Differences

This shows you the differences between two versions of the page.

--- glossary:start [2023/07/17 15:19] – peter
+++ glossary:start [2023/07/17 15:57] (current) – peter
@@ Line 19: / Line 19: @@
 |ACL|Access Control List.  A list of permissions attached to an object.|
 |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.|
-|Access Control List|ACL. A list of permissions attached to an object.|
+|Access Control List|ACL.|
+|:::|A list of permissions attached to an object.|
 |Access Control Service|A security service that provides protection of system resources against unauthorized access.  The two basic mechanisms for implementing this service are ACLs and tickets.|
 |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.|
 |Account Harvesting|The process of collecting all the legitimate account names on a system.|
 |Active Content|Program code embedded in the contents of a web page.  When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).|
-|Active Directory|AD.  A directory service implemented by Microsoft for Windows domain networks. |
+|Active Directory|AD.|
+|:::|A directory service implemented by Microsoft for Windows domain networks. |
 |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.|
 |AD|Active Directory.  A directory service implemented by Microsoft for Windows domain networks. |
 |ADAL| Authoritive Data Access Layer.|
-|Address Resolution Protocol|ARP.  A protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network.  A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address.  ARP provides the protocol rules for making this correlation and providing address conversion in both directions.|
+|Address Resolution Protocol|ARP.|
-|ADS| Authoritive Data Source.|
+|:::|A protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network.  A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address.  ARP provides the protocol rules for making this correlation and providing address conversion in both directions.|
+|ADS|Authoritive Data Source.|
 |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses.  Unlike regular dialup phone service, ADSL provides continuously-available, “always on” connection. |
-|Advanced Encryption Standard|AES.  An encryption standard being developed by NIST.  Intended to specify an unclassified, publicly-disclosed, symmetric encryption algorithm.|
+|Advanced Encryption Standard|AES.|
-|AEOD | After End-of-Day.|
+|:::|An encryption standard being developed by NIST.  Intended to specify an unclassified, publicly-disclosed, symmetric encryption algorithm.|
+|AEOD|After End-of-Day.|
 |AES|Advanced Encryption Standard.  An encryption standard being developed by NIST.  Intended to specify an unclassified, publicly-disclosed, symmetric encryption algorithm.|
-|AIRB| Advanced Internal Rating Based Approach.|
+|AIRB|Advanced Internal Rating Based Approach.|
-|A&L| Assets and Liabilities |
+|A&L|Assets and Liabilities |
-|Algorithm| A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.|
+|Algorithm|A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.|
 |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.|
 |AMSC|Application Management Service Centre.|
@@ Line 49: / Line 53: @@
 |:::|A globally unique number assigned by a registrar for the purposes of Internet routing, |
 |Asymmetric Cryptography|Public-key cryptography.  A modern branch of cryptography in which the algorithms employ a pair of keys (a public key and a private key) and use a different component of the pair for different steps of the algorithm.|
-|Asymmetric Warfare | Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent's strengths while exploiting his weaknesses.|
+|Asymmetric Warfare|Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent's strengths while exploiting his weaknesses.|
 |Auditing|The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.|
 |Asymmetric Digital Subscriber Line|ADSL.|
@@ Line 61: / Line 65: @@
 |Authorization|The approval, permission, or empowerment for someone or something to do something.|
 |Autonomous System|One network or series of networks that are all under one administrative control.  An autonomous system is also sometimes referred to as a routing domain.  For the purposes of Internet routing, an autonomous system is assigned a globally unique number by a registrar, called an Autonomous System Number (ASN).|
-|Autonomous System Number|ASN.  A globally unique number assigned by a registrar for the purposes of Internet routing.|
+|Autonomous System Number|ASN.|
+|:::|A globally unique number assigned by a registrar for the purposes of Internet routing.|
 |Availability|The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.|
 |Backdoor|A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.|
@@ Line 67: / Line 72: @@
 |Banner|A banner is the information that is displayed to a remote user trying to connect to a service.  This may include version information, system information, or a warning about authorized use.|
 |BAP|Business and Personal.|
-|Basic Authentication | Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.|
+|Basic Authentication|Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.|
 |Bastion Host|A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.|
 |BAU|Business as Usual.|
-|BBS|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, upload and download files, and record observations and points of view without having to be simultaneously connected to the system at any given time.|
+|BBS|Bulletin Board System.|
+|:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, upload and download files, and record observations and points of view without having to be simultaneously connected to the system at any given time.|
 |BCM|Business Continuity Management. The management of a Business Continuity Plan (BCP).|
 |BCP|Business Continuity Plan. A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.|
@@ Line 88: / Line 94: @@
 |BLoR|Business List of Records.  An indexed list of relevant records.|
 |BOM|Business Only Membership.|
-|Border Gateway Protocol|BGP.  An inter-autonomous system routing protocol.  BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP).|
+|Border Gateway Protocol|BGP.|
+|:::|An inter-autonomous system routing protocol.  BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP).|
 |Boot Record Infector|A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.|
 |Bot|Also called ‘Internet bots’; refers to computers that perform tasks without human input.  Increasingly used for click-fraud and other malicious purposes.|
@@ Line 102: / Line 109: @@
 |Brute Force|A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, one-by-one.|
 |BSM|Balance Sheet Management.|
-|BSS 7799|British Standard 7799.  A standard code of practice and provides guidance on how to secure an information system.  It includes the management framework, objectives, and control requirements for information security management systems.|
+|BSS 7799|British Standard 7799.|
+|:::|A standard code of practice and provides guidance on how to secure an information system.  It includes the management framework, objectives, and control requirements for information security management systems.|
 |BST|British Summer Time.|
 |Buffer Overflow|A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold.  Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.|
 |Bullet-proof hosting|Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute.  This leniency has been taken advantage of by spammers and providers of online gambling or pornography.|
-|Bulletin Board System|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, upload and download files, and record observations and points of view without having to be simultaneously connected to the system at any given time.|
+|Bulletin Board System|BBS|
-|Business Continuity Management|BCM. The management of a Business Continuity Plan (BCP).|
+|:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, upload and download files, and record observations and points of view without having to be simultaneously connected to the system at any given time.|
-|Business Continuity Plan|BCP.  A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.|
+|Business Continuity Management|BCM.|
-|Business Impact Analysis|BIA.  A Business Impact Analysis determines what levels of impact to a system are tolerable.|
+|:::|The management of a Business Continuity Plan (BCP).|
+|Business Continuity Plan|BCP.|
+|:::|A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.|
+|Business Impact Analysis|BIA.|
+|:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.|
 |Business Intelligence|Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; usually through the integration of sales, marketing, servicing, and support operations.  It covers such activities as customer relationship management, enterprise resource planning and e-commerce using data mining techniques.  Those people involved in business intelligence tend to regard it as one aspect of knowledge management.  Systems based on business intelligence software were formerly known as Executive information Systems.|
 |BYOD|Bring Your Own Device.|
@@ Line 115: / Line 127: @@
 |CA|Certificate Authority.|
 |CAB|Change Advisory Board.|
-|CAC|Call Admission Control.  The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.|
+|CAC|Call Admission Control.|
+|:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.|
 |Cache|Pronounced cash, a special high-speed storage mechanism.  It can be either a reserved section of main memory or an independent high-speed storage device.  Two types of caching are commonly used in personal computers: memory caching and disk caching.|
 |Cache Cramming|Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.|
 |Cache Poisoning|Malicious or misleading data from a remote name server is saved [cached] by another name server.  Typically used with DNS cache poisoning attacks.|
-|Call Admission Control|CAC.  The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.|
+|Call Admission Control|CAC.|
+|:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.|
 |CAMS|Cash Management System.|
 |Carding|Carding is a term used for a process to verify the validity of stolen card data.  The thief presents the card information on a website that has real-time transaction processing.  If the card is processed successfully, the thief knows that the card is still good.  The specific item purchased is immaterial, and the thief does not need to purchase an actual product; a Web site subscription or charitable donation would be sufficient.  The purchase is usually for a small monetary amount, both to avoid using the card's credit limit, and also to avoid attracting the card issuer's attention.  A website known to be susceptible to carding is known as a cartable website.|
 |Cash-out|The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.|
-|CCO|Chief Controls Office.  The Chief Controls Office centralizes and increases the focus on maintaining and enhancing an effective control framework.|
+|CCO|Chief Controls Office.|
+|:::|The Chief Controls Office centralizes and increases the focus on maintaining and enhancing an effective control framework.|
 |CDC|Client Data Controls.|
 |CDI|Client Data Interface.|
@@ Line 175: / Line 190: @@
 |CRAID|Changes, Risks, Assumptions, Issues, Dependencies.|
 |Crawler|A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user.  It may also be known as Web crawler.|
-|CRC|Cyclic Redundancy Check.  Sometimes called "cyclic redundancy code."  A type of checksum algorithm that is not a cryptographic hash but is used to implement data integrity service where accidental changes to data are expected.|
+|CRC|Cyclic Redundancy Check.|
+|:::|Sometimes called "cyclic redundancy code."  A type of checksum algorithm that is not a cryptographic hash but is used to implement data integrity service where accidental changes to data are expected.|
 |Criminal Forum|A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.|
 |CRON|Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.|
@@ Line 200: / Line 216: @@
 |DBC|Detailed Business Case.|
 |DCF|Data Control Framework.|
-|DCO|Device Configuration Overlay.  A hidden part of a hard drive that is used by personal computer manufacturers to specify the configuration of a hard drive (regardless of its actual size) to present the same number of sectors to the BIOS and operating system.|
+|DCO|Device Configuration Overlay.|
+|:::|A hidden part of a hard drive that is used by personal computer manufacturers to specify the configuration of a hard drive (regardless of its actual size) to present the same number of sectors to the BIOS and operating system.|
 |DCP|Demand Change Process.|
-|DDOS|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable.  DDOS attacks fall into two basic categories based on the resources they seek to exhaust: application attacks (exploitation of software vulnerabilities) and network attacks (attempting to saturate the communications lines that connect servers to the Internet).|
+|DDOS|Distributed Denial of Service.|
+|:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable.  DDOS attacks fall into two basic categories based on the resources they seek to exhaust: application attacks (exploitation of software vulnerabilities) and network attacks (attempting to saturate the communications lines that connect servers to the Internet).|
 |Decapsulation | Decapsulation is the process of stripping off one layer's headers and passing the rest of the packet up to the next higher layer on the protocol stack.|
 |Decryption|Decryption is the process of transforming an encrypted message into its original plain-text.|
@@ Line 208: / Line 226: @@
 |Defacement|Defacement is the method of modifying the content of a website in such a way that it becomes "vandalized" or embarrassing to the website owner.|
 |Defense In-Depth|Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.|
-|Demilitarized Zone|DMZ.  In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization's internal network and an external network, usually the Internet.  DMZ's help to enable the layered security model in that they provide sub-network segmentation based on security requirements or policy.  DMZ's provide either a transit mechanism from a secure source to an insecure destination or from an insecure source to a more secure destination.  In some cases, a screened subnet which is used for servers accessible from the outside is referred to as a DMZ.|
+|Demilitarized Zone|DMZ.|
+|:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization's internal network and an external network, usually the Internet.  DMZ's help to enable the layered security model in that they provide sub-network segmentation based on security requirements or policy.  DMZ's provide either a transit mechanism from a secure source to an insecure destination or from an insecure source to a more secure destination.  In some cases, a screened subnet which is used for servers accessible from the outside is referred to as a DMZ.|
 |Denial of Service|The prevention of authorized access to a system resource or the delaying of system operations and functions.|
 |DES|Data Encryption Standard).|
@@ Line 217: / Line 236: @@
 |Digest Authentication|Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.|
 |Digital Certificate|A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web.  It is issued by a certification authority.  It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.|
-|Digital Envelope| A digital envelope is an encrypted message with the encrypted session key.|
+|Digital Envelope|A digital envelope is an encrypted message with the encrypted session key.|
-|Digital Signature| A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. |
+|Digital Signature|A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. |
-|Digital Signature Algorithm|DSA.  An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers.  The signature is computed using rules and parameters such that the identity of the signer and the integrity of the signed data can be verified.|
+|Digital Signature Algorithm|DSA.|
-|Digital Signature Standard|DSS.  The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.|
+|:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers.  The signature is computed using rules and parameters such that the identity of the signer and the integrity of the signed data can be verified.|
+|Digital Signature Standard|DSS.|
+|:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.|
 |Disassembly|The process of taking a binary program and deriving the source code from it.|
-|Disaster Recovery Plan|DRP.  A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.|
+|Disaster Recovery Plan|DRP.|
-|Discretionary Access Control|DAC.  Discretionary Access Control consists of something the user can manage, such as a document password.|
+|:::|A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.|
+|Discretionary Access Control|DAC.|
+|:::|Discretionary Access Control consists of something the user can manage, such as a document password.|
 |Dispensation|Temporary exclusion from Policy or Scope.|
 |Disruption|A circumstance or event that interrupts or prevents the correct operation of system services and functions.|
 |Distance Vector|Distance vectors measure the cost of routes to determine the best route to all known networks.|
-|Distributed Denial of Service|DDOS. Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable.  DDOS attacks fall into two basic categories based on the resources they seek to exhaust: application attacks (exploitation of software vulnerabilities) and network attacks (attempting to saturate the communications lines that connect servers to the Internet).|
+|Distributed Denial of Service|DDOS.|
+|:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable.  DDOS attacks fall into two basic categories based on the resources they seek to exhaust: application attacks (exploitation of software vulnerabilities) and network attacks (attempting to saturate the communications lines that connect servers to the Internet).|
 |Distributed Scans|Distributed Scans are scans that use multiple source addresses to gather information.|
 |DLL|Dynamic Link Library.|
@@ Line 241: / Line 265: @@
 |Domain Hijacking|Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain's DNS server and then putting his own server up in its place.|
 |Domain Name|A domain name locates an organization or other entity on the Internet.  For example, the domain name "www.sans.org" locates an Internet address for "sans.org" at Internet point 199.0.0.2 and a particular host server named "www".  The "org" part of the domain name reflects the purpose of the organization or entity (in this example, "organization") and is called the top-level domain name.  The "sans" part of the domain name defines the organization or entity and together with the top-level is called the second-level domain name.|
-|Domain Name System|DNS.  The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember "handle" for an Internet address.|
+|Domain Name System|DNS.|
+|:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember "handle" for an Internet address.|
 |Download|To download is to retrieve Information from the Internet.|
 |DP|Discussion Paper.|
@@ Line 259: / Line 284: @@
 |DWB|Dispensation, Waivers and Breaches.|
 |DX|Developer Experience.|
-|Dynamic Link Library|DLL.  A collection of small programs, any of which can be called when needed by a larger program that is running in the computer.  The small program that lets the larger program communicate with a specific device such as a printer or scanner is often packaged as a DLL program (usually referred to as a DLL file).|
+|Dynamic Link Library|DLL.|
+|:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer.  The small program that lets the larger program communicate with a specific device such as a printer or scanner is often packaged as a DLL program (usually referred to as a DLL file).|
 |Dynamic Routing Protocol|Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to.  The routers must communicate using a routing protocol, of which there are many to choose from.  The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon.  The routing daemon updates the kernel's routing table with information it receives from neighbour routers.|
 |E2E|End-to-End.  The entire process.|
@@ Line 277: / Line 303: @@
 |EIN|Employee Identification Number.|
 |Electronic Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems.  This greatly reduces costs and improves efficiency.|
-| Electronic Funds Transfer (EFT) | Electronic Funds Transfer is the transfer of cash or credit from one account to another using computers and telecommunications.|
+|Electronic Funds Transfer|Electronic Funds Transfer (EFT) is the transfer of cash or credit from one account to another using computers and telecommunications.|
-| Emanations Analysis | Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.|
+|Emanations Analysis|Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.|
-| Encapsulation | The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.|
+|Encapsulation|The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.|
-| Encryption | Cryptographic transformation of data (called "plain-text") into a form (called "cipher text") that conceals the data's original meaning to prevent it from being known or used.|
+|Encryption|Cryptographic transformation of data (called "plain-text") into a form (called "cipher text") that conceals the data's original meaning to prevent it from being known or used.|
-| EOD | End-of-Day.|
+|EOD|End-of-Day.|
-| Ephemeral Port | Also called a transient port or a temporary port. Usually is on the client side.  It is set up when a client application wants to connect to a server and is destroyed when the client application terminates.  It has a number chosen at random that is greater than 1023.|
+|Ephemeral Port|Also called a transient port or a temporary port. Usually is on the client side.  It is set up when a client application wants to connect to a server and is destroyed when the client application terminates.  It has a number chosen at random that is greater than 1023.|
-| Escrow Passwords | Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.|
+|Escrow Passwords|Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.|
-| Espionage | Espionage is the use of illegal means (spying) to collect Information, more particularly secret or unpublished information.|
+|Espionage|Espionage is the use of illegal means (spying) to collect Information, more particularly secret or unpublished information.|
-| Ethernet | The most widely-installed LAN technology.  Specified in a standard, IEEE 802.3, an Ethernet LAN typically uses coaxial cable or special grades of twisted pair wires. Devices are connected to the cable and compete for access using a CSMA/CD protocol.|
+|Ethernet|The most widely-installed LAN technology.  Specified in a standard, IEEE 802.3, an Ethernet LAN typically uses coaxial cable or special grades of twisted pair wires. Devices are connected to the cable and compete for access using a CSMA/CD protocol.|
-| ETL | Extract, Transform, Load.|
+|ETL|Extract, Transform, Load.|
-| EUDA | End User Developed Application.|
+|EUDA|End User Developed Application.|
-| Event | An event is an observable occurrence in a system or network.|
+|Event|An event is an observable occurrence in a system or network.|
-| EXCO | Executive Committee, Executive Council.|
+|EXCO|Executive Committee, Executive Council.|
-| Exploit | A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.|
+|Exploit|A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.|
-| Exponential Backoff Algorithm | An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.|
+|Exponential Backoff Algorithm|An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.|
-| Exposure | A threat action whereby sensitive data is directly released to an unauthorized entity.|
+|Exposure|A threat action whereby sensitive data is directly released to an unauthorized entity.|
-| Extended ACLS | Cisco.  Extended ACLs are a more powerful form of Standard ACLs on Cisco routers.  They can make filtering decisions based on IP addresses (source or destination), Ports (source or destination), protocols, and whether a session is established.|
+|Extended ACLS|Cisco.  Extended ACLs are a more powerful form of Standard ACLs on Cisco routers.  They can make filtering decisions based on IP addresses (source or destination), Ports (source or destination), protocols, and whether a session is established.|
-| Extensible Authentication Protocol (EAP) | A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, and arbitrary dialog sequences.|
+|Extensible Authentication Protocol|EAP.|
-| Exterior Gateway Protocol (EGP) | A protocol which distributes routing information to the routers which connect autonomous systems.|
+|:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, and arbitrary dialog sequences.|
-| Extranet | Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, suppliers, partners, major customers).|
+|Exterior Gateway Protocol|EGP.|
-| False Rejects | False Rejects are when an authentication system fails to recognize a valid user.|
+|:::|A protocol which distributes routing information to the routers which connect autonomous systems.|
-| Fast File System | The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk.  It uses inodes (pointers) and data blocks.|
+|Extranet|Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, suppliers, partners, major customers).|
-| Fast Flux | Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.|
+|False Rejects|False Rejects are when an authentication system fails to recognize a valid user.|
-| FAT | Functional Acceptance Testing.  See FCT.|
+|Fast File System|The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk.  It uses inodes (pointers) and data blocks.|
-| Fault Line Attacks | Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.|
+|Fast Flux|Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.|
-| FCT | Functional Confidence Testing.  Functional testing covers Unit Testing, Smoke Testing, Sanity Testing, Intergration Testing (Top Down, Bottom Up), Interface and Useability Testing, System Testing, Regression Testing, Per User Acceptance Testing (Alpha and Beta), User Acceptance Testing, White Box and Black Box Testing, Globalization and Location Testing.|
+|FAT|Functional Acceptance Testing.|
-| File Transfer Protocol (FTP) | A TCP/IP protocol specifying the transfer of text or binary files across the network.|
+|:::|See FCT.|
-| Filter | A filter is used to specify which packets will or will not be used.  It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.|
+|Fault Line Attacks|Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.|
-| Filtering Router | An inter-network router that selectively prevents the passage of data packets according to a security policy.  A filtering router may be used as a firewall or part of a firewall.  A router usually receives a packet from a network and decides where to forward it on a second network.  A filtering router does the same, but first decides whether the packet should be forwarded at all, according to some security policy.  The policy is implemented by rules (packet filters) loaded into the router.|
+|FCT|Functional Confidence Testing.|
-| Finger | A protocol to lookup user information on a given host.  A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address.  On some systems, finger only reports whether the user is currently logged on. Other systems return additional information, such as the user's full name, address, and telephone number.  Of course, the user must first enter this information into the system.  Many e-mail programs now have a finger utility built into them.|
+|:::|Functional testing covers Unit Testing, Smoke Testing, Sanity Testing, Intergration Testing (Top Down, Bottom Up), Interface and Useability Testing, System Testing, Regression Testing, Per User Acceptance Testing (Alpha and Beta), User Acceptance Testing, White Box and Black Box Testing, Globalization and Location Testing.|
-| Fingerprinting | Sending strange packets to a system in order to gauge how it responds to determine the operating system.|
+|File Transfer Protocol|FTP.  A TCP/IP protocol specifying the transfer of text or binary files across the network.|
-| Firewall | A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.|
+|Filter A filter is used to specify which packets will or will not be used.  It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.|
-| Flooding | An attack that attempts to cause a failure in (especially, in the security of) a computer system or other data processing entity by providing more input than the entity can process properly.|
+|Filtering Router|An inter-network router that selectively prevents the passage of data packets according to a security policy.  A filtering router may be used as a firewall or part of a firewall.  A router usually receives a packet from a network and decides where to forward it on a second network.  A filtering router does the same, but first decides whether the packet should be forwarded at all, according to some security policy.  The policy is implemented by rules (packet filters) loaded into the router.|
-| Forest | A forest is a set of Active Directory domains that replicate their databases with each other.|
+|Finger|A protocol to lookup user information on a given host.  A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address.  On some systems, finger only reports whether the user is currently logged on. Other systems return additional information, such as the user's full name, address, and telephone number.  Of course, the user must first enter this information into the system.  Many e-mail programs now have a finger utility built into them.|
-| Fork Bomb | A Fork Bomb works by using the fork() call to create a new process which is a copy of the original.  By doing this repeatedly, all available processes on the machine can be taken up.|
+|Fingerprinting|Sending strange packets to a system in order to gauge how it responds to determine the operating system.|
-| Form-based Authentication | Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.|
+|Firewall|A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.|
-| Forward Lookup | Forward lookup uses an Internet domain name to find an IP address.|
+|Flooding|An attack that attempts to cause a failure in (especially, in the security of) a computer system or other data processing entity by providing more input than the entity can process properly.|
-| Forward Proxy | Forward Proxies are designed to be the server through which all requests are made.|
+|Forest|A forest is a set of Active Directory domains that replicate their databases with each other.|
-| FQDN | Fully Qualified Domain Name.  The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.|
+|Fork Bomb|A Fork Bomb works by using the fork() call to create a new process which is a copy of the original.  By doing this repeatedly, all available processes on the machine can be taken up.|
-| Fragment Offset | The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.|
+|Form-based Authentication|Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.|
-| Fragment Overlap Attack | A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media.  The TCP packet (and its header) are carried in the IP packet.  In this attack the second fragment contains incorrect offset. When packet is reconstructed, the port number will be overwritten.|
+|Forward Lookup|Forward lookup uses an Internet domain name to find an IP address.|
-| Fragmentation | The process of storing a data file in several "chunks" or fragments rather than in a single contiguous sequence of bits in one place on the storage medium.|
+|Forward Proxy|Forward Proxies are designed to be the server through which all requests are made.|
-| Frames | Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information.  A frame is usually transmitted serial bit by bit and contains a header field and a trailer field that "frame" the data.  (Some control frames contain no data.)|
+|FQDN|Fully Qualified Domain Name.  The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.|
-| FTP (File Transfer Protocol) | A TCP/IP protocol specifying the transfer of text or binary files across the network.|
+|Fragment Offset|The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.|
-| Full Duplex | A type of duplex communications channel which carries data in both directions at once.  Refers to the transmission of data in two directions simultaneously.  Communications in which both sender and receiver can send at the same time.|
+|Fragment Overlap Attack|A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media.  The TCP packet (and its header) are carried in the IP packet.  In this attack the second fragment contains incorrect offset. When packet is reconstructed, the port number will be overwritten.|
-| Fully-Qualified Domain Name | A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.|
+|Fragmentation|The process of storing a data file in several "chunks" or fragments rather than in a single contiguous sequence of bits in one place on the storage medium.|
-| Fuzzing | The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see "regression testing".|
+|Frames|Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information.  A frame is usually transmitted serial bit by bit and contains a header field and a trailer field that "frame" the data.  (Some control frames contain no data.)|
-| Gateway | A network point that acts as an entrance to another network.|
+|FTP|File Transfer Protocol).|
-| GETHOSTBYADDR | The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.|
+|:::|A TCP/IP protocol specifying the transfer of text or binary files across the network.|
-| GETHOSTBYNAME | The gethostbyname DNS quest is when the name of a machine is known and the address is needed.|
+|Full Duplex|A type of duplex communications channel which carries data in both directions at once.  Refers to the transmission of data in two directions simultaneously.  Communications in which both sender and receiver can send at the same time.|
-| GIS | Global Information Security.|
+|Fully-Qualified Domain Name|A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.|
-| GNU | GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed.  The GNU project was started in 1983 by Richard Stallman and others, who formed the Free Software Foundation.|
+|Fuzzing|The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see "regression testing".|
-| GNUTELLA | An Internet file sharing utility.  Gnutella acts as a server for sharing files while simultaneously acting as a client that searches for and downloads files from other users.|
+|Gateway|A network point that acts as an entrance to another network.|
-| GTIS | Global Technology Infrastructure Group.|
+|GETHOSTBYADDR|The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.|
-| GW | Gateway.|
+|GETHOSTBYNAME|The gethostbyname DNS quest is when the name of a machine is known and the address is needed.|
-| Hactivist | An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, redirects, denial-of-service attacks, information theft, web site parodies, virtual sit-ins and virtual sabotage.|
+|GIS|Global Information Security.|
-| HAM | Hardware Asset Management.|
+|GNU|GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed.  The GNU project was started in 1983 by Richard Stallman and others, who formed the Free Software Foundation.|
-| Hardening | Hardening is the process of identifying and fixing vulnerabilities on a system.|
+|GNUTELLA|An Internet file sharing utility.  Gnutella acts as a server for sharing files while simultaneously acting as a client that searches for and downloads files from other users.|
-| Hash Function | An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.|
+|GTIS|Global Technology Infrastructure Group.|
-| Hash Functions | (cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed.  The result of this hash function can be used to validate if a larger file has been altered, without having to compare the larger files to each other.  Frequently used hash functions are MD5 and SHA1.|
+|GW|Gateway.|
-| Header | A header is the extra information in a packet that is needed for the protocol stack to process the packet.|
+|Hactivist|An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, redirects, denial-of-service attacks, information theft, web site parodies, virtual sit-ins and virtual sabotage.|
-| Hijack Attack | A form of active wiretapping in which the attacker seizes control of a previously established communication association.|
+|HAM|Hardware Asset Management.|
-| Honey Client | See Honeymonkey.|
+|Hardening|Hardening is the process of identifying and fixing vulnerabilities on a system.|
-| Honey Pot | Programs that simulate one or more network services that you designate on your computer's ports.  An attacker assumes you're running vulnerable services that can be used to break into the machine.  A honey pot can be used to log access attempts to those ports including the attacker's keystrokes.  This could give you advanced warning of a more concerted attack.|
+|Hash Function|An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.|
-| Honeymonkey | Automated system simulating a user browsing websites.  The system is typically configured to detect web sites which exploit vulnerabilities in the browser.  Also known as Honey Client.|
+|Hash Functions|(cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed.  The result of this hash function can be used to validate if a larger file has been altered, without having to compare the larger files to each other.  Frequently used hash functions are MD5 and SHA1.|
-| Hops | A hop is each exchange with a gateway a packet takes on its way to the destination.|
+|Header|A header is the extra information in a packet that is needed for the protocol stack to process the packet.|
-| Host | Any computer that has full two-way access to other computers on the Internet.  Or a computer with a web server that serves the pages for one or more Web sites.|
+|Hijack Attack|A form of active wiretapping in which the attacker seizes control of a previously established communication association.|
-| Host-based ID | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon.  These operations are then compared with a pre-defined security policy.  This analysis of the audit trail imposes potentially significant overhead requirements on the system because of the increased amount of processing power which must be utilized by the intrusion detection system.  Depending on the size of the audit trail and the processing ability of the system, the review of audit data could result in the loss of a real-time analysis capability.|
+|Honey Client|See Honeymonkey.|
-| Host-Based Intrusion Detection | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon.  These operations are then compared with a pre-defined security policy.  This analysis of the audit trail imposes potentially significant overhead requirements on the system because of the increased amount of processing power which must be utilised by the intrusion detection system.  Depending on the size of the audit trail and the processing ability of the system the review of audit data could result in the loss of a real-time analysis capability.|
+|Honey Pot|Programs that simulate one or more network services that you designate on your computer's ports.  An attacker assumes you're running vulnerable services that can be used to break into the machine.  A honey pot can be used to log access attempts to those ports including the attacker's keystrokes.  This could give you advanced warning of a more concerted attack.|
-| Hot Disaster Recovery Site | It contains fully redundant hardware and software, with telecommunications, telephone and utility connectivity to continue all primary site operations.  Failover occurs within minutes or hours, following a disaster.  Daily data synchronization usually occurs between the primary and hot site, resulting in minimum or no data loss.  Offsite data backup tapes might be obtained and delivered to the hot site to help restore operations. Backup tapes should be regularly tested to detect data corruption, malicious code and environmental damage.  A hot site is the most expensive option.|
+|Honeymonkey|Automated system simulating a user browsing websites.  The system is typically configured to detect web sites which exploit vulnerabilities in the browser.  Also known as Honey Client.|
-| Hot Fix | A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug).  Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation.  In Barclays context, these are typically immediate fixes to Live/Production environment arising due to High Severity incident.  Since a hot fix package might contain several encompassed bug fixes, it is recommended that it is thoroughly regression tested in order to avoid injection of bugs in existing system functionality.|
+|Hops|A hop is each exchange with a gateway a packet takes on its way to the destination.|
-| HPA | Host Protected Area.  Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.|
+|Host|Any computer that has full two-way access to other computers on the Internet.  Or a computer with a web server that serves the pages for one or more Web sites.|
-| HTML (Hypertext Markup Language) | The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.|
+|Host-based ID|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon.  These operations are then compared with a pre-defined security policy.  This analysis of the audit trail imposes potentially significant overhead requirements on the system because of the increased amount of processing power which must be utilized by the intrusion detection system.  Depending on the size of the audit trail and the processing ability of the system, the review of audit data could result in the loss of a real-time analysis capability.|
-| HTTP (Hypertext Transfer Protocol) | The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.|
+|Host-Based Intrusion Detection|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon.  These operations are then compared with a pre-defined security policy.  This analysis of the audit trail imposes potentially significant overhead requirements on the system because of the increased amount of processing power which must be utilised by the intrusion detection system.  Depending on the size of the audit trail and the processing ability of the system the review of audit data could result in the loss of a real-time analysis capability.|
-| HTTP Proxy | An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.|
+|Hot Disaster Recovery Site|It contains fully redundant hardware and software, with telecommunications, telephone and utility connectivity to continue all primary site operations.  Failover occurs within minutes or hours, following a disaster.  Daily data synchronization usually occurs between the primary and hot site, resulting in minimum or no data loss.  Offsite data backup tapes might be obtained and delivered to the hot site to help restore operations. Backup tapes should be regularly tested to detect data corruption, malicious code and environmental damage.  A hot site is the most expensive option.|
-| HTTPS | When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. |
+|Hot Fix|A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug).  Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation.  In Barclays context, these are typically immediate fixes to Live/Production environment arising due to High Severity incident.  Since a hot fix package might contain several encompassed bug fixes, it is recommended that it is thoroughly regression tested in order to avoid injection of bugs in existing system functionality.|
-| HUB | A hub is a network device that operates by repeating data that it receives on one port to all the other ports.  As a result, data transmitted by one host is retransmitted to all other hosts on the hub.|
+|HPA|Host Protected Area.  Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.|
-| Humint (Human Intelligence) | Humint is an abbreviation for Human Intelligence; that gathered by people directly from people, rather than from published sources.  It may be conducted face-to-face, by means of telephone or online (email, chat rooms, intranets, and so on).|
+|HTML|Hypertext Markup Language.  The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.|
-| Hybrid Attack | A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.|
+|HTTP|Hypertext Transfer Protocol.  The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.|
-| Hybrid Encryption | An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.|
+|HTTP Proxy|An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.|
-| Hyperlink | In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.|
+|HTTPS|When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. |
-| Hypertext Markup Language (HTML) | The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.|
+|HUB|A hub is a network device that operates by repeating data that it receives on one port to all the other ports.  As a result, data transmitted by one host is retransmitted to all other hosts on the hub.|
-| Hypertext Transfer Protocol (HTTP) | The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.|
+|Humint|Humint is an abbreviation for Human Intelligence; that gathered by people directly from people, rather than from published sources.  It may be conducted face-to-face, by means of telephone or online (email, chat rooms, intranets, and so on).|
-| ICMP (Internet Control Message Protocol) | An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.|
+|Hybrid Attack|A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.|
-| Identity | Identity is whom someone or what something is, for example, the name by which something is known.|
+|Hybrid Encryption|An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.|
-| IETF (Internet Engineering Task Force) | The body that defines standard Internet operating protocols such as TCP/IP.  The IETF is supervised by the Internet Society Internet Architecture Board (IAB).  IETF members are drawn from the Internet Society's individual and organization membership.|
+|Hyperlink|In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.|
-| IMAP (Internet Message Access Protocol) | A protocol that defines how a client should fetch mail from and return mail to a mail server.  IMAP is intended as a replacement for or extension to the Post Office Protocol (POP).  It is defined in RFC 1203 (v3) and RFC 2060 (v4).|
+|Hypertext Markup Language|HTML.  The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.|
-| Incident | An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.|
+|Hypertext Transfer Protocol|HTTP.  The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.|
-| Incident Handling | Incident Handling is an action plan for dealing with intrusions, cyber-theft, denial of service, fire, floods, and other security-related events.  It is comprised of a six step process: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned.|
+|ICMP|Internet Control Message Protocol.|
-| Incremental Backups | Incremental backups only backup the files that have been modified since the last backup.  If dump levels are used, incremental backups only backup files changed since last backup of a lower dump level.|
+|:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.|
-| Industrial Espionage | Espionage is the use of illegal means (spying) to collect Information, more particularly secret or unpublished information.|
+|Identity | Identity is whom someone or what something is, for example, the name by which something is known.|
-| INETD | Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.|
+|IETF|Internet Engineering Task Force.|
-| Inference Attack | Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.|
+|:::|The body that defines standard Internet operating protocols such as TCP/IP.  The IETF is supervised by the Internet Society Internet Architecture Board (IAB).  IETF members are drawn from the Internet Society's individual and organization membership.|
-| Information Warfare | Information Warfare is the competition between offensive and defensive players over information resources.|
+|IMAP|Internet Message Access Protocol.|
-| Ingress Filtering | Ingress Filtering is filtering inbound traffic.|
+|:::|A protocol that defines how a client should fetch mail from and return mail to a mail server.  IMAP is intended as a replacement for or extension to the Post Office Protocol (POP).  It is defined in RFC 1203 (v3) and RFC 2060 (v4).|
-| Input Validations Attack | Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.|
+|Incident|An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.|
-| Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, and that it is accurate and complete.|
+|Incident Handling|Incident Handling is an action plan for dealing with intrusions, cyber-theft, denial of service, fire, floods, and other security-related events.  It is comprised of a six step process: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned.|
-| Integrity Star Property | In Integrity Star Property a user cannot read data of a lower integrity level then their own.|
+|Incremental Backups|Incremental backups only backup the files that have been modified since the last backup.  If dump levels are used, incremental backups only backup files changed since last backup of a lower dump level.|
-| Intellectual Property | Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected.  The main forms of protection take the form of Copyright, licenses, patents, registered designs, trademarks and trade secrets.|
+|Industrial Espionage|Espionage is the use of illegal means (spying) to collect Information, more particularly secret or unpublished information.|
-| Intelligence | Intelligence is high-level, processed, exploitable Information.|
+|INETD|Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.|
-| International Organization for Standardization (ISO) | A voluntary, non-treaty, non-government organization, established in 1947, with voting members that are designated standards bodies of participating nations and non-voting observer organizations.|
+|Inference Attack|Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.|
-| International Telecommunications Union (ITU-T) | Telecommunication Standardization Sector (formerly "CCITT"), a United Nations treaty organization that is composed mainly of postal, telephone, and telegraph authorities of the member countries and that publishes standards called "Recommendations."|
+|Information Warfare|Information Warfare is the competition between offensive and defensive players over information resources.|
-| Internet | A term to describe connecting multiple separate networks together.|
+|Ingress Filtering|Ingress Filtering is filtering inbound traffic.|
-| Internet Control Message Protocol (ICMP) | An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.|
+|Input Validations Attack|Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.|
-| Internet Engineering Task Force (IETF) | The body that defines standard Internet operating protocols such as TCP/IP.  The IETF is supervised by the Internet Society Internet Architecture Board (IAB).  IETF members are drawn from the Internet Society's individual and organization membership.|
+|Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, and that it is accurate and complete.|
-| Internet Message Access Protocol (IMAP) | A protocol that defines how a client should fetch mail from and return mail to a mail server.  IMAP is intended as a replacement for or extension to the Post Office Protocol (POP).  It is defined in RFC 1203 (v3) and RFC 2060 (v4).|
+|Integrity Star Property|In Integrity Star Property a user cannot read data of a lower integrity level then their own.|
-| Internet Protocol (IP) | The method or protocol by which data is sent from one computer to another on the Internet.|
+|Intellectual Property|Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected.  The main forms of protection take the form of Copyright, licenses, patents, registered designs, trademarks and trade secrets.|
-| Internet Protocol Security (IPSEC) | A developing standard for security at the network or packet processing layer of network communication.|
+|Intelligence|Intelligence is high-level, processed, exploitable Information.|
-| Internet Relay Chat (IRC) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility.  Private channels may be created for multi-person Conference calls.|
+|International Organization for Standardization (ISO)|A voluntary, non-treaty, non-government organization, established in 1947, with voting members that are designated standards bodies of participating nations and non-voting observer organizations.|
-| Internet Service Provider (ISP) | An Internet Service Provider (ISP) is a company selling access to the Internet.|
+|International Telecommunications Union|ITU-T.|
-| Internet Standard | A specification, approved by the IESG and published as an RFC, that is stable and well-understood, is technically competent, has multiple, independent, and interoperable implementations with substantial operational experience, enjoys significant public support, and is recognizably useful in some or all parts of the Internet.|
+|:::|Telecommunication Standardization Sector (formerly "CCITT"), a United Nations treaty organization that is composed mainly of postal, telephone, and telegraph authorities of the member countries and that publishes standards called "Recommendations."|
-| Interrupt | An Interrupt is a signal that informs the OS that something has occurred.|
+|Internet|A term to describe connecting multiple separate networks together.|
-| Intranet | A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.|
+|Internet Control Message Protocol|ICMP.|
-| Intrusion Detection | A security management system for computers and networks.  An IDS gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization).|
+|:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.|
-| Invisible Web | Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines.  It is usually to be found embedded within secure sites, or consists of archived material.  Much of the Information may, however, be accessed through a gateway or a fee-based Database service.|
+|Internet Engineering Task Force|IETF.|
-| IP (Internet Protocol) | The method or protocol by which data is sent from one computer to another on the Internet.|
+|:::|The body that defines standard Internet operating protocols such as TCP/IP.  The IETF is supervised by the Internet Society Internet Architecture Board (IAB).  IETF members are drawn from the Internet Society's individual and organization membership.|
-| IP Address | A computer's inter-network address that is assigned for use by the Internet Protocol and other protocols.  An IP version 4 address is written as a series of four 8-bit numbers separated by periods.|
+|Internet Message Access Protocol|IMAP.|
-| IP Flood | A denial of service attack that sends a host more echo request ("ping") packets than the protocol implementation can handle.|
+|:::|A protocol that defines how a client should fetch mail from and return mail to a mail server.  IMAP is intended as a replacement for or extension to the Post Office Protocol (POP).  It is defined in RFC 1203 (v3) and RFC 2060 (v4).|
-| IP Forwarding | IP forwarding is an Operating System option that allows a host to act as a router.  A system that has more than 1 network interface card must have IP forwarding turned on in order for the system to be able to act as a router.|
+|Internet Protocol|IP.|
-| IPSEC (Internet Protocol Security) | A developing standard for security at the network or packet processing layer of network communication.|
+|:::|The method or protocol by which data is sent from one computer to another on the Internet.|
-| IP Spoofing | The technique of supplying a false IP address.|
+|Internet Protocol Security|IPSEC.|
-| IRC (Internet Relay Chat) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility.  Private channels may be created for multi-person Conference calls.|
+|:::|A developing standard for security at the network or packet processing layer of network communication.|
-| IRM | Information Risk Management.|
+|Internet Relay Chat|IRC.|
-| ISO (International Organization for Standardization) | A voluntary, non-treaty, non-government organization, established in 1947, with voting members that are designated standards bodies of participating nations and non-voting observer organizations.|
+|:::|Internet Relay Chat (IRC) is a huge, multi-user live chat facility.  Private channels may be created for multi-person Conference calls.|
-| ISP (Internet Service Provider) | An Internet Service Provider (ISP) is a company selling access to the Internet.|
+|Internet Service Provider|ISP.|
-| Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, such as a password policy.|
+|:::|An Internet Service Provider (ISP) is a company selling access to the Internet.|
-| ITU-T (International Telecommunications Union) | Telecommunication Standardization Sector (formerly "CCITT"), a United Nations treaty organization that is composed mainly of postal, telephone, and telegraph authorities of the member countries and that publishes standards called "Recommendations."|
+|Internet Standard|A specification, approved by the IESG and published as an RFC, that is stable and well-understood, is technically competent, has multiple, independent, and interoperable implementations with substantial operational experience, enjoys significant public support, and is recognizably useful in some or all parts of the Internet.|
-| Jitter | Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.|
+|Interrupt|An Interrupt is a signal that informs the OS that something has occurred.|
-| Jump Bag | A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.|
+|Intranet|A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.|
-| Kerberos | A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, peer entity authentication service and access control service distributed in a client-server network environment.|
+|Intrusion Detection|A security management system for computers and networks.  An IDS gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization).|
-| Kernel | The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system.  A synonym is nucleus.  A kernel can be contrasted with a shell, the outermost part of an operating system that interacts with user commands.  Kernel and shell are terms used more frequently in Unix and some other operating systems than in IBM mainframe systems.|
+|Invisible Web|Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines.  It is usually to be found embedded within secure sites, or consists of archived material.  Much of the Information may, however, be accessed through a gateway or a fee-based Database service.|
-| KYC | Know Your Customer.|
+|IP|Internet Protocol).|
-| L2F (Layer 2 Forwarding Protocol) | An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.|
+|:::|The method or protocol by which data is sent from one computer to another on the Internet.|
-| L2FP (Layer 2 Tunnelling Protocol) | An extension of the Point-to-Point Tunnelling Protocol used by an Internet service provider to enable the operation of a virtual private network over the Internet.|
+|IP Address|A computer's inter-network address that is assigned for use by the Internet Protocol and other protocols.  An IP version 4 address is written as a series of four 8-bit numbers separated by periods.|
-| Lattice Techniques | Lattice Techniques use security designations to determine access to information.|
+|IP Flood|A denial of service attack that sends a host more echo request ("ping") packets than the protocol implementation can handle.|
-| Layer 2 Forwarding Protocol (L2F) | An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.|
+|IP Forwarding|IP forwarding is an Operating System option that allows a host to act as a router.  A system that has more than 1 network interface card must have IP forwarding turned on in order for the system to be able to act as a router.|
-| Layer 2 Tunnelling Protocol (L2FP) | An extension of the Point-to-Point Tunnelling Protocol used by an Internet service provider to enable the operation of a virtual private network over the Internet.|
+|IPSEC|Internet Protocol Security).|
-| Least Privilege | Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.|
+|:::|A developing standard for security at the network or packet processing layer of network communication.|
-| Legion | Software to detect unprotected shares.|
+|IP Spoofing|The technique of supplying a false IP address.|
-| Lightweight Directory Access Protocol (LDAP) | A software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate Intranet.|
+|IRC|Internet Relay Chat (IRC) is a huge, multi-user live chat facility.  Private channels may be created for multi-person Conference calls.|
-| Link State | With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.|
+|IRM|Information Risk Management.|
-| List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.|
+|ISO|International Organization for Standardization).|
-| LKM (Loadable Kernel Modules) | Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.|
+|:::|A voluntary, non-treaty, non-government organization, established in 1947, with voting members that are designated standards bodies of participating nations and non-voting observer organizations.|
-| Loadable Kernel Modules (LKM) | Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.|
+|ISP|Internet Service Provider).|
-| Log Clipping | Log clipping is the selective removal of log entries from a system log to hide a compromise.|
+|:::|An Internet Service Provider (ISP) is a company selling access to the Internet.|
-| Logic Bombs | Logic bombs are programs or snippets of code that execute when a certain predefined event occurs.  Logic bombs may also be set to go off on a certain date or when a specified set of circumstances occurs.|
+|Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, such as a password policy.|
-| Logic Gate | A logic gate is an elementary building block of a digital circuit.  Most logic gates have two inputs and one output.  As digital circuits can only understand binary, inputs and outputs can assume only one of two states, 0 or 1.|
+|ITU-T|International Telecommunications Union).|
-| Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.|
+|:::|Telecommunication Standardization Sector (formerly "CCITT"), a United Nations treaty organization that is composed mainly of postal, telephone, and telegraph authorities of the member countries and that publishes standards called "Recommendations."|
-| LTR | Large Transaction Report.|
+|Jitter|Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.|
-| MAC (Mandatory Access Control) | Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users.  These controls cannot be changed by anyone.|
+|Jump Bag|A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.|
-| MAC Address | A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.|
+|Kerberos|A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, peer entity authentication service and access control service distributed in a client-server network environment.|
-| Malicious Code | Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.|
+|Kernel|The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system.  A synonym is nucleus.  A kernel can be contrasted with a shell, the outermost part of an operating system that interacts with user commands.  Kernel and shell are terms used more frequently in Unix and some other operating systems than in IBM mainframe systems.|
-| Malware | A generic term for a number of different types of malicious code.|
+|KYC|Know Your Customer.|
-| Mandatory Access Control (MAC) | Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users.  These controls cannot be changed by anyone.|
+|L2F|Layer 2 Forwarding Protocol).|
-| Man in the Middle (MITM) Attack | In cryptography, the man-in-the-middle attack (often abbreviated MITM) attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.|
+|:::|An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.|
-| Masquerade Attack | A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.|
+|L2FP|Layer 2 Tunneling Protocol).|
-| MD5 | A one way cryptographic hash function.  Also see "hash functions" and "sha1".|
+|:::|An extension of the Point-to-Point Tunneling Protocol used by an Internet service provider to enable the operation of a virtual private network over the Internet.|
-| Measures of Effectiveness (MOE) | Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.|
+|Lattice Techniques|Lattice Techniques use security designations to determine access to information.|
-| MFT | Managed File Transfer.|
+|Layer 2 Forwarding Protocol|L2F.  An Internet protocol (originally developed by Cisco Corporation) that uses tunneling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.|
-| MI | Management Information.|
+|Layer 2 Tunneling Protocol|L2FP.  An extension of the Point-to-Point Tunneling Protocol used by an Internet service provider to enable the operation of a virtual private network over the Internet.|
-| MITM (Man in the Middle) Attack | In cryptography, the man-in-the-middle attack (often abbreviated MITM) attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.|
+|Least Privilege|Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.|
-| MOE (Measures of Effectiveness) | Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.|
+|Legion|Software to detect unprotected shares.|
-| Monoculture | Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.|
+|Lightweight Directory Access Protocol|LDAP.  A software protocol for enabling anyone to locate organizations, individuals, and other resources such as files and devices in a network, whether on the public Internet or on a corporate Intranet.|
-| Morris Worm | A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.|
+|Link State|With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.|
-| MoSCoW | Must, Should, Could, Would.|
+|List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.|
-| Mule | Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location.  Mules often are, or at least claim to be, unaware that the money or merchandise they are transferring is stolen.|
+|LKM|Loadable Kernel Modules.|
-| Multi-Cast | Broadcasting from one host to a given set of hosts.|
+|:::|Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.|
-| Multi-Homed | You are "multi-homed" if your network is directly connected to two or more ISP's.|
+|Loadable Kernel Modules|LKM.  Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.|
-| Multiplexing | To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.|
+|Log Clipping|Log clipping is the selective removal of log entries from a system log to hide a compromise.|
-| NAT (Network Address Translation) | It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts.  The hosts are assigned private IP addresses, which are then "translated" into one of the publicly routed IP addresses.  Typically home or small business networks use NAT to share a single DLS or Cable modem IP address.  However, in some cases NAT is used for servers as an additional layer of protection.|
+|Logic Bombs|Logic bombs are programs or snippets of code that execute when a certain predefined event occurs.  Logic bombs may also be set to go off on a certain date or when a specified set of circumstances occurs.|
-| National Institute of Standards and Technology (NIST) | National Institute of Standards and Technology, a unit of the US Commerce Department.  Formerly known as the National Bureau of Standards, NIST promotes and maintains measurement standards.  It also has active programs for encouraging and assisting industry and science to develop and use these standards.|
+|Logic Gate|A logic gate is an elementary building block of a digital circuit.  Most logic gates have two inputs and one output.  As digital circuits can only understand binary, inputs and outputs can assume only one of two states, 0 or 1.|
-| Natural Disaster | Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.|
+|Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.|
-| Netmask | 32-bit number indicating the range of IP addresses residing on a single IP network/subnet/supernet.  This specification displays network masks as hexadecimal numbers.  For example, the network mask for a class C IP network is displayed as 0xffffff00.  Such a mask is often displayed elsewhere in the literature as 255.255.255.0.|
+|LTR|Large Transaction Report.|
-| Network Address Translation (NAT) | The translation of an Internet Protocol address used within one network to a different IP address known within another network.  One network is designated the inside network and the other is the outside.|
+|MAC|Mandatory Access Control).|
-| Network-based IDS | A network-based IDS system monitors the traffic on its network segment as a data source.  This is generally accomplished by placing the network interface card in promiscuous mode to capture all network traffic that crosses its network segment.  Network traffic on other segments, and traffic on other means of communication (like phone lines) can't be monitored. Network-based IDS involves looking at the packets on the network as they pass by some sensor.  The sensor can only see the packets that happen to be carried on the network segment it's attached to. Packets are considered to be of interest if they match a signature.Network-based intrusion detection passively monitors network activity for indications of attacks.  Network monitoring offers several advantages over traditional host-based intrusion detection systems.  Because many intrusions occur over networks at some point, and because networks are increasingly becoming the targets of attack, these techniques are an excellent method of detecting many attacks which may be missed by host-based intrusion detection mechanisms.|
+|:::|Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users.  These controls cannot be changed by anyone.|
-| Network Mapping | To compile an electronic inventory of the systems and the services on your network.|
+|MAC Address|A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.|
-| Network Taps | Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.|
+|Malicious Code|Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.|
-| Newsgroup | Newsgroup is the name for a discussion group or chat room.|
+|Malware|A generic term for a number of different types of malicious code.|
-| Nginx | Nginx Web Server.  Nginx is a secure, fast and efficient web server.|
+|Mandatory Access Control|MAC.  Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users.  These controls cannot be changed by anyone.|
-| Node | Node is any single device connected to a Network.|
+|Man in the Middle Attack|MITM.|
-| Non FCT | Non Functional Testing.  Testing the application against client and performance requirements; including Load and Performance Testing, Ergonomics Testing, Stress and Volume Testing, Compatibility and Migration Testing, Data Conversion Testing, Security and Penetration Testing, Operational Readiness Testing, Installation Testing, Security Testing (Application Security, Network Security, System Security).|
+|:::|In cryptography, the man-in-the-middle attack (often abbreviated MITM) attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.|
-| Non-printable character | A character that doesn't have a corresponding character letter to its corresponding ASCII code.  Examples would be the Linefeed, which is ASCII character code 10 decimal, the Carriage Return, which is 13 decimal, or the bell sound, which is decimal 7.  On a PC, you can often add non-printable characters by holding down the Alt key, and typing in the decimal value (i.e., Alt-007 gets you a bell).  There are other character encoding schemes, but ASCII is the most prevalent.|
+|Masquerade Attack|A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.|
-| Non-repudiation | Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.|
+|MD5|A one way cryptographic hash function.  Also see "hash functions" and "sha1".|
-| Null Session | Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.|
+|Measures of Effectiveness|MOE.|
-| OAT | Operational Acceptance Testing.  An assessment of the risk that the released solution will not meet the target availbility levels in the production environment.  Areas to consider should include Deployment, Back out or Rollback, Failover and Resilience, Disaster Recovery, Backup and Restore, Alerting and Monitoring, Security, Batch Scheduling.|
+|:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.|
-| Octet | A sequence of eight bits.  An octet is an eight-bit byte.|
+|MFT|Managed File Transfer.|
-| One-way Encryption | Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.|
+|MI|Management Information.|
-| One-way Function | A (mathematical) function, f, which is easy to compute the output based on a given input.  However given only the output value it is impossible (except for a brute force attack) to figure out what the input value is.|
+|MITM Attack|Man in the Middle.|
-| Open Shortest Path First (OSPF) | Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).|
+|:::|In cryptography, the man-in-the-middle attack (often abbreviated MITM) attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.|
-| Open Source Information | Open source information is unclassified published information.  It includes non-proprietary Grey literature as well as information published electronically (on the Internet, for example).|
+|MOE|Measures of Effectiveness).|
-| Open Systems Interconnection (OSI) | OSI is a standard description or "reference model" for how messages should be transmitted between any two points in a telecommunication network.  Its purpose is to guide product implementers so that their products will consistently work with other products. The reference model defines seven layers of functions that take place at each end of a communication.  Although OSI is not always strictly adhered to in terms of keeping related functions together in a well-defined layer, many if not most products involved in telecommunication make an attempt to describe themselves in relation to the OSI model.  It is also valuable as a single reference view of communication that furnishes everyone a common ground for education and discussion.|
+|:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.|
-| OR | Operational Risk.|
+|Monoculture|Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.|
-| ORF | Operational Risk Framework.|
+|Morris Worm|A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.|
-| ORIA | Operational Risk Impact Assessment.  Consider Control Issues, Risk pain points, Clear risk alignment, Audit trails.|
+|MoSCoW | Must, Should, Could, Would.|
-| OSI (Open Systems Interconnection) | OSI is a standard description or "reference model" for how messages should be transmitted between any two points in a telecommunication network.  Its purpose is to guide product implementers so that their products will consistently work with other products. The reference model defines seven layers of functions that take place at each end of a communication.  Although OSI is not always strictly adhered to in terms of keeping related functions together in a well-defined layer, many if not most products involved in telecommunication make an attempt to describe themselves in relation to the OSI model.  It is also valuable as a single reference view of communication that furnishes everyone a common ground for education and discussion.|
+|Mule|Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location.  Mules often are, or at least claim to be, unaware that the money or merchandise they are transferring is stolen.|
-| OSI Layers | The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions.  Each communicating user or program is at a computer equipped with these seven layers of function.  So, in a given message between users, there will be a flow of data through each layer at one end down through the layers in that computer and, at the other end, when the message arrives, another flow of data up through the layers in the receiving computer and ultimately to the end user or program.  The actual programming and hardware that furnishes these seven layers of function is usually a combination of the computer operating system, applications (such as your Web browser),  TCP/IP or alternative transport and network protocols, and the software and hardware that enable you to put a signal on one of the lines attached to your computer.  OSI divides telecommunication into seven layers.  The layers are in two groups.  The upper four layers are used whenever a message passes from or to a user.  The lower three layers (up to the network layer) are used when any message passes through the host computer or router.  Messages intended for this computer pass to the upper layers.  Messages destined for some other host are not passed up to the upper layers but are forwarded to another host.  The seven layers are: Layer 7: The application layer...This is the layer at which communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified.  (This layer is not the application itself, although some applications may perform application layer functions.)  Layer 6: The presentation layer...This is a layer, usually part of an operating system, that converts incoming and outgoing data from one presentation format to another (for example, from a text stream into a popup window with the newly arrived text).  Sometimes called the syntax layer. Layer 5: The session layer...This layer sets up, coordinates, and terminates conversations, exchanges, and dialogs between the applications at each end.  It deals with session and connection coordination.  Layer 4: The transport layer...This layer manages the end-to-end control (for example, determining whether all packets have arrived) and error-checking.  It ensures complete data transfer. Layer 3: The network layer...This layer handles the routing of the data (sending it in the right direction to the right destination on outgoing transmissions and receiving incoming transmissions at the packet level).  The network layer does routing and forwarding.  Layer 2: The data-link layer...This layer provides synchronization for the physical level and does bit-stuffing for strings of 1's in excess of 5.  It furnishes transmission protocol knowledge and management.  Layer 1: The physical layer...This layer conveys the bit stream through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier.|
+|Multi-Cast|Broadcasting from one host to a given set of hosts.|
-| OSPF (Open Shortest Path First) | Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).|
+|Multi-Homed|You are "multi-homed" if your network is directly connected to two or more ISP's.|
-| Overload | Hindrance of system operation by placing excess burden on the performance capabilities of a system component.|
+|Multiplexing|To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.|
-| Packet | A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.|
+|NAT|Network Address Translation).|
-| Packet Switched Network | A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.|
+|:::|It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts.  The hosts are assigned private IP addresses, which are then "translated" into one of the publicly routed IP addresses.  Typically home or small business networks use NAT to share a single DLS or Cable modem IP address.  However, in some cases NAT is used for servers as an additional layer of protection.|
-| PAN | Primary Account Number.|
+|National Institute of Standards and Technology|NIST.  National Institute of Standards and Technology, a unit of the US Commerce Department.  Formerly known as the National Bureau of Standards, NIST promotes and maintains measurement standards.  It also has active programs for encouraging and assisting industry and science to develop and use these standards.|
-| Partitions | Major divisions of the total physical hard disk space.|
+|Natural Disaster|Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.|
-| Password Authentication Protocol (PAP) | Password Authentication Protocol is a simple, weak authentication mechanism where a user enters the password and it is then sent across the network, usually in the clear.|
+|Netmask|32-bit number indicating the range of IP addresses residing on a single IP network/subnet/supernet.  This specification displays network masks as hexadecimal numbers.  For example, the network mask for a class C IP network is displayed as 0xffffff00.  Such a mask is often displayed elsewhere in the literature as 255.255.255.0.|
-| Password Cracking | Password cracking is the process of attempting to guess passwords, given the password file information.|
+|Network Address Translation|NAT.  The translation of an Internet Protocol address used within one network to a different IP address known within another network.  One network is designated the inside network and the other is the outside.|
-| Password Sniffing | Passive wiretapping, usually on a local area network, to gain knowledge of passwords.|
+|Network-based IDS|A network-based IDS system monitors the traffic on its network segment as a data source.  This is generally accomplished by placing the network interface card in promiscuous mode to capture all network traffic that crosses its network segment.  Network traffic on other segments, and traffic on other means of communication (like phone lines) can't be monitored. Network-based IDS involves looking at the packets on the network as they pass by some sensor.  The sensor can only see the packets that happen to be carried on the network segment it's attached to. Packets are considered to be of interest if they match a signature.Network-based intrusion detection passively monitors network activity for indications of attacks.  Network monitoring offers several advantages over traditional host-based intrusion detection systems.  Because many intrusions occur over networks at some point, and because networks are increasingly becoming the targets of attack, these techniques are an excellent method of detecting many attacks which may be missed by host-based intrusion detection mechanisms.|
-| PATS | Per Application Test Strategy.|
+|Network Mapping|To compile an electronic inventory of the systems and the services on your network.|
-| Patch | A patch is a small update released by a software manufacturer to fix bugs in existing programs.|
+|Network Taps|Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.|
-| Patching | Patching is the process of updating software to a different version.|
+|Newsgroup|Newsgroup is the name for a discussion group or chat room.|
-| Payload | Payload is the actual application data a packet contains.|
+|Nginx|Nginx Web Server.  Nginx is a secure, fast and efficient web server.|
-| Penetration | Gaining unauthorized logical access to sensitive data by circumventing a system's protections.|
+|Node|Node is any single device connected to a Network.|
-| Penetration Testing | Penetration testing is used to test the external perimeter security of a network or facility.|
+|Non FCT|Non Functional Testing.  Testing the application against client and performance requirements; including Load and Performance Testing, Ergonomics Testing, Stress and Volume Testing, Compatibility and Migration Testing, Data Conversion Testing, Security and Penetration Testing, Operational Readiness Testing, Installation Testing, Security Testing (Application Security, Network Security, System Security).|
-| PERL (Practical Extraction and Reporting Language) | A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.|
+|Non-printable character|A character that doesn't have a corresponding character letter to its corresponding ASCII code.  Examples would be the Linefeed, which is ASCII character code 10 decimal, the Carriage Return, which is 13 decimal, or the bell sound, which is decimal 7.  On a PC, you can often add non-printable characters by holding down the Alt key, and typing in the decimal value (i.e., Alt-007 gets you a bell).  There are other character encoding schemes, but ASCII is the most prevalent.|
-| Permutation | Permutation keeps the same letters but changes the position within a text to scramble the message.|
+|Non-repudiation|Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.|
-| Personal Firewalls | Personal firewalls are those firewalls that are installed and run on individual PCs.|
+|Null Session|Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.|
-| PFS (Public Key Forward Secrecy) | For a key agreement protocol based on asymmetric cryptography, the property that ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the private keys is compromised in the future.|
+|OAT|Operational Acceptance Testing.  An assessment of the risk that the released solution will not meet the target availbility levels in the production environment.  Areas to consider should include Deployment, Back out or Rollback, Failover and Resilience, Disaster Recovery, Backup and Restore, Alerting and Monitoring, Security, Batch Scheduling.|
-| Pharming | This is a more sophisticated form of MITM attack.  A user's session is redirected to a masquerading website.  This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading website's IP.  Almost all users use a URL like www.worldbank.com instead of the real IP (192.86.99.140) of the website.  Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website.  At the pseudo website, transactions can be mimicked and information like login credentials can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website.|
+|Octet|A sequence of eight bits.  An octet is an eight-bit byte.|
-| Phishing | The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website.  Typically the e-mail and the web site looks like they are part of a bank the user is doing business with.|
+|One-way Encryption|Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.|
-| PII | Personal Identifiable Information.|
+|One-way Function |A (mathematical) function, f, which is easy to compute the output based on a given input.  However given only the output value it is impossible (except for a brute force attack) to figure out what the input value is.|
-| Ping of Death | An attack that sends an improperly large ICMP echo request packet (a "ping") with the intent of overflowing the input buffers of the destination machine and causing it to crash.|
+|Open Shortest Path First|(OSPF) Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).|
-| Ping Scan | A ping scan looks for machines that are responding to ICMP Echo Requests.|
+|Open Source Information |Open source information is unclassified published information.  It includes non-proprietary Grey literature as well as information published electronically (on the Internet, for example).|
-| Ping Sweep | An attack that sends ICMP echo requests ("pings") to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities.|
+|Open Systems Interconnection|OSI is a standard description or "reference model" for how messages should be transmitted between any two points in a telecommunication network.  Its purpose is to guide product implementers so that their products will consistently work with other products. The reference model defines seven layers of functions that take place at each end of a communication.  Although OSI is not always strictly adhered to in terms of keeping related functions together in a well-defined layer, many if not most products involved in telecommunication make an attempt to describe themselves in relation to the OSI model.  It is also valuable as a single reference view of communication that furnishes everyone a common ground for education and discussion.|
-| PIR | Post Incident Review.|
+|OR|Operational Risk.|
-| PGP (Pretty Good Privacy) | Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.|
+|ORF|Operational Risk Framework.|
-| PKI (Public Key Infrastructure) | A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.  The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.|
+|ORIA|Operational Risk Impact Assessment.  Consider Control Issues, Risk pain points, Clear risk alignment, Audit trails.|
-| Plaintext | Ordinary readable text before being encrypted into ciphertext or after being decrypted.|
+|OSI|Open Systems Interconnection.|
-| PMI | Potential Major Incident.|
+|:::|OSI is a standard description or "reference model" for how messages should be transmitted between any two points in a telecommunication network.  Its purpose is to guide product implementers so that their products will consistently work with other products. The reference model defines seven layers of functions that take place at each end of a communication.  Although OSI is not always strictly adhered to in terms of keeping related functions together in a well-defined layer, many if not most products involved in telecommunication make an attempt to describe themselves in relation to the OSI model.  It is also valuable as a single reference view of communication that furnishes everyone a common ground for education and discussion.|
-| PoC (Proof of Concept) | A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, or a demonstration in principle, whose purpose is to verify that some concept or theory is probably capable of being useful.  A proof-of-concept may or may not be complete, and is usually small and incomplete.  In computer security the term is often used as a synonym for a zero-day exploit which, mainly for its early creation, does not take full advantage over some vulnerability.|
+|OSI Layers|The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions.  Each communicating user or program is at a computer equipped with these seven layers of function.  So, in a given message between users, there will be a flow of data through each layer at one end down through the layers in that computer and, at the other end, when the message arrives, another flow of data up through the layers in the receiving computer and ultimately to the end user or program.  The actual programming and hardware that furnishes these seven layers of function is usually a combination of the computer operating system, applications (such as your Web browser),  TCP/IP or alternative transport and network protocols, and the software and hardware that enable you to put a signal on one of the lines attached to your computer.  OSI divides telecommunication into seven layers.  The layers are in two groups.  The upper four layers are used whenever a message passes from or to a user.  The lower three layers (up to the network layer) are used when any message passes through the host computer or router.  Messages intended for this computer pass to the upper layers.  Messages destined for some other host are not passed up to the upper layers but are forwarded to another host.  The seven layers are: Layer 7: The application layer...This is the layer at which communication partners are identified, quality of service is identified, user authentication and privacy are considered, and any constraints on data syntax are identified.  (This layer is not the application itself, although some applications may perform application layer functions.)  Layer 6: The presentation layer...This is a layer, usually part of an operating system, that converts incoming and outgoing data from one presentation format to another (for example, from a text stream into a popup window with the newly arrived text).  Sometimes called the syntax layer. Layer 5: The session layer...This layer sets up, coordinates, and terminates conversations, exchanges, and dialogs between the applications at each end.  It deals with session and connection coordination.  Layer 4: The transport layer...This layer manages the end-to-end control (for example, determining whether all packets have arrived) and error-checking.  It ensures complete data transfer. Layer 3: The network layer...This layer handles the routing of the data (sending it in the right direction to the right destination on outgoing transmissions and receiving incoming transmissions at the packet level).  The network layer does routing and forwarding.  Layer 2: The data-link layer...This layer provides synchronization for the physical level and does bit-stuffing for strings of 1's in excess of 5.  It furnishes transmission protocol knowledge and management.  Layer 1: The physical layer...This layer conveys the bit stream through the network at the electrical and mechanical level. It provides the hardware means of sending and receiving data on a carrier.|
-| POC | Point of Contact.|
+|OSPF| Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).|
-| Point-to-Point (PPP) | A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server.  It packages your computer's TCP/IP packets and forwards them to the server where they can actually be put on the Internet.|
+|Overload|Hindrance of system operation by placing excess burden on the performance capabilities of a system component.|
-| Point-to-Point Tunnelling Protocol | PPTP.  A protocol (set of communication rules) that allows corporations to extend their own corporate network through private "tunnels" over the public Internet.|
+|Packet|A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.|
-| Poison Reverse | Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.|
+|Packet Switched Network|A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.|
-| Polyinstantiation | Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.|
+|PAN|Primary Account Number.|
-| Polymorphism | Polymorphism is the process by which malicious software changes its underlying code to avoid detection.|
+|Partitions|Major divisions of the total physical hard disk space.|
-| POP3 (Post Office Protocol Version 3) | An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.|
+|Password Authentication Protocol|PAP.  Password Authentication Protocol is a simple, weak authentication mechanism where a user enters the password and it is then sent across the network, usually in the clear.|
+|Password Cracking|Password cracking is the process of attempting to guess passwords, given the password file information.|
+|Password Sniffing|Passive wiretapping, usually on a local area network, to gain knowledge of passwords.|
+|PATS|Per Application Test Strategy.|
+|Patch|A patch is a small update released by a software manufacturer to fix bugs in existing programs.|
+|Patching|Patching is the process of updating software to a different version.|
+|Payload|Payload is the actual application data a packet contains.|
+|Penetration|Gaining unauthorized logical access to sensitive data by circumventing a system's protections.|
+|Penetration Testing|Penetration testing is used to test the external perimeter security of a network or facility.|
+|PERL|Practical Extraction and Reporting Language).|
+|:::|A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.|
+|Permutation|Permutation keeps the same letters but changes the position within a text to scramble the message.|
+|Personal Firewalls|Personal firewalls are those firewalls that are installed and run on individual PCs.|
+|PFS|Public Key Forward Secrecy.|
+|:::|For a key agreement protocol based on asymmetric cryptography, the property that ensures that a session key derived from a set of long-term public and private keys will not be compromised if one of the private keys is compromised in the future.|
+|Pharming|This is a more sophisticated form of MITM attack.  A user's session is redirected to a masquerading website.  This can be achieved by corrupting a DNS server on the Internet and pointing a URL to the masquerading website's IP.  Almost all users use a URL like www.worldbank.com instead of the real IP (192.86.99.140) of the website.  Changing the pointers on a DNS server, the URL can be redirected to send traffic to the IP of the pseudo website.  At the pseudo website, transactions can be mimicked and information like login credentials can be gathered. With this the attacker can access the real www.worldbank.com site and conduct transactions using the credentials of a valid user on that website.|
+|Phishing|The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website.  Typically the e-mail and the web site looks like they are part of a bank the user is doing business with.|
+|PII|Personal Identifiable Information.|
+|Ping of Death|An attack that sends an improperly large ICMP echo request packet (a "ping") with the intent of overflowing the input buffers of the destination machine and causing it to crash.|
+|Ping Scan|A ping scan looks for machines that are responding to ICMP Echo Requests.|
+|Ping Sweep|An attack that sends ICMP echo requests ("pings") to a range of IP addresses, with the goal of finding hosts that can be probed for vulnerabilities.|
+|PIR|Post Incident Review.|
+|PGP|Pretty Good Privacy).|
+|:::|Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.|
+|PKI|A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.  The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.|
+|Plaintext|Ordinary readable text before being encrypted into ciphertext or after being decrypted.|
+|PMI|Potential Major Incident.|
+|PoC|Proof of Concept).|
+|:::|A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, or a demonstration in principle, whose purpose is to verify that some concept or theory is probably capable of being useful.  A proof-of-concept may or may not be complete, and is usually small and incomplete.  In computer security the term is often used as a synonym for a zero-day exploit which, mainly for its early creation, does not take full advantage over some vulnerability.|
+|POC|Point of Contact.|
+|Point-to-Point|PPP.|
+|:::|A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server.  It packages your computer's TCP/IP packets and forwards them to the server where they can actually be put on the Internet.|
+|Point-to-Point Tunneling Protocol|PPTP.  A protocol (set of communication rules) that allows corporations to extend their own corporate network through private "tunnels" over the public Internet.|
+|Poison Reverse|Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.|
+|Polyinstantiation|Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.|
+|Polymorphism|Polymorphism is the process by which malicious software changes its underlying code to avoid detection.|
+|POP3|Post Office Protocol Version 3).|
+|:::|An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.|
 |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream.  Only one process per machine can listen on the same port number.|
 |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known" port number, the computer provides. Port scanning, a favorite approach of computer cracker, gives the assailant an idea where to probe for weaknesses.  Essentially, a port scan consists of sending a message to each port, one at a time.  The kind of response received indicates whether the port is used and can therefore be probed for weakness.|
@@ Line 580: / Line 643: @@
 |RPC Scans|RPC scans determine which RPC services are running on a machine.|
 |RSS|Really Simple Syndication.|
-|:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format.  An RSS document (which is called a “feed”, “web feed” or “channel”) includes full or summarized text, plus metadata such as publishing dates and authorship.  Web feeds benefit publishers by letting them syndicate content automatically.  They benefit readers who want to subscribe to timely updates from favoured websites or to aggregate feeds from many sites into one place.|
+|:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format.  An RSS document (which is called a “feed”, “web feed” or “channel”) includes full or summarized text, plus metadata such as publishing dates and authorship.  Web feeds benefit publishers by letting them syndicate content automatically.  They benefit readers who want to subscribe to timely updates from favored websites or to aggregate feeds from many sites into one place.|
 |RTM|Requirements Traceability Matrix.  To link each requirement from a BRD to a function, Display the owner of the function, Provide the section of the FSD where each function is described, Make clear any requirements that are out-of-scope for the FSD, Ensure all requirements can be traced from the BRD through to the FSD, Display the MoSCoW qualifier for each requirement in the BRD, Enable all FSD owners to discuss and agree as to where solutions should reside and what they should look like.|
-|RTQ|Risk Tollerance Questionaire.|
+|RTQ|Risk Tolerance Questionnaire.|
 |Rule Set Based Access Control|RSBAC.|
 |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.|
@@ Line 729: / Line 792: @@
 |UAT|User Acceptance Testing.|
 |UDF|User Defined Field.|
-|UDP|User Datagram Protocol)|
+|UDP|User Datagram Protocol|
 |:::|A communications protocol that, like TCP, runs on top of IP networks.  Unlike TCP/IP, UDP/IP provides very few error recovery services, offering instead a direct way to send and receive datagrams over an IP network.  It's used primarily for broadcasting messages over a network.  UDP uses the Internet Protocol to get a datagram from one computer to another but does not divide a message into packets (datagrams) and reassemble it at the other end.  Specifically, UDP doesn't provide sequencing of the packets that the data arrives in.|
 |UDP Scan|UDP scans perform scans to determine which UDP ports are open.|
@@ Line 776: / Line 839: @@
 |Windowing|A windowing system is a system for sharing a computer's graphical display presentation resources among multiple applications at the same time.  In a computer that has a graphical user interface (GUI), you may want to use a number of applications at the same time (this is called task).  Using a separate window for each application, you can interact with each application and go from one application to another without having to reinitiate it.  Having different information or activities in multiple windows may also make it easier for you to do your work.  A windowing system uses a window manager to keep track of where each window is located on the display screen and its size and status.  A windowing system doesn't just manage the windows but also other forms of graphical user interface entities.|
 |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.|
-|Wired Equivalent Privacy|WEP.  A security protocol for wireless local area networks defined in the standard IEEE 802.11b.|
+|Wired Equivalent Privacy|WEP.|
+|:::|A security protocol for wireless local area networks defined in the standard IEEE 802.11b.|
 |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, can be used for Internet access, including e-mail, the World Wide Web, newsgroups, and Internet Relay Chat.|
 |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.|
-|World Wide Web Consortium|W3C. The W3C is an international organization that develops Web standards.|
+|World Wide Web Consortium|W3C.|
-|World Wide Web|WWW.  Also known as "THE WEB" or W3.|
+|:::|The W3C is an international organization that develops Web standards.|
+|World Wide Web|WWW.|
+|:::|Also known as "THE WEB" or W3.|
 |Worm|A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.|
 |WWW|World Wide Web.|