification Program.| | + | |Cache Poisoning|Malicious or misleading data from a remote name server is saved [cached] by another name server. |
| - | | Cipher | A cryptographic algorithm for encryption and decryption.| | + | |Call Admission Control|CAC.| |
| - | | Ciphertext | Ciphertext is the encrypted form of the message being sent.| | + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| |
| - | | Circuit Switched Network | A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| | + | |CAMS|Cash Management System.| |
| - | | CIS | Customer Identification System.| | + | |Carding|Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. |
| - | | CIS | Customer Information System.| | + | |Cash-out|The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| |
| - | | CIT | Component Integration Testing.| | + | |CCO|Chief Controls Office.| |
| - | | CL | Control Language.| | + | |:::|The Chief Controls Office centralizes and increases the focus on maintaining and enhancing an effective control framework.| |
| - | | Client | A system entity that requests and uses a service provided by another system entity, called a " | + | |CDC|Client Data Controls.| |
| - | | CMDB | Configuration Management Database.| | + | |CDI|Client Data Interface.| |
| - | | CMOD | Central Management On Demand.| | + | |Cell|A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| |
| - | | CMR | Customer Master Record.| | + | |CERT|Computer Emergency Response Team. |
| - | | CMS | Change Management Standard.| | + | |Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| |
| - | | COA | Change of Address.| | + | |CFF|Common File Format.| |
| - | | CoB | Close of Business.| | + | |CGI|Common Gateway Interface. |
| - | | Cold Disaster Recovery Site | Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, | + | |Chain of Custody|Chain of Custody is the important application of the Federal rules of evidence and its handling.| |
| - | | Collision | A collision occurs when multiple systems transmit simultaneously on the same wire.| | + | |Challenge Handshake Authentication Protocol|CHAP. |
| - | | Common Gateway Interface | + | |CHAP|Challenge Handshake Authentication Protocol.| |
| - | | Competitive Intelligence | Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| | + | |:::|The Challenge-Handshake Authentication Protocol uses a challenge/ |
| - | | Competitor Intelligence | Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| | + | |Chatroom|The name for a discussion group or chat room.| |
| - | | Compromise | Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. | + | |Checksum|A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| |
| - | | Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |CI|Configuration Item.| |
| - | | Computer Network | A collection of host computers together with the sub-network or inter-network through which they can exchange data.| | + | |CIP|Customer Identification Program.| |
| - | | CON | Change of Name.| | + | |Cipher|A cryptographic algorithm for encryption and decryption.| |
| - | | Confidentiality | Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| | + | |Ciphertext|Ciphertext is the encrypted form of the message being sent.| |
| - | | Configuration Management | Establish a known baseline condition and manage it.| | + | |Circuit Switched Network|A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| |
| - | | COO | Chief Operating Office.| | + | |CIS|Customer Identification System.| |
| - | | Cookie | Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. | + | |CIS|Customer Information System.| |
| - | | Corruption | A threat action that undesirably alters system operation by adversely modifying system functions or data.| | + | |CIT|Component Integration Testing.| |
| - | | Cost Benefit Analysis | A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| | + | |CL|Control Language.| |
| - | | Countermeasure | Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. | + | |Client|A system entity that requests and uses a service provided by another system entity, called a " |
| - | | Covert Channels | Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| | + | |CMDB|Configuration Management Database.| |
| - | | CP | Consultation Paper.| | + | |CMOD|Central Management On Demand.| |
| - | | CR | Change Record.| | + | |CMR|Customer Master Record.| |
| - | | CR | Change Request.| | + | |CMS|Change Management Standard.| |
| - | | CRAID | Changes, Risks, Assumptions, | + | |COA|Change of Address.| |
| - | | Crawler | A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| | + | |CoB|Close of Business.| |
| - | | CRC (Cyclic Redundancy Check) | Sometimes called " | + | |Cold Disaster Recovery Site|Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, |
| - | | Criminal Forum | A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| | + | |Collision|A collision occurs when multiple systems transmit simultaneously on the same wire.| |
| - | | CRON | Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| | + | |Common Gateway Interface|CGI. |
| - | | Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| | + | |Competitive Intelligence|Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| |
| - | | Cryptanalysis | The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| | + | |Competitor Intelligence|Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| |
| - | | Cryptographic Algorithm | Hash. An algorithm that employs the science of cryptography, | + | |Compromise|Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. |
| - | | CSI | Continual Service Improvements.| | + | |Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| |
| - | | CSP | Content Security Policy.| | + | |Computer Network|A collection of host computers together with the sub-network or inter-network through which they can exchange data.| |
| - | | CTRP | Countries, Towns, Regions and Ports.| | + | |CON|Change of Name.| |
| - | | Cut-through | Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| | + | |Confidentiality|Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| |
| - | | Cyberspace | Cyberspace is the notional environment in which communication over computer networks occurs. | + | |Configuration Management|Establish a known baseline condition and manage it.| |
| - | | Cyclic Redundancy Check (CRC) | Sometimes called " | + | |COO|Chief Operating Office.| |
| - | | Daemon | A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. | + | |Cookie|Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. |
| - | | Data Aggregation | Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| | + | |Corruption|A threat action that undesirably alters system operation by adversely modifying system functions or data.| |
| - | | Data Custodian | A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| | + | |Cost Benefit Analysis|A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| |
| - | | Data Encryption Standard | + | |Countermeasure|Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. |
| - | | Data Encryption Standard (DES) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |Covert Channels|Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| |
| - | | Data Mining | Data Mining is a technique used to analyze existing information, | + | |CP|Consultation Paper.| |
| - | | Data Owner | A Data Owner is the entity having responsibility and authority for the data.| | + | |CR|Change Record.| |
| - | | Data Warehouse | A central repository for all or significant parts of the data that an enterprise’s various business systems collect. | + | |CR|Change Request.| |
| - | | Data Warehousing | Data Warehousing is the consolidation of several previously independent databases into one location.| | + | |CRAID|Changes, |
| - | | Datagram | Request for Comment 1594 says, "a self-contained, | + | |Crawler|A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| |
| - | | Day Zero | The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. | + | |CRC|Cyclic Redundancy Check.| |
| - | + | |:::|Sometimes called " | |
| - | | DB | Database.| | + | |Criminal Forum|A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| |
| - | | DBC | Detailed Business Case.| | + | |CRON|Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| |
| - | | DCF | Data Control Framework.| | + | |Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| |
| - | | DCO | Device Configuration Overlay. | + | |Cryptanalysis|The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| |
| - | | DCP | Demand Change Process.| | + | |Cryptographic Algorithm|Hash. |
| - | | Ddos (Distributed Denial of Service) | Distributed Denial of Service (DdoS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. | + | |CSI|Continual Service Improvements.| |
| - | | Decapsulation | Decapsulation is the process of stripping off one layer' | + | |CSP|Content Security Policy.| |
| - | | Decryption | Decryption is the process of transforming an encrypted message into its original plain-text.| | + | |CTRP|Countries, |
| - | | Deep Web | Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |Cut-through|Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| |
| - | | Defacement | Defacement is the method of modifying the content of a website in such a way that it becomes " | + | |Cyberspace|Cyberspace is the notional environment in which communication over computer networks occurs. |
| - | | Defense In-Depth | Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| | + | |Cyclic Redundancy Check|CRC. |
| - | | Demilitarized Zone (DMZ) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |Daemon|A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. |
| - | | Denial of Service | The prevention of authorized access to a system resource or the delaying of system operations and functions.| | + | |Data Aggregation|Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| |
| - | | DES (Data Encryption Standard) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |Data Custodian|A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| |
| - | | D&I | Diversity and Inclusion.| | + | |Data Encryption Standard|DES. A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | Dictionary Attack | An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| | + | |Data Mining|Data Mining is a technique used to analyze existing information, |
| - | | Diffie-Hellman | A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. | + | |Data Owner|A Data Owner is the entity having responsibility and authority for the data.| |
| - | | Digest Authentication | Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| | + | |Data Warehouse|A central repository for all or significant parts of the data that an enterprise’s various business systems collect. |
| - | | Digital Certificate | A digital certificate is an electronic " | + | |Data Warehousing|Data Warehousing is the consolidation of several previously independent databases into one location.| |
| - | | Digital Envelope | A digital envelope is an encrypted message with the encrypted session key.| | + | |Datagram|Request for Comment 1594 says, "a self-contained, |
| - | | Digital Signature | A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | | + | |Day Zero|The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. |
| - | | Digital Signature Algorithm | + | |DB|Database.| |
| - | | Digital Signature Standard | + | |DBC|Detailed Business Case.| |
| - | | Disassembly | The process of taking a binary program and deriving the source code from it.| | + | |DCF|Data Control Framework.| |
| - | | Disaster Recovery Plan (DRP) | A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| | + | |DCO|Device Configuration Overlay.| |
| - | | Discretionary Access Control | + | |:::|A hidden part of a hard drive that is used by personal computer manufacturers to specify the configuration of a hard drive (regardless of its actual size) to present the same number of sectors to the BIOS and operating system.| |
| - | | Dispensation | Temporary exclusion from Policy or Scope.| | + | |DCP|Demand Change Process.| |
| - | | Disruption | A circumstance or event that interrupts or prevents the correct operation of system services and functions.| | + | |DDOS|Distributed Denial of Service.| |
| - | | Distance Vector | Distance vectors measure the cost of routes to determine the best route to all known networks.| | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | Distributed Denial of Service | + | |Decapsulation | Decapsulation is the process of stripping off one layer' |
| - | | Distributed Scans | Distributed Scans are scans that use multiple source addresses to gather information.| | + | |Decryption|Decryption is the process of transforming an encrypted message into its original plain-text.| |
| - | | DLL (Dynamic Link Library) | A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. | + | |Deep Web|Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | DLP | Data Loss Prevention.| | + | |Defacement|Defacement is the method of modifying the content of a website in such a way that it becomes " |
| - | | DMS | Document Management System.| | + | |Defense In-Depth|Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| |
| - | | DM&W | Document Management and Workflow.| | + | |Demilitarized Zone|DMZ.| |
| - | | DMZ (Demilitarized Zone) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | DNS (Domain Name System) | The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " | + | |Denial of Service|The prevention of authorized access to a system resource or the delaying of system operations and functions.| |
| - | | Domain | A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. | + | |DES|Data Encryption Standard).| |
| - | | Domain Hijacking | Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' | + | |:::|A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | Domain Name | A domain name locates an organization or other entity on the Internet. | + | |D& |
| - | | Domain Name System | + | |Dictionary Attack|An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| |
| - | | Download | To download is to retrieve Information from the Internet.| | + | |Diffie-Hellman|A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. |
| - | | DP | Discussion Paper.| | + | |Digest Authentication|Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| |
| - | | DPIA | Data Protection Input Assessment.| | + | |Digital Certificate|A digital certificate is an electronic " |
| - | | DR | Disaster Recovery. | + | |Digital Envelope|A digital envelope is an encrypted message with the encrypted session key.| |
| - | | Drop Site | Malware that steals data will upload the information to a Drop Site for later retrieval.| | + | |Digital Signature|A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | |
| - | | DSA (Digital Signature Algorithm) | An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. | + | |Digital Signature Algorithm|DSA.| |
| - | | DSS (Digital Signature Standard | The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | DTU | Data Transfer Utility.| | + | |Digital Signature Standard|DSS.| |
| - | | Due Care | Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | Due Diligence | Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| | + | |Disassembly|The process of taking a binary program and deriving the source code from it.| |
| - | | Dump | Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| | + | |Disaster Recovery Plan|DRP.| |
| - | | DumpSec | DumpSec is a security tool that dumps a variety of information about a system' | + | |:::|A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| |
| - | | Dumpster Diving | Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| | + | |Discretionary Access Control|DAC.| |
| - | | DWB | Dispensation, | + | |:::|Discretionary Access Control consists of something the user can manage, such as a document password.| |
| - | | DX | Developer Experience.| | + | |Dispensation|Temporary exclusion from Policy or Scope.| |
| - | | Dynamic Link Library | + | |Disruption|A circumstance or event that interrupts or prevents the correct operation of system services and functions.| |
| - | | Dynamic Routing Protocol | Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. | + | |Distance Vector|Distance vectors measure the cost of routes to determine the best route to all known networks.| |
| - | | E2E | End-to-End. | + | |Distributed Denial of Service|DDOS.| |
| - | | EAD | Exposure at Default.| | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | EAP (Extensible Authentication Protocol) | A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, | + | |Distributed Scans|Distributed Scans are scans that use multiple source addresses to gather information.| |
| - | | Eavesdropping | Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| | + | |DLL|Dynamic Link Library.| |
| - | | e-Commerce | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | Echo Reply | An echo reply is the response a machine that has received an echo request sends over ICMP.| | + | |DLP|Data Loss Prevention.| |
| - | | Echo Request | An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| | + | |DMS|Document Management System.| |
| - | | EDS | European Data Store.| | + | |DM& |
| - | | EFT (Electronic Funds Transfer) | + | |DMZ|Demilitarized Zone.| |
| - | | Egress Filtering | Filtering outbound traffic.| | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | EGP (Exterior Gateway Protocol) | A protocol which distributes routing information to the routers which connect autonomous systems.| | + | |DNS|Domain Name System.| |
| - | | EGW | Engagement Gateway.| | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | EIN | Employee Identification Number. | + | |Domain|A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. |
| - | | Electronic Commerce | + | |Domain Hijacking|Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' |
| - | | Electronic Funds Transfer | + | |Domain Name|A domain name locates an organization or other entity on the Internet. |
| - | | Emanations Analysis | Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| | + | |Domain Name System|DNS.| |
| - | | Encapsulation | The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | Encryption | Cryptographic transformation of data (called " | + | |Download|To download is to retrieve Information from the Internet.| |
| - | | EOD | End-of-Day.| | + | |DP|Discussion Paper.| |
| - | | Ephemeral Port | Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. | + | |DPIA|Data Protection Input Assessment.| |
| - | | Escrow Passwords | Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| | + | |DR|Disaster Recovery. |
| - | | Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |Drop Site|Malware that steals data will upload the information to a Drop Site for later retrieval.| |
| - | | Ethernet | The most widely-installed LAN technology. | + | |DSA|Digital Signature Algorithm.| |
| - | | ETL | Extract, Transform, Load.| | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | EUDA | End User Developed Application.| | + | |DSS|Digital Signature Standard.| |
| - | | Event | An event is an observable occurrence in a system or network.| | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | EXCO | Executive Committee, Executive Council.| | + | |DTU|Data Transfer Utility.| |
| - | | Exploit | A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| | + | |Due Care|Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| |
| - | | Exponential Backoff Algorithm | An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| | + | |Due Diligence|Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| |
| - | | Exposure | A threat action whereby sensitive data is directly released to an unauthorized entity.| | + | |Dump|Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| |
| - | | Extended ACLS | Cisco. | + | |DumpSec|DumpSec is a security tool that dumps a variety of information about a system' |
| - | | Extensible Authentication Protocol | + | |Dumpster Diving|Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| |
| - | | Exterior Gateway Protocol | + | |DWB|Dispensation, |
| - | | Extranet | Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, | + | |DX|Developer Experience.| |
| - | | False Rejects | False Rejects are when an authentication system fails to recognize a valid user.| | + | |Dynamic Link Library|DLL.| |
| - | | Fast File System | The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | Fast Flux | Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| | + | |Dynamic Routing Protocol|Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. |
| - | | FAT | Functional Acceptance Testing. | + | |E2E|End-to-End. |
| - | | Fault Line Attacks | Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| | + | |EAD|Exposure at Default.| |
| - | | FCT | Functional Confidence Testing. | + | |EAP|Extensible Authentication Protocol.| |
| - | | File Transfer Protocol | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | Filter | + | |Eavesdropping|Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| |
| - | | Filtering Router | An inter-network router that selectively prevents the passage of data packets according to a security policy. | + | |e-Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | Finger | A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. | + | |Echo Reply| An echo reply is the response a machine that has received an echo request sends over ICMP.| |
| - | | Fingerprinting | Sending strange packets to a system in order to gauge how it responds to determine the operating system.| | + | |Echo Request|An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| |
| - | | Firewall | A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| | + | |EDS|European Data Store.| |
| - | | Flooding | An attack that attempts to cause a failure in (especially, | + | |EFT|Electronic Funds Transfer is the transfer of cash or credit from one account to another using computers and telecommunications.| |
| - | | Forest | A forest is a set of Active Directory domains that replicate their databases with each other.| | + | |Egress Filtering | Filtering outbound traffic.| |
| - | | Fork Bomb | A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. | + | |EGP|Exterior Gateway Protocol). |
| - | | Form-based Authentication | Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | Forward Lookup | Forward lookup uses an Internet domain name to find an IP address.| | + | |EGW|Engagement Gateway.| |
| - | | Forward Proxy | Forward Proxies are designed to be the server through which all requests are made.| | + | |EIN|Employee Identification Number.| |
| - | | FQDN | Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| | + | |Electronic Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | Fragment Offset | The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| | + | |Electronic Funds Transfer|Electronic Funds Transfer |
| - | | Fragment Overlap Attack | A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. | + | |Emanations Analysis|Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| |
| - | | Fragmentation | The process of storing a data file in several " | + | |Encapsulation|The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| |
| - | | Frames | Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. | + | |Encryption|Cryptographic transformation of data (called " |
| - | | FTP (File Transfer Protocol) | A TCP/IP protocol specifying the transfer of text or binary files across the network.| | + | |EOD|End-of-Day.| |
| - | | Full Duplex | A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. | + | |Ephemeral Port|Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. |
| - | | Fully-Qualified Domain Name | A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| | + | |Escrow Passwords|Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| |
| - | | Fuzzing | The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " | + | |Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | Gateway | A network point that acts as an entrance to another network.| | + | |Ethernet|The most widely-installed LAN technology. |
| - | | GETHOSTBYADDR | The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| | + | |ETL|Extract, |
| - | | GETHOSTBYNAME | The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| | + | |EUDA|End User Developed Application.| |
| - | | GIS | Global Information Security.| | + | |Event|An event is an observable occurrence in a system or network.| |
| - | | GNU | GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. | + | |EXCO|Executive Committee, Executive Council.| |
| - | | GNUTELLA | An Internet file sharing utility. | + | |Exploit|A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| |
| - | | GTIS | Global Technology Infrastructure Group.| | + | |Exponential Backoff Algorithm|An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| |
| - | | GW | Gateway.| | + | |Exposure|A threat action whereby sensitive data is directly released to an unauthorized entity.| |
| - | | Hactivist | An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, | + | |Extended ACLS|Cisco. |
| - | | HAM | Hardware Asset Management.| | + | |Extensible Authentication Protocol|EAP.| |
| - | | Hardening | Hardening is the process of identifying and fixing vulnerabilities on a system.| | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | Hash Function | An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| | + | |Exterior Gateway Protocol|EGP.| |
| - | | Hash Functions | (cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | Header | A header is the extra information in a packet that is needed for the protocol stack to process the packet.| | + | |Extranet|Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, |
| - | | Hijack Attack | A form of active wiretapping in which the attacker seizes control of a previously established communication association.| | + | |False Rejects|False Rejects are when an authentication system fails to recognize a valid user.| |
| - | | Honey Client | See Honeymonkey.| | + | |Fast File System|The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| |
| - | | Honey Pot | Programs that simulate one or more network services that you designate on your computer' | + | |Fast Flux|Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| |
| - | | Honeymonkey | Automated system simulating a user browsing websites. | + | |FAT|Functional Acceptance Testing.| |
| - | | Hops | A hop is each exchange with a gateway a packet takes on its way to the destination.| | + | |:::|See FCT.| |
| - | | Host | Any computer that has full two-way access to other computers on the Internet. | + | |Fault Line Attacks|Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| |
| - | | Host-based ID | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |FCT|Functional Confidence Testing.| |
| - | | Host-Based Intrusion Detection | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |:::|Functional testing covers Unit Testing, Smoke Testing, Sanity Testing, Intergration Testing (Top Down, Bottom Up), Interface and Useability Testing, System Testing, Regression Testing, Per User Acceptance Testing (Alpha and Beta), User Acceptance Testing, White Box and Black Box Testing, Globalization and Location Testing.| |
| - | | Hot Disaster Recovery Site | It contains fully redundant hardware and software, with telecommunications, | + | |File Transfer Protocol|FTP. |
| - | | Hot Fix | A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. | + | |Filter A filter is used to specify which packets will or will not be used. It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.| |
| - | | HPA | Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| | + | |Filtering Router|An inter-network router that selectively prevents the passage of data packets according to a security policy. |
| - | | HTML (Hypertext Markup Language) | The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.| | + | |Finger|A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. |
| - | | HTTP (Hypertext Transfer Protocol) | The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.| | + | |Fingerprinting|Sending strange packets to a system in order to gauge how it responds to determine the operating system.| |
| - | | HTTP Proxy | An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| | + | |Firewall|A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| |
| - | | HTTPS | When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | | + | |Flooding|An attack that attempts to cause a failure in (especially, |
| - | | HUB | A hub is a network device that operates by repeating data that it receives on one port to all the other ports. | + | |Forest|A forest is a set of Active Directory domains that replicate their databases with each other.| |
| - | | Humint | + | |Fork Bomb|A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. |
| - | | Hybrid Attack | A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| | + | |Form-based Authentication|Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| |
| - | | Hybrid Encryption | An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| | + | |Forward Lookup|Forward lookup uses an Internet domain name to find an IP address.| |
| - | | Hyperlink | In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| | + | |Forward Proxy|Forward Proxies are designed to be the server through which all requests are made.| |
| - | | Hypertext Markup Language | + | |FQDN|Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| |
| - | | Hypertext Transfer Protocol | + | |Fragment Offset|The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| |
| - | | ICMP (Internet Control Message Protocol) | An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| | + | |Fragment Overlap Attack|A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. |
| - | | Identity | Identity is whom someone or what something is, for example, the name by which something is known.| | + | |Fragmentation|The process of storing a data file in several " |
| - | | IETF (Internet Engineering Task Force) | The body that defines standard Internet operating protocols such as TCP/ | + | |Frames|Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. |
| - | | IMAP (Internet Message Access Protocol) | A protocol that defines how a client should fetch mail from and return mail to a mail server. | + | |FTP|File Transfer Protocol).| |
| - | | Incident | An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| | + | |:::|A TCP/IP protocol specifying the transfer of text or binary files across the network.| |
| - | | Incident Handling | Incident Handling is an action plan for dealing with intrusions, cyber-theft, | + | |Full Duplex|A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. |
| - | | Incremental Backups | Incremental backups only backup the files that have been modified since the last backup. | + | |Fully-Qualified Domain Name|A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| |
| - | | Industrial Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |Fuzzing|The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " |
| - | | INETD | Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| | + | |Gateway|A network point that acts as an entrance to another network.| |
| - | | Inference Attack | Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| | + | |GETHOSTBYADDR|The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| |
| - | | Information Warfare | Information Warfare is the competition between offensive and defensive players over information resources.| | + | |GETHOSTBYNAME|The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| |
| - | | Ingress Filtering | Ingress Filtering is filtering inbound traffic.| | + | |GIS|Global Information Security.| |
| - | | Input Validations Attack | Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| | + | |GNU|GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. |
| - | | Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, | + | |GNUTELLA|An Internet file sharing utility. |
| - | | Integrity Star Property | In Integrity Star Property a user cannot read data of a lower integrity level then their own.| | + | |GTIS|Global Technology Infrastructure Group.| |
| - | | Intellectual Property | Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. | + | |GW|Gateway.| |
| - | | Intelligence | Intelligence is high-level, processed, exploitable Information.| | + | |Hactivist|An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, |
| - | | International Organization for Standardization (ISO) | A voluntary, non-treaty, non-government organization, | + | |HAM|Hardware Asset Management.| |
| - | | International Telecommunications Union (ITU-T) | Telecommunication Standardization Sector (formerly " | + | |Hardening|Hardening is the process of identifying and fixing vulnerabilities on a system.| |
| - | | Internet | A term to describe connecting multiple separate networks together.| | + | |Hash Function|An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| |
| - | | Internet Control Message Protocol | + | |Hash Functions|(cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. |
| - | | Internet Engineering Task Force (IETF) | The body that defines standard Internet operating protocols such as TCP/ | + | |Header|A header is the extra information in a packet that is needed for the protocol stack to process the packet.| |
| - | | Internet Message Access Protocol | + | |Hijack Attack|A form of active wiretapping in which the attacker seizes control of a previously established communication association.| |
| - | | Internet Protocol | + | |Honey Client|See Honeymonkey.| |
| - | | Internet Protocol Security | + | |Honey Pot|Programs that simulate one or more network services that you designate on your computer' |
| - | | Internet Relay Chat (IRC) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |Honeymonkey|Automated system simulating a user browsing websites. |
| - | | Internet Service Provider | + | |Hops|A hop is each exchange with a gateway a packet takes on its way to the destination.| |
| - | | Internet Standard | A specification, | + | |Host|Any computer that has full two-way access to other computers on the Internet. |
| - | | Interrupt | An Interrupt is a signal that informs the OS that something has occurred.| | + | |Host-based ID|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Intranet | A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| | + | |Host-Based Intrusion Detection|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Intrusion Detection | A security management system for computers and networks. | + | |Hot Disaster Recovery Site|It contains fully redundant hardware and software, with telecommunications, |
| - | | Invisible Web | Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |Hot Fix|A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. |
| - | | IP (Internet Protocol) | The method or protocol by which data is sent from one computer to another on the Internet.| | + | |HPA|Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| |
| - | | IP Address | A computer' | + | |HTML|Hypertext Markup Language. |
| - | | IP Flood | A denial of service attack that sends a host more echo request (" | + | |HTTP|Hypertext Transfer Protocol. |
| - | | IP Forwarding | IP forwarding is an Operating System option that allows a host to act as a router. | + | |HTTP Proxy|An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| |
| - | | IPSEC (Internet Protocol Security) | A developing standard for security at the network or packet processing layer of network communication.| | + | |HTTPS|When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | |
| - | | IP Spoofing | The technique of supplying a false IP address.| | + | |HUB|A hub is a network device that operates by repeating data that it receives on one port to all the other ports. |
| - | | IRC (Internet Relay Chat) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |Humint|Humint is an abbreviation for Human Intelligence; |
| - | | IRM | Information Risk Management.| | + | |Hybrid Attack|A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| |
| - | | ISO (International Organization for Standardization) | A voluntary, non-treaty, non-government organization, | + | |Hybrid Encryption|An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| |
| - | | ISP (Internet Service Provider) | An Internet Service Provider (ISP) is a company selling access to the Internet.| | + | |Hyperlink|In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| |
| - | | Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, | + | |Hypertext Markup Language|HTML. |
| - | | ITU-T (International Telecommunications Union) | Telecommunication Standardization Sector (formerly " | + | |Hypertext Transfer Protocol|HTTP. |
| - | | Jitter | Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| | + | |ICMP|Internet Control Message Protocol.| |
| - | | Jump Bag | A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | Kerberos | A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, | + | |Identity | Identity is whom someone or what something is, for example, the name by which something is known.| |
| - | | Kernel | The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. | + | |IETF|Internet Engineering Task Force.| |
| - | | KYC | Know Your Customer.| | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | L2F (Layer 2 Forwarding Protocol) | An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| | + | |IMAP|Internet Message Access Protocol.| |
| - | | L2FP (Layer 2 Tunnelling | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | Lattice Techniques | Lattice Techniques use security designations to determine access to information.| | + | |Incident|An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| |
| - | | Layer 2 Forwarding Protocol | + | |Incident Handling|Incident Handling is an action plan for dealing with intrusions, cyber-theft, |
| - | | Layer 2 Tunnelling | + | |Incremental Backups|Incremental backups only backup the files that have been modified since the last backup. |
| - | | Least Privilege | Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| | + | |Industrial Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | Legion | Software to detect unprotected shares.| | + | |INETD|Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| |
| - | | Lightweight Directory Access Protocol | + | |Inference Attack|Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| |
| - | | Link State | With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| | + | |Information Warfare|Information Warfare is the competition between offensive and defensive players over information resources.| |
| - | | List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| | + | |Ingress Filtering|Ingress Filtering is filtering inbound traffic.| |
| - | | LKM (Loadable Kernel Modules) | Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| | + | |Input Validations Attack|Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| |
| - | | Loadable Kernel Modules | + | |Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, |
| - | | Log Clipping | Log clipping is the selective removal of log entries from a system log to hide a compromise.| | + | |Integrity Star Property|In Integrity Star Property a user cannot read data of a lower integrity level then their own.| |
| - | | Logic Bombs | Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. | + | |Intellectual Property|Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. |
| - | | Logic Gate | A logic gate is an elementary building block of a digital circuit. | + | |Intelligence|Intelligence is high-level, processed, exploitable Information.| |
| - | | Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| | + | |International Organization for Standardization (ISO)|A voluntary, non-treaty, non-government organization, |
| - | | LTR | Large Transaction Report.| | + | |International Telecommunications Union|ITU-T.| |
| - | | MAC (Mandatory Access Control) | Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | MAC Address | A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| | + | |Internet|A term to describe connecting multiple separate networks together.| |
| - | | Malicious Code | Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| | + | |Internet Control Message Protocol|ICMP.| |
| - | | Malware | A generic term for a number of different types of malicious code.| | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | Mandatory Access Control | + | |Internet Engineering Task Force|IETF.| |
| - | | Man in the Middle | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | Masquerade Attack | A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| | + | |Internet Message Access Protocol|IMAP.| |
| - | | MD5 | A one way cryptographic hash function. | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | Measures of Effectiveness | + | |Internet Protocol|IP.| |
| - | | MFT | Managed File Transfer.| | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | MI | Management Information.| | + | |Internet Protocol Security|IPSEC.| |
| - | | MITM (Man in the Middle) Attack | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | MOE (Measures of Effectiveness) | Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| | + | |Internet Relay Chat|IRC.| |
| - | | Monoculture | Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| | + | |:::|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | Morris Worm | A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| | + | |Internet Service Provider|ISP.| |
| - | | MoSCoW | Must, Should, Could, Would.| | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | Mule | Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. | + | |Internet Standard|A specification, |
| - | | Multi-Cast | Broadcasting from one host to a given set of hosts.| | + | |Interrupt|An Interrupt is a signal that informs the OS that something has occurred.| |
| - | | Multi-Homed | You are " | + | |Intranet|A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| |
| - | | Multiplexing | To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| | + | |Intrusion Detection|A security management system for computers and networks. |
| - | | NAT (Network Address Translation) | It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. | + | |Invisible Web|Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | National Institute of Standards and Technology | + | |IP|Internet Protocol).| |
| - | | Natural Disaster | Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | Netmask | 32-bit number indicating the range of IP addresses residing on a single IP network/ | + | |IP Address|A computer' |
| - | | Network Address Translation | + | |IP Flood|A denial of service attack that sends a host more echo request (" |
| - | | Network-based IDS | A network-based IDS system monitors the traffic on its network segment as a data source. | + | |IP Forwarding|IP forwarding is an Operating System option that allows a host to act as a router. |
| - | | Network Mapping | To compile an electronic inventory of the systems and the services on your network.| | + | |IPSEC|Internet Protocol Security).| |
| - | | Network Taps | Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | Newsgroup | Newsgroup is the name for a discussion group or chat room.| | + | |IP Spoofing|The technique of supplying a false IP address.| |
| - | | Nginx | Nginx Web Server. | + | |IRC|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | Node | Node is any single device connected to a Network.| | + | |IRM|Information Risk Management.| |
| - | | Non FCT | Non Functional Testing. | + | |ISO|International Organization for Standardization).| |
| - | | Non-printable character | A character that doesn' | + | |:::|A voluntary, non-treaty, non-government organization, |
| - | | Non-repudiation | Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| | + | |ISP|Internet Service Provider).| |
| - | | Null Session | Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | OAT | Operational Acceptance Testing. | + | |Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, |
| - | | Octet | A sequence of eight bits. An octet is an eight-bit byte.| | + | |ITU-T|International Telecommunications Union).| |
| - | | One-way Encryption | Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | One-way Function | A (mathematical) function, f, which is easy to compute the output based on a given input. | + | |Jitter|Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| |
| - | | Open Shortest Path First (OSPF) | + | |Jump Bag|A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| |
| - | | Open Source Information | Open source information is unclassified published information. | + | |Kerberos|A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, |
| - | | Open Systems Interconnection | + | |Kernel|The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. |
| - | | OR | Operational Risk.| | + | |KYC|Know Your Customer.| |
| - | | ORF | Operational Risk Framework.| | + | |L2F|Layer 2 Forwarding Protocol).| |
| - | | ORIA | Operational Risk Impact Assessment. | + | |:::|An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| |
| - | | OSI (Open Systems Interconnection) | OSI is a standard description or " | + | |L2FP|Layer 2 Tunneling |
| - | | OSI Layers | The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. | + | |:::|An extension of the Point-to-Point |
| - | | OSPF (Open Shortest Path First) | + | |Lattice Techniques|Lattice Techniques use security designations to determine access to information.| |
| - | | Overload | Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| | + | |Layer 2 Forwarding Protocol|L2F. |
| - | | Packet | A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| | + | |Layer 2 Tunneling |
| - | | Packet Switched Network | A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| | + | |Least Privilege|Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| |
| - | | PAN | Primary Account Number.| | + | |Legion|Software to detect unprotected shares.| |
| - | | Partitions | Major divisions of the total physical hard disk space.| | + | |Lightweight Directory Access Protocol|LDAP. |
| - | | Password Authentication Protocol | + | |Link State|With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| |
| - | | Password Cracking | Password cracking is the process of attempting to guess passwords, given the password file information.| | + | |List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| |
| - | | Password Sniffing | Passive wiretapping, | + | |LKM|Loadable Kernel Modules.| |
| - | | PATS | Per Application Test Strategy.| | + | |:::|Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| |
| - | | Patch | A patch is a small update released by a software manufacturer to fix bugs in existing programs.| | + | |Loadable Kernel Modules|LKM. |
| - | | Patching | Patching is the process of updating software to a different version.| | + | |Log Clipping|Log clipping is the selective removal of log entries from a system log to hide a compromise.| |
| - | | Payload | Payload is the actual application data a packet contains.| | + | |Logic Bombs|Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. |
| - | | Penetration | Gaining unauthorized logical access to sensitive data by circumventing a system' | + | |Logic Gate|A logic gate is an elementary building block of a digital circuit. |
| - | | Penetration Testing | Penetration testing is used to test the external perimeter security of a network or facility.| | + | |Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| |
| - | | PERL (Practical Extraction and Reporting Language) | A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | + | |LTR|Large Transaction Report.| |
| - | | Permutation | Permutation keeps the same letters but changes the position within a text to scramble the message.| | + | |MAC|Mandatory Access Control).| |
| - | | Personal Firewalls | Personal firewalls are those firewalls that are installed and run on individual PCs.| | + | |:::|Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. |
| - | | PFS (Public Key Forward Secrecy) | For a key agreement protocol based on asymmetric cryptography, | + | |MAC Address|A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| |
| - | | Pharming | This is a more sophisticated form of MITM attack. | + | |Malicious Code|Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| |
| - | | Phishing | The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. | + | |Malware|A generic term for a number of different types of malicious code.| |
| - | | PII | Personal Identifiable Information.| | + | |Mandatory Access Control|MAC. |
| - | | Ping of Death | An attack that sends an improperly large ICMP echo request packet (a " | + | |Man in the Middle Attack|MITM.| |
| - | | Ping Scan | A ping scan looks for machines that are responding to ICMP Echo Requests.| | + | |:::|In cryptography, |
| - | | Ping Sweep | An attack that sends ICMP echo requests (" | + | |Masquerade Attack|A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| |
| - | | PIR | Post Incident Review.| | + | |MD5|A one way cryptographic hash function. |
| - | | PGP (Pretty Good Privacy) | Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| | + | |Measures of Effectiveness|MOE.| |
| - | | PKI (Public Key Infrastructure) | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | Plaintext | Ordinary readable text before being encrypted into ciphertext or after being decrypted.| | + | |MFT|Managed File Transfer.| |
| - | | PMI | Potential Major Incident.| | + | |MI|Management Information.| |
| - | | PoC (Proof of Concept) | A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, | + | |MITM Attack|Man in the Middle.| |
| - | | POC | Point of Contact.| | + | |:::|In cryptography, |
| - | | Point-to-Point | + | |MOE|Measures of Effectiveness).| |
| - | | Point-to-Point | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | Poison Reverse | Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| | + | |Monoculture|Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| |
| - | | Polyinstantiation | Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| | + | |Morris Worm|A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| |
| - | | Polymorphism | Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| | + | |MoSCoW | Must, Should, Could, Would.| |
| - | | POP3 (Post Office Protocol Version 3) | An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | + | |Mule|Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. |
| - | | Port | A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. | + | |Multi-Cast|Broadcasting from one host to a given set of hosts.| |
| - | | Port Scan | A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " | + | |Multi-Homed|You are " |
| - | | Possession | Possession is the holding, control, and ability to use information.| | + | |Multiplexing|To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| |
| - | | Post Office Protocol Version 3 (POP3) | An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | + | |NAT|Network Address Translation).| |
| - | | PPP (Point-to-Point) | A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. | + | |:::|It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. |
| - | | PR | Problem Record.| | + | |National Institute of Standards and Technology|NIST. |
| - | | Practical Extraction and Reporting Language (PERL) | A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | + | |Natural Disaster|Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| |
| - | | Preamble | A preamble is a signal used in network communications to synchronize the transmission timing between two or more systems. | + | |Netmask|32-bit number indicating the range of IP addresses residing on a single IP network/ |
| - | | Pretty Good Privacy | + | |Network Address Translation|NAT. |
| - | | Private Addressing | IANA has set aside three address ranges for use by private or non-Internet connected networks. | + | |Network-based IDS|A network-based IDS system monitors the traffic on its network segment as a data source. |
| - | | Program Infector | A program infector is a piece of malware that attaches itself to existing program files.| | + | |Network Mapping|To compile an electronic inventory of the systems and the services on your network.| |
| - | | Program Policy | A program policy is a high-level policy that sets the overall tone of an organization' | + | |Network Taps|Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| |
| - | | Promiscuous Mode | When a machine reads all packets off the network, regardless of who they are addressed to. This is used by network administrators to diagnose network problems, but also by unsavoury | + | |Newsgroup|Newsgroup is the name for a discussion group or chat room.| |
| - | | Proof of Concept | + | |Nginx|Nginx Web Server. |
| - | | Proprietary Information | Proprietary information is that information unique to a company and its ability to compete, such as customer lists, technical data, product costs, and trade secrets.| | + | |Node|Node is any single device connected to a Network.| |
| - | | Protocol | A formal specification for communicating; | + | |Non FCT|Non Functional Testing. |
| - | | Protocol Stacks | OSI. A set of network protocol layers that work together.| | + | |Non-printable character|A character that doesn' |
| - | | Proxy Server | A server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. | + | |Non-repudiation|Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| |
| - | | PT | Performance Testing.| | + | |Null Session|Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| |
| - | | Public Key | The publicly-disclosed component of a pair of cryptographic keys used for asymmetric cryptography.| | + | |OAT|Operational Acceptance Testing. |
| - | | Public Key Encryption | The popular synonym for " | + | |Octet|A sequence of eight bits. An octet is an eight-bit byte.| |
| - | | Public Key Infrastructure | + | |One-way Encryption|Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| |
| - | | Public Key Forward Secrecy | + | |One-way Function |A (mathematical) function, f, which is easy to compute the output based on a given input. |
| - | | PWR | Product Work Request.| | + | |Open Shortest Path First|(OSPF) Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| |
| - | | QAZ | A network worm.| | + | |Open Source Information |Open source information is unclassified published information. |
| - | | Race Condition | A race condition exploits the small window of time between a security control being applied and when the service is used.| | + | |Open Systems Interconnection|OSI is a standard description or " |
| - | | Radiation Monitoring | Radiation monitoring is the process of receiving images, data, or audio from an unprotected source by listening to radiation signals.| | + | |OR|Operational Risk.| |
| - | | RAID | Redundant Array of Independant | + | |ORF|Operational Risk Framework.| |
| - | | RapidShare | RapidShare is one of the world’s largest file-hosting sites; upon uploading, the user is supplied with a unique download URL which enables anyone with whom the uploader shares the URL to download the file. No user is allowed to search the server for content.| | + | |ORIA|Operational Risk Impact Assessment. |
| - | | RC | Root Cause.| | + | |OSI|Open Systems Interconnection.| |
| - | | Reconnaissance | Reconnaissance is the phase of an attack where an attackers finds new systems, maps out networks, and probes for specific, exploitable vulnerabilities.| | + | |:::|OSI is a standard description or " |
| - | | RED | Random Early Detection.| | + | |OSI Layers|The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. |
| - | | Reflexive ACLS | CISCO. | + | |OSPF| Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| |
| - | | Registry | The Registry in Windows operating systems in the central set of settings and information required to run the Windows computer.| | + | |Overload|Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| |
| - | | Regression Analysis | The use of scripted tests which are used to test software for all possible input is should expect. | + | |Packet|A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| |
| - | | Regression Testing | The use of scripted tests which are used to test software for all possible input it should expect. | + | |Packet Switched Network|A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| |
| - | | Request for Comment | + | |PAN|Primary Account Number.| |
| - | | Resource Exhaustion | Resource exhaustion attacks involve tying up finite resources on a system, making them unavailable to others.| | + | |Partitions|Major divisions of the total physical hard disk space.| |
| - | | Response | A response is information sent that is responding to some stimulus.| | + | |Password Authentication Protocol|PAP. |
| - | | Reverse Address Resolution Protocol | + | |Password Cracking|Password cracking is the process of attempting to guess passwords, given the password file information.| |
| - | | Reverse Engineering | Acquiring sensitive data by disassembling and analyzing the design of a system component.| | + | |Password Sniffing|Passive wiretapping, |
| - | | Reverse Lookup | Find out the hostname that corresponds to a particular IP address. | + | |PATS|Per Application Test Strategy.| |
| - | | Reverse Proxy | Reverse proxies take public HTTP requests and pass them to back-end webservers to send the content to it, so the proxy can then send the content to the end-user.| | + | |Patch|A patch is a small update released by a software manufacturer to fix bugs in existing programs.| |
| - | | RFI | Request for Information.| | + | |Patching|Patching is the process of updating software to a different version.| |
| - | | RHEL | Redhat Enterprise Linux.| | + | |Payload|Payload is the actual application data a packet contains.| |
| - | | Risk | Risk is the product of the level of threat with the level of vulnerability. It establishes the likelihood of a successful attack.| | + | |Penetration|Gaining unauthorized logical access to sensitive data by circumventing a system' |
| - | | Risk Assessment | A Risk Assessment is the process by which risks are identified and the impact of those risks determined.| | + | |Penetration Testing|Penetration testing is used to test the external perimeter security of a network or facility.| |
| - | | Risk Averse | Avoiding risk even if this leads to the loss of opportunity. For example, using a (more expensive) phone call vs. sending an e-mail in order to avoid risks associated with e-mail may be considered "Risk Averse" | + | |PERL|Practical Extraction and Reporting Language).| |
| - | | Rivest-Shamir-Adleman | + | |:::|A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| |
| - | | Role Based Access Control (RBAC) | Role based access control assigns users to roles based on their organizational functions and determines authorization based on those roles.| | + | |Permutation|Permutation keeps the same letters but changes the position within a text to scramble the message.| |
| - | | ROM | Rough Order of Magnitude.| | + | |Personal Firewalls|Personal firewalls are those firewalls that are installed and run on individual PCs.| |
| - | | Root | Root is the name of the administrator account in Unix systems.| | + | |PFS|Public Key Forward Secrecy.| |
| - | | Rootkit | A collection of tools (programs) that a hacker uses to mask intrusion and obtain administrator-level access to a computer or computer network.| | + | |:::|For a key agreement protocol based on asymmetric cryptography, |
| - | | Router | Routers interconnect logical networks by forwarding information to other networks based upon IP addresses.| | + | |Pharming|This is a more sophisticated form of MITM attack. |
| - | | Routing Information Protocol | + | |Phishing|The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. |
| - | | Routing Loop | A routing loop is where two or more poorly configured routers repeatedly exchange the same packet over and over.| | + | |PII|Personal Identifiable Information.| |
| - | | RPA | Robotics Process Automation.| | + | |Ping of Death|An attack that sends an improperly large ICMP echo request packet (a " |
| - | | RPC Scans | RPC scans determine which RPC services are running on a machine.| | + | |Ping Scan|A ping scan looks for machines that are responding to ICMP Echo Requests.| |
| - | | RSS (Really Simple Syndication) | RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. | + | |Ping Sweep|An attack that sends ICMP echo requests (" |
| - | | RTM | Requirements Traceability Matrix. | + | |PIR|Post Incident Review.| |
| - | | RTQ | Risk Tollerance Questionaire.| | + | |PGP|Pretty Good Privacy).| |
| - | | Rule Set Based Access Control | + | |:::|Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| |
| - | | S/KEY | A security mechanism that uses a cryptographic hash function to generate a sequence of 64-bit, one-time passwords for remote user login. | + | |PKI|A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. |
| - | | Safety | Safety is the need to ensure that the people involved with the company, including employees, customers, and visitors, are protected from harm.| | + | |Plaintext|Ordinary readable text before being encrypted into ciphertext or after being decrypted.| |
| - | | Salt | In cryptography, | + | |PMI|Potential Major Incident.| |
| - | | SAM | Software Asset Management.| | + | |PoC|Proof of Concept).| |
| - | | SAN | Storage Area Network.| | + | |:::|A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, |
| - | | SBI | Standard Batch Interface.| | + | |POC|Point of Contact.| |
| - | | Scareware | Scareware is scam software sold to consumers using social engineering to cause shock, anxiety or the perception of a threat. | + | |Point-to-Point|PPP.| |
| - | | Scavenging | Searching through data residue in a system to gain unauthorized knowledge of sensitive data.| | + | |:::|A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. |
| - | | Secure Electronic Transactions | + | |Point-to-Point |
| - | | Secure Shell (SSH) | A program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another.| | + | |Poison Reverse|Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| |
| - | | Secure Sockets Layer (SSL) | A protocol developed by Netscape for transmitting private documents via the Internet. | + | |Polyinstantiation|Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| |
| - | | Security Policy | A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.| | + | |Polymorphism|Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| |
| - | | Segment | Segment is another name for TCP packets.| | + | |POP3|Post Office Protocol Version 3).| |
| - | | Sensitive Information | Sensitive information, | + | |:::|An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| |
| - | | Separation of Duties | Separation of duties is the principle of splitting privileges among multiple individuals or systems.| | + | |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. |
| - | | Server | A system entity that provides a service in response to requests from other system entities called clients.| | + | |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " |
| - | | Session | A session is a virtual connection between two hosts by which network traffic is passed.| | + | |Possession|Possession is the holding, control, and ability to use information.| |
| - | | Session Hijacking | Take over a session that someone else has established.| | + | |Post Office Protocol Version 3|POP3.| |
| - | | Session Key | In the context of symmetric encryption, a key that is temporary or is used for a relatively short period of time. Usually, a session key is used for a defined period of communication between two computers, such as for the duration of a single connection or transaction set, or the key is used in an application that protects relatively large amounts of data and, therefore, needs to be re-keyed frequently.| | + | |:::|An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| |
| - | | SET (Secure Electronic Transactions) | Secure Electronic Transactions is a protocol developed for credit card transactions in which all parties (customers, merchant, and bank) are authenticated using digital signatures, encryption protects the message and provides integrity, and provides end-to-end security for credit card transactions online.| | + | |PPP|(Point-to-Point).| |
| - | | SFTP | Secure File Transfer Protocol.| | + | |:::|A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. |
| - | | SHA1 | A one way cryptographic hash function. Also see " | + | |PR|Problem Record.| |
| - | | Shadow Password Files | A system file in which encryption user password are stored so that they aren't available to people who try to break into the system.| | + | |Practical Extraction and Reporting Language (PERL) | A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| |
| - | | Share | A share is a resource made public on a machine, such as a directory (file share) or printer (printer share).| | + | |Preamble|A preamble is a signal used in network communications to synchronize the transmission timing between two or more systems. |
| - | | Shell | A Unix term for the interactive user interface with an operating system. The shell is the layer of programming that understands and executes the commands a user enters. In some systems, the shell is called a command interpreter. A shell usually implies an interface with a command syntax (think of the DOS operating system and its " | + | |Pretty Good Privacy|PGP.| |
| - | | Signals Analysis | Gaining indirect knowledge of communicated data by monitoring and analyzing a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| | + | |:::|Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| |
| - | | Signature | A Signature is a distinct pattern in network traffic that can be identified to a specific tool or exploit.| | + | |Private Addressing|IANA has set aside three address ranges for use by private or non-Internet connected networks. |
| - | | Simple Integrity Property | In Simple Integrity Property a user cannot write data to a higher integrity level than their own.| | + | |Program Infector|A program infector is a piece of malware that attaches itself to existing program files.| |
| - | | Simple Network Management Protocol | + | |Program Policy|A program policy is a high-level policy that sets the overall tone of an organization' |
| - | | Simple Security Property | In Simple Security Property a user cannot read data of a higher classification than their own.| | + | |Promiscuous Mode|When a machine reads all packets off the network, regardless of who they are addressed to. This is used by network administrators to diagnose network problems, but also by unsavory |
| - | | SIT | System Integration Testing. | + | |Proof of Concept|PoC.| |
| - | | Skimming | Skimming is the theft of credit card information using an electronic device called a skimmer to read and store credit card numbers. | + | |:::|A proof of concept is realization |
| - | | SLA | Service Level Agreement.| | + | |Proprietary Information|Proprietary information is that information unique to a company and its ability to compete, such as customer lists, technical data, product costs, and trade secrets.| |
| - | | Smartcard | A smartcard is an electronic badge that includes a magnetic strip or chip that can record and replay a set key.| | + | |Protocol|A formal specification for communicating; |
| - | | SME | Subject Matter Expert.| | + | |Protocol Stacks|OSI. |
| - | | Smurf | The Smurf attack works by spoofing the target address and sending a ping to the broadcast address for a remote network, which results in a large amount of ping replies being sent to the target.| | + | |Proxy Server|A server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. |
| - | | Sniffer | A sniffer is a tool that monitors network traffic as it received in a network interface.| | + | |PT|Performance Testing.| |
| - | | Sniffing | A synonym for " | + | |Public Key|The publicly-disclosed component of a pair of cryptographic keys used for asymmetric cryptography.| |
| - | | SNMP (Simple Network Management Protocol) | The protocol governing network management and the monitoring of network devices and their functions. | + | |Public Key Encryption|The popular synonym for " |
| - | | Social Engineering | A euphemism for non-technical or low-technology means - such as lies, impersonation, | + | |Public Key Infrastructure|PKI.| |
| - | | Socket | The socket tells a host's IP stack where to plug in a data stream so that it connects to the right application.| | + | |:::|A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. |
| - | | Socket Pair | A way to uniquely specify a connection, i.e., source IP address, source port, destination IP address, destination port.| | + | |Public Key Forward Secrecy|PFS.| |
| - | | Socks | A protocol that a proxy server can use to accept requests from client users in a company' | + | |:::|For a key agreement protocol based on asymmetric cryptography, |
| - | | SOD | Start-of-Day.| | + | |PWR|Product Work Request.| |
| - | | Software | Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution.| | + | |QAZ|A network worm.| |
| - | | SOM | Supplier Operating Model.| | + | |Race Condition | A race condition exploits the small window of time between a security control being applied and when the service is used.| |
| - | | Source Port | The port that a host uses to connect to a server. It is usually a number greater than or equal to 1024. It is randomly generated and is different each time a connection is made.| | + | |Radiation Monitoring | Radiation monitoring is the process of receiving images, data, or audio from an unprotected source by listening to radiation signals.| |
| - | | Spam | Electronic junk mail or junk newsgroup postings.| | + | |RAID|Redundant Array of Independent |
| - | | Spanning Port | Configures the switch to behave like a hub for a specific port.| | + | |RapidShare|RapidShare is one of the world’s largest file-hosting sites; upon uploading, the user is supplied with a unique download URL which enables anyone with whom the uploader shares the URL to download the file. No user is allowed to search the server for content.| |
| - | | Spear-phishing | Spear-phishing is a targeted form of phishing that focuses on a single user or department within an organisation, | + | |RC|Root Cause.| |
| - | | Split Horizon | Split horizon is a algorithm for avoiding problems caused by including routes in updates sent to the gateway from which they were learned.| | + | |Reconnaissance|Reconnaissance is the phase of an attack where an attackers finds new systems, maps out networks, and probes for specific, exploitable vulnerabilities.| |
| - | | Split Key | A cryptographic key that is divided into two or more separate data items that individually convey no knowledge of the whole key that results from combining the items.| | + | |RED|Random Early Detection.| |
| - | | Spoof | Attempt by an unauthorized entity to gain access to a system by posing as an authorized user.| | + | |Reflexive ACLS|CISCO. |
| - | | Spyware | Spyware is any software application that is generally installed without the knowledge or consent of the user, to obtain, use, or interfere with personal information or resources, content, or setting, for malicious or undesirable purposes.| | + | |Registry|The Registry in Windows operating systems in the central set of settings and information required to run the Windows computer.| |
| - | | SQL | Structured Query Language.| | + | |Regression Analysis|The use of scripted tests which are used to test software for all possible input is should expect. |
| - | | SQL Injection | + | |Regression Testing|The use of scripted tests which are used to test software for all possible input it should expect. |
| - | | SSH (Secure Shell) | A program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another.| | + | |Request for Comment|RFC.| |
| - | | SSL (Secure Sockets Layer) | A protocol developed by Netscape for transmitting private documents via the Internet. | + | |:::|A series of notes about the Internet, started in 1969 (when the Internet was the ARPANET). |
| - | | SSO | Single Sign On.| | + | |Resource Exhaustion|Resource exhaustion attacks involve tying up finite resources on a system, making them unavailable to others.| |
| - | | SSO (System Security Officer) | A person responsible for enforcement or administration of the security policy that applies to the system.| | + | |Response|A response is information sent that is responding to some stimulus.| |
| - | | ST | System Testing. Done just before the UAT. End-to-End testing done by the IT team, to ensure the system can be handed over to the business to test. | + | |Reverse Address Resolution Protocol|RARP.| |
| - | | Stack Mashing | Stack mashing is the technique of using a buffer overflow to trick a computer into executing arbitrary code.| | + | |:::|RARP (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local area network can request to learn its IP address from a gateway server' |
| - | | Standard ACLS | CISCO. | + | |Reverse Engineering|Acquiring sensitive data by disassembling and analyzing the design of a system component.| |
| - | | Star Property | In Star Property, a user cannot write data to a lower classification level without logging in at that lower classification level.| | + | |Reverse Lookup|Find out the hostname that corresponds to a particular IP address. |
| - | | State Machine | A system that moves through a series of progressive conditions.| | + | |Reverse Proxy|Reverse proxies take public HTTP requests and pass them to back-end webservers to send the content to it, so the proxy can then send the content to the end-user.| |
| - | | Stateful Inspection | Also referred to as dynamic packet filtering. Stateful inspection is a firewall architecture that works at the network layer. | + | |RFI|Request for Information.| |
| - | | Static Host Tables | Static host tables are text files that contain hostname and address mapping.| | + | |RHEL|Redhat Enterprise Linux.| |
| - | | Static Routing | Static routing means that routing table entries contain information that does not change.| | + | |Risk|Risk is the product of the level of threat with the level of vulnerability. It establishes the likelihood of a successful attack.| |
| - | | Stealthing | Stealthing is a term that refers to approaches used by malicious code to conceal its presence on the infected system.| | + | |Risk Assessment|A Risk Assessment is the process by which risks are identified and the impact of those risks determined.| |
| - | | Steganalysis | Steganalysis is the process of detecting and defeating the use of steganography.| | + | |Risk Averse|Avoiding risk even if this leads to the loss of opportunity. For example, using a (more expensive) phone call vs. sending an e-mail in order to avoid risks associated with e-mail may be considered "Risk Averse" |
| - | | Steganography | Methods of hiding the existence of a message or other data. This is different than cryptography, | + | |Rivest-Shamir-Adleman|RSA.| |
| - | | Stimulus | Stimulus is network traffic that initiates a connection or solicits a response.| | + | |:::|An algorithm for asymmetric cryptography, |
| - | | Store-and-Forward | Store-and-Forward is a method of switching where the entire packet is read by a switch to determine if it is intact before forwarding it.| | + | |Role Based Access Control (RBAC) | Role based access control assigns users to roles based on their organizational functions and determines authorization based on those roles.| |
| - | | STP | Straight Through Processing.| | + | |ROM|Rough Order of Magnitude.| |
| - | | Straight-through-Cable | A straight-through cable is where the pins on one side of the connector are wired to the same pins on the other end. It is used for interconnecting nodes on the network.| | + | |Root|Root is the name of the administrator account in Unix systems.| |
| - | | Stream Cipher | A stream cipher works by encryption a message a single bit, byte, or computer word at a time.| | + | |Rootkit|A collection of tools (programs) that a hacker uses to mask intrusion and obtain administrator-level access to a computer or computer network.| |
| - | | Strong Star Property | In Strong Star Property, a user cannot write data to higher or lower classifications levels than their own.| | + | |Router|Routers interconnect logical networks by forwarding information to other networks based upon IP addresses.| |
| - | | Sub Network | A separately identifiable part of a larger network that typically represents a certain limited number of host computers, the hosts in a building or geographic area, or the hosts on an individual local area network.| | + | |Routing Information Protocol|RIP.| |
| - | | Subnet Mask | A subnet mask (or number) is used to determine the number of bits used for the subnet and host portions of the address. | + | |:::|Routing Information Protocol is a distance vector protocol used for interior gateway routing which uses hop count as the sole metric of a path's cost.| |
| - | | Switch | A switch is a networking device that keeps track of MAC addresses attached to each of its ports so that data is only transmitted on the ports that are the intended recipient of the data.| | + | |Routing Loop|A routing loop is where two or more poorly configured routers repeatedly exchange the same packet over and over.| |
| - | | Switched Network | A communications network, such as the public switched telephone network, in which any user may be connected to any other user through the use of message, circuit, or packet switching and control devices. Any network providing switched communications service.| | + | |RPA|Robotics Process Automation.| |
| - | | Symbolic Links | Special files which point at another file.| | + | |RPC Scans|RPC scans determine which RPC services are running on a machine.| |
| - | | Symmetric Cryptography | A branch of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption, or signature creation and signature verification). | + | |RSS|Really Simple Syndication.| |
| - | | Symmetric Key | A cryptographic key that is used in a symmetric cryptographic algorithm.| | + | |:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. |
| - | | SYN Flood | A denial of service attack that sends a host more TCP SYN packets (request to synchronize sequence numbers, used when opening a connection) than the protocol implementation can handle.| | + | |RTM|Requirements Traceability Matrix. |
| - | | Synchronization | Synchronization is the signal made up of a distinctive pattern of bits that network hardware looks for to signal that start of a frame.| | + | |RTQ|Risk |
| - | | Syslog | Syslog is the system logging facility for Unix systems.| | + | |Rule Set Based Access Control|RSBAC.| |
| - | | System Security Officer (SSO) | A person responsible for enforcement or administration of the security policy that applies to the system.| | + | |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.| |
| - | | System-specific Policy | A System-specific policy is a policy written for a specific system or device.| | + | |S/KEY|A security mechanism that uses a cryptographic hash function to generate a sequence of 64-bit, one-time passwords for remote user login. |
| - | | T1, T3 | A digital circuit using TDM (Time-Division Multiplexing).| | + | |Safety|Safety is the need to ensure that the people involved with the company, including employees, customers, and visitors, are protected from harm.| |
| - | | Tamper | To deliberately alter a system' | + | |Salt|In cryptography, |
| - | | TBC | To be confirmed.| | + | |SAM|Software Asset Management.| |
| - | | TCP (Transmission Control Protocol) | A set of rules (protocol) used along with the Internet Protocol to send data in the form of message units between computers over the Internet. | + | |SAN|Storage Area Network.| |
| - | | TCP Fingerprinting | TCP fingerprinting is the user of odd packet header combinations to determine a remote operating system.| | + | |SBI|Standard Batch Interface.| |
| - | | TCP Full Open Scan | TCP Full Open scans check each port by performing a full three-way handshake on each port to determine if it was open.| | + | |Scareware|Scareware is scam software sold to consumers using social engineering to cause shock, anxiety or the perception of a threat. |
| - | | TCP Half Open Scan | TCP Half Open scans work by performing the first half of a three-way handshake to determine if a port is open.| | + | |Scavenging|Searching through data residue in a system to gain unauthorized knowledge of sensitive data.| |
| - | | TCP Wrapper | A software package which can be used to restrict access to certain network services based on the source of the connection; a simple tool to monitor and control incoming network traffic.| | + | |Secure Electronic Transactions|SET.| |
| - | | TCP/IP | A synonym for " | + | |:::|Secure Electronic Transactions is a protocol developed for credit card transactions in which all parties (customers, merchant, and bank) are authenticated using digital signatures, encryption protects the message and provides integrity, and provides end-to-end security for credit card transactions online.| |
| - | | TCPDump | TCPDump is a freeware protocol analyzer for Unix that can monitor network traffic on a wire.| | + | |Secure Shell|SSH.| |
| - | | Technical Vulnerability Assessment (TVA) | A Technical Vulnerability Assessment is a key component of an organization’s Risk Assessment and Risk Management programs.| | + | |:::|A program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another.| |
| - | | Telnet | A TCP-based, application-layer, | + | |Secure Sockets Layer|SSL.| |
| - | | Threat | A potential for violation of security, which exists when there is a circumstance, | + | |:::|A protocol developed by Netscape for transmitting private documents via the Internet. |
| - | | Threat Assessment | A threat assessment is the identification of types of threats that an organization might be exposed to.| | + | |Security Policy|A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.| |
| - | | Threat Model | A threat model is used to describe a given threat and the harm it could to do a system if it has a vulnerability.| | + | |Segment|Segment is another name for TCP packets.| |
| - | | Threat Vector | The method a threat uses to get to the target.| | + | |Sensitive Information|Sensitive information, |
| - | | Time to Live | A value in an Internet Protocol packet that tells a network router whether or not the packet has been in the network too long and should be discarded.| | + | |Separation of Duties|Separation of duties is the principle of splitting privileges among multiple individuals or systems.| |
| - | | Tiny Fragment Attack | With many IP implementations it is possible to impose an unusually small fragment size on outgoing packets. | + | |Server|A system entity that provides a service in response to requests from other system entities called clients.| |
| - | | TLS (Transport Layer Security) | A protocol that ensures privacy between communicating applications and their users on the Internet. | + | |Session|A session is a virtual connection between two hosts by which network traffic is passed.| |
| - | | T&M | Time and Materials.| | + | |Session Hijacking|Take over a session that someone else has established.| |
| - | | Token Ring | A token ring network is a local area network in which all computers are connected in a ring or star topology and a binary digit or token-passing scheme is used in order to prevent the collision of data between two computers that want to send messages at the same time.| | + | |Session Key|In the context of symmetric encryption, a key that is temporary or is used for a relatively short period of time. Usually, a session key is used for a defined period of communication between two computers, such as for the duration of a single connection or transaction set, or the key is used in an application that protects relatively large amounts of data and, therefore, needs to be re-keyed frequently.| |
| - | | Token-based Access Control | Token based access control associates a list of objects and their privileges with each user. (The opposite of list based.)| | + | |SET|Secure Electronic Transactions).| |
| - | | TOM | Target Operating Model.| | + | |:::|Secure Electronic Transactions is a protocol developed for credit card transactions in which all parties (customers, merchant, and bank) are authenticated using digital signatures, encryption protects the message and provides integrity, and provides end-to-end security for credit card transactions online.| |
| - | | Topology | The geometric arrangement of a computer system. Common topologies include a bus, star, and ring. The specific physical, i.e., real, or logical, i.e., virtual, arrangement of the elements of a network. | + | |SFTP|Secure File Transfer Protocol.| |
| - | | TOR | Terms of Reference.| | + | |SHA1|A one way cryptographic hash function. Also see " |
| - | | Traceroute | Traceroute is a tool the maps the route a packet takes from the local machine to a remote destination.| | + | |Shadow Password Files | A system file in which encryption user password are stored so that they aren't available to people who try to break into the system.| |
| - | | Trade Secret | A Trade Secret is Information (including a formula, pattern, compilation, | + | |Share|A share is a resource made public on a machine, such as a directory (file share) or printer (printer share).| |
| - | | Transmission Control Protocol | + | |Shell|A Unix term for the interactive user interface with an operating system. The shell is the layer of programming that understands and executes the commands a user enters. In some systems, the shell is called a command interpreter. A shell usually implies an interface with a command syntax (think of the DOS operating system and its " |
| - | | Transport Layer Security | + | |Signals Analysis|Gaining indirect knowledge of communicated data by monitoring and analyzing a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| |
| - | | TRB | Test Review Board.| | + | |Signature|A Signature is a distinct pattern in network traffic that can be identified to a specific tool or exploit.| |
| - | | Triple DES | A block cipher, based on DES, that transforms each 64-bit plain-text block by applying the Data Encryption Algorithm three successive times, using either two or three different keys, for an effective key length of 112 or 168 bits.| | + | |Simple Integrity Property|In Simple Integrity Property a user cannot write data to a higher integrity level than their own.| |
| - | | Triple-wrapped | S/MIME usage: data that has been signed with a digital signature, and then encrypted, and then signed again.| | + | |Simple Network Management Protocol|SNMP.| |
| - | | Trojan Horse | A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.| | + | |:::|The protocol governing network management and the monitoring of network devices and their functions. |
| - | | Trunking | Trunking is connecting switched together so that they can share VLAN information between them.| | + | |Simple Security Property|In Simple Security Property a user cannot read data of a higher classification than their own.| |
| - | | Trust | Trust determine which permissions and what actions other systems or users can perform on remote machines.| | + | |SIT|System Integration Testing. |
| - | | Trusted Ports | Trusted ports are ports below number 1024 usually allowed to be opened by the root user.| | + | |Skimming|Skimming is the theft of credit card information using an electronic device called a skimmer to read and store credit card numbers. |
| - | | TSBIA | Technical Service Baseline Impact Assessment.| | + | |SLA|Service Level Agreement.| |
| - | | Tunnel | A communication channel created in a computer network by encapsulating a communication protocol' | + | |Smartcard|A smartcard is an electronic badge that includes a magnetic strip or chip that can record and replay a set key.| |
| - | | TVA (Technical Vulnerability Assessment) | A Technical Vulnerability Assessment is a key component of an organization’s Risk Assessment and Risk Management programs.| | + | |SME|Subject Matter Expert.| |
| - | | UAT | User Acceptance Testing.| | + | |Smurf|The Smurf attack works by spoofing the target address and sending a ping to the broadcast address for a remote network, which results in a large amount of ping replies being sent to the target.| |
| - | | UDF | User Defined Field.| | + | |Sniffer|A sniffer is a tool that monitors network traffic as it received in a network interface.| |
| - | | UDP (User Datagram Protocol) | A communications protocol that, like TCP, runs on top of IP networks. | + | |Sniffing|A synonym for " |
| - | | UDP Scan | UDP scans perform scans to determine which UDP ports are open.| | + | |SNMP|Simple Network Management Protocol.| |
| - | | Underground Economy | The Underground Economy (sometimes known as black market or black economy) is trade, goods and services that are not part of the official economy of a country; this may be legal activities where taxes are not paid, or illegal activities, such as drug trafficking, | + | |:::|The protocol governing network management and the monitoring of network devices and their functions. |
| - | | Unicast | Broadcasting from host to host.| | + | |Social Engineering | A euphemism for non-technical or low-technology means - such as lies, impersonation, |
| - | | Uniform Resource Identifier | + | |Socket|The socket tells a host's IP stack where to plug in a data stream so that it connects to the right application.| |
| - | | Uniform Resource Locator | + | |Socket Pair|A way to uniquely specify a connection, i.e., source IP address, source port, destination IP address, destination port.| |
| - | | UNIX | A popular multi-user, multitasking operating system developed at Bell Labs in the early 1970s. | + | |Socks|A protocol that a proxy server can use to accept requests from client users in a company' |
| - | | Unprotected Share | In Windows terminology, | + | |SOD|Start-of-Day.| |
| - | | UPI | Unique Product Identifier.| | + | |Software|Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution.| |
| - | | URL (Uniform Resource Locator) | The global address of documents and other resources on the World Wide Web. The first part of the address indicates what protocol to use, and the second part specifies the IP address or the domain name where the resource is located. | + | |SOM|Supplier Operating Model.| |
| - | | User | A person, organization entity, or automated process that accesses a system, whether authorized to do so or not.| | + | |Source Port|The port that a host uses to connect to a server. It is usually a number greater than or equal to 1024. It is randomly generated and is different each time a connection is made.| |
| - | | User Contingency Plan | User contingency plan is the alternative methods of continuing business operations if IT systems are unavailable.| | + | |Spam|Electronic junk mail or junk newsgroup postings.| |
| - | | User Datagram Protocol | + | |Spanning Port|Configures the switch to behave like a hub for a specific port.| |
| - | | Usenet | Usenet is an outdated term for a worldwide system of discussion groups, with comments passed among hundreds or thousands of machines. | + | |Spear-phishing|Spear-phishing is a targeted form of phishing that focuses on a single user or department within an organisation, |
| - | | VDI | Virtual Desktop Infrastructure.| | + | |Split Horizon|Split horizon is a algorithm for avoiding problems caused by including routes in updates sent to the gateway from which they were learned.| |
| - | | Virtual Private Network | + | |Split Key |A cryptographic key that is divided into two or more separate data items that individually convey no knowledge of the whole key that results from combining the items.| |
| - | | Virus | A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting - i.e., inserting a copy of itself into and becoming part of - another program. A virus cannot run by itself; it requires that its host program be run to make the virus active.| | + | |Spoof|Attempt by an unauthorized entity to gain access to a system by posing as an authorized user.| |
| - | | Voice Firewall | A physical discontinuity in a voice network that monitors, alerts and controls inbound and outbound voice network activity based on user-defined call admission control (CAC) policies, voice application layer security threats or unauthorized service use violations.| | + | |Spyware|Spyware is any software application that is generally installed without the knowledge or consent of the user, to obtain, use, or interfere with personal information or resources, content, or setting, for malicious or undesirable purposes.| |
| - | | Voice Intrusion Prevention System | + | |SQL|Structured Query Language.| |
| - | | VPN (Virtual Private Network) | A restricted-use, | + | |SQLInjection|SQL injection is a type of input validation attack specific to database-driven applications where SQL code is inserted into application queries to manipulate the database.| |
| - | | W3 (World Wide Web) | The global, hypermedia-based collection of information (including text, audio, video, and graphics) and services that is available on Internet servers and is accessed by browsers using Hypertext Transfer Protocol and other information retrieval mechanisms.| | + | |SSH|Secure Shell. |
| - | | W3C (World Wide Web Consortium) | The W3C is an international organization that develops Web standards.| | + | |:::|A program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another.| |
| - | | WAR | Work Area Recovery.| | + | |SSL|Secure Sockets Layer.| |
| - | | War Chalking | War chalking is marking areas, usually on sidewalks with chalk, that receive wireless signals that can be accessed.| | + | |:::|A protocol developed by Netscape for transmitting private documents via the Internet. |
| - | | War Dialer | A computer program that automatically dials a series of telephone numbers to find lines connected to computer systems, and catalogues those numbers so that a cracker can try to break into the systems.| | + | |SSO|Single Sign On.| |
| - | | War Dialing | War dialing is a simple means of trying to identify modems in a telephone exchange that may be susceptible to compromise in an attempt to circumvent perimeter security.| | + | |SSO|System Security Officer.| |
| - | | Warez | Warez refers primarily to copyrighted works distributed without fees or royalties, and may be traded, in general violation of copyright law. The term generally refers to unauthorized releases by organized groups, as opposed to file sharing between friends.| | + | |:::A person responsible for enforcement or administration of the security policy that applies to the system.| |
| - | | Warm Disaster Recovery Site | It contains partially redundant hardware and software, with telecommunications, | + | |ST|System Testing. Done just before the UAT. End-to-End testing done by the IT team, to ensure the system can be handed over to the business to test. |
| - | | War Driving | War driving is the process of travelling around looking for wireless access point signals that can be used to get network access.| | + | |Stack Mashing|Stack mashing is the technique of using a buffer overflow to trick a computer into executing arbitrary code.| |
| - | | Web 2.0 | Web 2.0 currently lacks a precise definition. | + | |Standard ACLS|CISCO. |
| - | | Web of Trust | A web of trust is the trust that naturally evolves as a user starts to trust others' | + | |Star Property|In Star Property, a user cannot write data to a lower classification level without logging in at that lower classification level.| |
| - | | Web Server | A software process that runs on a host computer connected to the Internet to respond to HTTP requests for documents from client web browsers.| | + | |State Machine|A system that moves through a series of progressive conditions.| |
| - | | WEP (Wired Equivalent Privacy) | A security protocol for wireless local area networks defined in the standard IEEE 802.11b.| | + | |Stateful Inspection|Also referred to as dynamic packet filtering. Stateful inspection is a firewall architecture that works at the network layer. |
| - | | WHOIS | An IP for finding information about resources on networks.| | + | |Static Host Tables|Static host tables are text files that contain hostname and address mapping.| |
| - | | Wiki | Wiki (from the Hawaiian word for quickly) is a medium for collaboration that allows many people to participate in the production of a long-term knowledge repository or database, often devoted to a specific subject or field of interest. | + | |Static Routing|Static routing means that routing table entries contain information that does not change.| |
| - | | Windowing | A windowing system is a system for sharing a computer' | + | |Stealthing|Stealthing is a term that refers to approaches used by malicious code to conceal its presence on the infected system.| |
| - | | Windump | Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | + | |Steganalysis|Steganalysis is the process of detecting and defeating the use of steganography.| |
| - | | Wired Equivalent Privacy | + | |Steganography|Methods of hiding the existence of a message or other data. This is different than cryptography, |
| - | | Wireless Application Protocol | A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | + | |Stimulus|Stimulus is network traffic that initiates a connection or solicits a response.| |
| - | | Wiretapping | Monitoring and recording data that is flowing between two points in a communication system.| | + | |Store-and-Forward|Store-and-Forward is a method of switching where the entire packet is read by a switch to determine if it is intact before forwarding it.| |
| - | | World Wide Web Consortium | + | |STP|Straight Through Processing.| |
| - | | World Wide Web (WWW) | Also known as "THE WEB" or W3.| | + | |Straight-through-Cable|A straight-through cable is where the pins on one side of the connector are wired to the same pins on the other end. It is used for interconnecting nodes on the network.| |
| - | | Worm | A computer program that can run independently, | + | |Stream Cipher|A stream cipher works by encryption a message a single bit, byte, or computer word at a time.| |
| - | | WWW (World Wide Web) | The global, hypermedia-based collection of information (including text, audio, video, and graphics) and services that is available on Internet servers and is accessed by browsers using Hypertext Transfer Protocol and other information retrieval mechanisms.| | + | |Strong Star Property|In Strong Star Property, a user cannot write data to higher or lower classifications levels than their own.| |
| - | | Zero Day | The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. | + | |Sub Network|A separately identifiable part of a larger network that typically represents a certain limited number of host computers, the hosts in a building or geographic area, or the hosts on an individual local area network.| |
| - | | Zero-day Attack | A zero-day (or zero-hour or day zero) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer. | + | |Subnet Mask|A subnet mask (or number) is used to determine the number of bits used for the subnet and host portions of the address. |
| - | | Zombies | A zombie computer (often shortened as zombie) is a computer connected to the Internet that has been compromised by a hacker, a computer virus, or a trojan horse. | + | |Switch|A switch is a networking device that keeps track of MAC addresses attached to each of its ports so that data is only transmitted on the ports that are the intended recipient of the data.| |
| + | |Switched Network|A communications network, such as the public switched telephone network, in which any user may be connected to any other user through the use of message, circuit, or packet switching and control devices. Any network providing switched communications service.| | ||
| + | |Symbolic Links|Special files which point at another file.| | ||
| + | |Symmetric Cryptography|A branch of cryptography involving algorithms that use the same key for two different steps of the algorithm (such as encryption and decryption, or signature creation and signature verification). | ||
| + | |Symmetric Key|A cryptographic key that is used in a symmetric cryptographic algorithm.| | ||
| + | |SYN Flood|A denial of service attack that sends a host more TCP SYN packets (request to synchronize sequence numbers, used when opening a connection) than the protocol implementation can handle.| | ||
| + | |Synchronization|Synchronization is the signal made up of a distinctive pattern of bits that network hardware looks for to signal that start of a frame.| | ||
| + | |Syslog|Syslog is the system logging facility for Unix systems.| | ||
| + | |System Security Officer (SSO) | A person responsible for enforcement or administration of the security policy that applies to the system.| | ||
| + | |System-specific Policy|A System-specific policy is a policy written for a specific system or device.| | ||
| + | |T1, T3|A digital circuit using TDM (Time-Division Multiplexing).| | ||
| + | |Tamper|To deliberately alter a system' | ||
| + | |TBC|To be confirmed.| | ||
| + | |TCP|Transmission Control Protocol.| | ||
| + | |:::|A set of rules (protocol) used along with the Internet Protocol to send data in the form of message units between computers over the Internet. | ||
| + | |TCP Fingerprinting|TCP fingerprinting is the user of odd packet header combinations to determine a remote operating system.| | ||
| + | |TCP Full Open Scan|TCP Full Open scans check each port by performing a full three-way handshake on each port to determine if it was open.| | ||
| + | |TCP Half Open Scan|TCP Half Open scans work by performing the first half of a three-way handshake to determine if a port is open.| | ||
| + | |TCP Wrapper| A software package which can be used to restrict access to certain network services based on the source of the connection; a simple tool to monitor and control incoming network traffic.| | ||
| + | |TCP/IP|A synonym for " | ||
| + | |TCPDump|TCPDump is a freeware protocol analyzer for Unix that can monitor network traffic on a wire.| | ||
| + | |Technical Vulnerability Assessment (TVA) | A Technical Vulnerability Assessment is a key component of an organization’s Risk Assessment and Risk Management programs.| | ||
| + | |Telnet|A TCP-based, application-layer, | ||
| + | |Threat|A potential for violation of security, which exists when there is a circumstance, | ||
| + | |Threat Assessment|A threat assessment is the identification of types of threats that an organization might be exposed to.| | ||
| + | |Threat Model|A threat model is used to describe a given threat and the harm it could to do a system if it has a vulnerability.| | ||
| + | |Threat Vector|The method a threat uses to get to the target.| | ||
| + | |Time to Live|A value in an Internet Protocol packet that tells a network router whether or not the packet has been in the network too long and should be discarded.| | ||
| + | |Tiny Fragment Attack|With many IP implementations it is possible to impose an unusually small fragment size on outgoing packets. | ||
| + | |TLS|Transport Layer Security.| | ||
| + | |:::|A protocol that ensures privacy between communicating applications and their users on the Internet. | ||
| + | |T& | ||
| + | |Token Ring|A token ring network is a local area network in which all computers are connected in a ring or star topology and a binary digit or token-passing scheme is used in order to prevent the collision of data between two computers that want to send messages at the same time.| | ||
| + | |Token-based Access Control | Token based access control associates a list of objects and their privileges with each user. (The opposite of list based.)| | ||
| + | |TOM|Target Operating Model.| | ||
| + | |Topology|The geometric arrangement of a computer system. Common topologies include a bus, star, and ring. The specific physical, i.e., real, or logical, i.e., virtual, arrangement of the elements of a network. | ||
| + | |TOR|Terms of Reference.| | ||
| + | |Traceroute|Traceroute is a tool the maps the route a packet takes from the local machine to a remote destination.| | ||
| + | |Trade Secret|A Trade Secret is Information (including a formula, pattern, compilation, | ||
| + | |Transmission Control Protocol|TCP.| | ||
| + | |:::|A set of rules (protocol) used along with the Internet Protocol to send data in the form of message units between computers over the Internet. | ||
| + | |Transport Layer Security|TLS.| | ||
| + | |:::|A protocol that ensures privacy between communicating applications and their users on the Internet. | ||
| + | |TRB|Test Review Board.| | ||
| + | |Triple DES|A block cipher, based on DES, that transforms each 64-bit plain-text block by applying the Data Encryption Algorithm three successive times, using either two or three different keys, for an effective key length of 112 or 168 bits.| | ||
| + | |Triple-wrapped|S/ | ||
| + | |Trojan Horse|A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.| | ||
| + | |Trunking|Trunking is connecting switched together so that they can share VLAN information between them.| | ||
| + | |Trust|Trust determine which permissions and what actions other systems or users can perform on remote machines.| | ||
| + | |Trusted Ports|Trusted ports are ports below number 1024 usually allowed to be opened by the root user.| | ||
| + | |TSBIA|Technical Service Baseline Impact Assessment.| | ||
| + | |Tunnel|A communication channel created in a computer network by encapsulating a communication protocol' | ||
| + | |TVA|Technical Vulnerability Assessment.| | ||
| + | |:::|A Technical Vulnerability Assessment is a key component of an organization’s Risk Assessment and Risk Management programs.| | ||
| + | |UAT|User Acceptance Testing.| | ||
| + | |UDF|User Defined Field.| | ||
| + | |UDP|User Datagram Protocol| | ||
| + | |:::|A communications protocol that, like TCP, runs on top of IP networks. | ||
| + | |UDP Scan|UDP scans perform scans to determine which UDP ports are open.| | ||
| + | |Underground Economy|The Underground Economy (sometimes known as black market or black economy) is trade, goods and services that are not part of the official economy of a country; this may be legal activities where taxes are not paid, or illegal activities, such as drug trafficking, | ||
| + | |Unicast|Broadcasting from host to host.| | ||
| + | |Uniform Resource Identifier|URI.| | ||
| + | |:::|The generic term for all types of names and addresses that refer to objects on the World Wide Web.| | ||
| + | |Uniform Resource Locator|URL.| | ||
| + | |:::|The global address of documents and other resources on the World Wide Web. The first part of the address indicates what protocol to use, and the second part specifies the IP address or the domain name where the resource is located. | ||
| + | |UNIX|A popular multi-user, multitasking operating system developed at Bell Labs in the early 1970s. | ||
| + | |Unprotected Share|In Windows terminology, | ||
| + | |UPI|Unique Product Identifier.| | ||
| + | |URL|Uniform Resource Locator.| | ||
| + | |:::|The global address of documents and other resources on the World Wide Web. The first part of the address indicates what protocol to use, and the second part specifies the IP address or the domain name where the resource is located. | ||
| + | |User| A person, organization entity, or automated process that accesses a system, whether authorized to do so or not.| | ||
| + | |User Contingency Plan| User contingency plan is the alternative methods of continuing business operations if IT systems are unavailable.| | ||
| + | |User Datagram Protocol|UDP| | ||
| + | |:::|A communications protocol that, like TCP, runs on top of IP networks. | ||
| + | |Usenet|Usenet is an outdated term for a worldwide system of discussion groups, with comments passed among hundreds or thousands of machines. | ||
| + | |VDI|Virtual Desktop Infrastructure.| | ||
| + | |Virtual Private Network|VPN| | ||
| + | |:::|A restricted-use, | ||
| + | |Virus| A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting - i.e., inserting a copy of itself into and becoming part of - another program. A virus cannot run by itself; it requires that its host program be run to make the virus active.| | ||
| + | |Voice Firewall|A physical discontinuity in a voice network that monitors, alerts and controls inbound and outbound voice network activity based on user-defined call admission control (CAC) policies, voice application layer security threats or unauthorized service use violations.| | ||
| + | |Voice Intrusion Prevention System|Voice IPS is a security management system for voice networks which monitors voice traffic for multiple calling patterns or attack/ | ||
| + | |VPN|Virtual Private Network.| | ||
| + | |:::|A restricted-use, | ||
| + | |W3|World Wide Web.| | ||
| + | |:::|The global, hypermedia-based collection of information (including text, audio, video, and graphics) and services that is available on Internet servers and is accessed by browsers using Hypertext Transfer Protocol and other information retrieval mechanisms.| | ||
| + | |W3C|World Wide Web Consortium| | ||
| + | |:::|The W3C is an international organization that develops Web standards.| | ||
| + | |WAR|Work Area Recovery.| | ||
| + | |War Chalking|War chalking is marking areas, usually on sidewalks with chalk, that receive wireless signals that can be accessed.| | ||
| + | |War Dialer|A computer program that automatically dials a series of telephone numbers to find lines connected to computer systems, and catalogues those numbers so that a cracker can try to break into the systems.| | ||
| + | |War Dialing|War dialing is a simple means of trying to identify modems in a telephone exchange that may be susceptible to compromise in an attempt to circumvent perimeter security.| | ||
| + | |Warez|Warez refers primarily to copyrighted works distributed without fees or royalties, and may be traded, in general violation of copyright law. The term generally refers to unauthorized releases by organized groups, as opposed to file sharing between friends.| | ||
| + | |Warm Disaster Recovery Site|It contains partially redundant hardware and software, with telecommunications, | ||
| + | |War Driving|War driving is the process of travelling around looking for wireless access point signals that can be used to get network access.| | ||
| + | |Web 2.0|Web 2.0 currently lacks a precise definition. | ||
| + | |Web of Trust|A web of trust is the trust that naturally evolves as a user starts to trust others' | ||
| + | |Web Server|A software process that runs on a host computer connected to the Internet to respond to HTTP requests for documents from client web browsers.| | ||
| + | |WEP|Wired Equivalent Privacy.| | ||
| + | |:::|A security protocol for wireless local area networks defined in the standard IEEE 802.11b.| | ||
| + | |WHOIS|An IP for finding information about resources on networks.| | ||
| + | |Wiki|Wiki (from the Hawaiian word for quickly) is a medium for collaboration that allows many people to participate in the production of a long-term knowledge repository or database, often devoted to a specific subject or field of interest. | ||
| + | |Windowing|A windowing system is a system for sharing a computer' | ||
| + | |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | ||
| + | |Wired Equivalent Privacy|WEP.| | ||
| + | |:::|A security protocol for wireless local area networks defined in the standard IEEE 802.11b.| | ||
| + | |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | ||
| + | |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.| | ||
| + | |World Wide Web Consortium|W3C.| | ||
| + | |:::|The W3C is an international organization that develops Web standards.| | ||
| + | |World Wide Web|WWW.| | ||
| + | |:::|Also known as "THE WEB" or W3.| | ||
| + | |Worm|A computer program that can run independently, | ||
| + | |WWW|World Wide Web.| | ||
| + | |:::|The global, hypermedia-based collection of information (including text, audio, video, and graphics) and services that is available on Internet servers and is accessed by browsers using Hypertext Transfer Protocol and other information retrieval mechanisms.| | ||
| + | |Zero Day|The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. | ||
| + | |Zero-day Attack|A zero-day (or zero-hour or day zero) attack or threat is a computer threat that tries to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer. | ||
| + | |Zombies|A zombie computer (often shortened as zombie) is a computer connected to the Internet that has been compromised by a hacker, a computer virus, or a trojan horse. | ||
glossary/start.1656671130.txt.gz · Last modified: 2022/07/01 10:25 by 45.89.242.233