Term
|
Definition
A paper or electronic record of individuals who have permission to enter a
secure area, the time that they entered, and the time they left the area. |
|
|
Term
|
Definition
security controls, classified as deterrent, preventive,
detective, compensation, or corrective. |
|
|
Term
|
Definition
Process for developing and ensuring that policies and procedures
are carried out, specifying actions that users may do, must do, or cannot do. |
|
|
Term
|
Definition
| An audible sound to warn a guard of an intruder. |
|
|
Term
|
Definition
Software that helps prevent computers from becoming infected by different
types of spyware. |
|
|
Term
|
Definition
Software that can examine a computer for any infections as well as monitor
computer activity and scan new documents that might contain a virus. |
|
|
Term
|
Definition
| A structure designed to block the passage of traffic. |
|
|
Term
|
Definition
Spam filtering software that analyzes every word in an email and
determines how frequently a word occurs in order to determine if it is spam. |
|
|
Term
|
Definition
A collection of data sets so large and complex that it becomes difficult to process
using on-hand database management tools or traditional data processing applications. |
|
|
Term
|
Definition
| Permitting everything unless it appears on the list; a list of nonapproved senders. |
|
|
Term
|
Definition
A device that can be inserted into the security slot of a portable device and
rotated so that the cable lock is secured to the device to prevent it from being stolen. |
|
|
Term
|
Definition
Having the client web browser perform all validations and error
recovery procedures. |
|
|
Term
| closed circuit television (CCTV) |
|
Definition
Video cameras and receivers used for surveillance in areas
that require security monitoring. |
|
|
Term
|
Definition
Control that provides an alternative to normal controls that for
some reason cannot be used. |
|
|
Term
|
Definition
that is intended to mitigate or lessen the damage caused by an
incident. |
|
|
Term
| cross-site request forgery (XSRF) |
|
Definition
An attack that uses the user’s web browser settings to
impersonate the user. |
|
|
Term
|
Definition
| Data that is stored on electronic media. |
|
|
Term
|
Definition
Data that is in transit across a network, such as an email sent across the
Internet. |
|
|
Term
|
Definition
A state of data in which actions upon it are being performed by “endpoint devices”
such as printers. |
|
|
Term
| data loss prevention (DLP) |
|
Definition
A system that can identify critical data, monitor how it is being
accessed, and protect it from unauthorized users. |
|
|
Term
|
Definition
| A door lock that extends a solid metal bar into the door frame for extra security. |
|
|
Term
|
Definition
A control that is designed to identify any threat that has reached the
system. |
|
|
Term
|
Definition
| A control that attempts to discourage security violations before they occur. |
|
|
Term
|
Definition
A computer system with a dedicated function within a larger electrical
or mechanical system. |
|
|
Term
|
Definition
Faults in a program that occur while the application is running. Also called
exceptions. |
|
|
Term
|
Definition
See errors. - Faults in a program that occur while the application is running. Also called
exceptions. |
|
|
Term
|
Definition
| Securing a restricted area by erecting a barrier. |
|
|
Term
|
Definition
Hardware or software that is designed to prevent malicious packets from entering
or leaving computers. Also called packet filter. |
|
|
Term
|
Definition
software testing technique that deliberately provides invalid,
unexpected, or random data as inputs to a computer program. |
|
|
Term
|
Definition
| A human who is an active security element. |
|
|
Term
| host-based application firewall |
|
Definition
| A firewall that runs as a program on a local system. |
|
|
Term
|
Definition
Software that addresses a specific customer situation and often may not be
distributed outside that customer’s organization. |
|
|
Term
|
Definition
| Verifying a user’s input to an application. |
|
|
Term
|
Definition
| Lights that illuminate an area so that it can be viewed after dark. |
|
|
Term
|
Definition
| A ruggedized steel box with a lock. |
|
|
Term
|
Definition
| A very large computing system that has significant processing capabilities. |
|
|
Term
|
Definition
A device that monitors and controls two interlocking doors to a small room
(a vestibule), designed to separate secure and nonsecure areas. |
|
|
Term
|
Definition
Determining an object’s change in position in relation to its
surroundings. |
|
|
Term
|
Definition
| A nonrelational database that is better tuned for accessing large data sets. |
|
|
Term
| NoSQL databases vs. SQL databases |
|
Definition
An argument regarding which database technology is
superior. Also called SQL vs. NoSQL. |
|
|
Term
|
Definition
| Tightening security during the design and coding of the OS. |
|
|
Term
|
Definition
Hardware or software that is designed to prevent malicious packets from
entering or leaving computers. Also called firewall. |
|
|
Term
|
Definition
A general software security update intended to cover vulnerabilities that have been
discovered. |
|
|
Term
|
Definition
Either a program or a feature incorporated within a browser that stops
popup advertisements from appearing. |
|
|
Term
|
Definition
A control that attempts to prevent the threat from coming in and
reaching contact with the vulnerability. |
|
|
Term
| protected distribution system (PDS) |
|
Definition
A system of cable conduits that is used to protect
classified information being transmitted between two secure areas. |
|
|
Term
|
Definition
| A device that detects an emitted signal in order to identify the owner. |
|
|
Term
|
Definition
| A ruggedized steel box with a lock. |
|
|
Term
| SCADA (supervisory control and data acquisition) |
|
Definition
| Large-scale, industrial-control systems. |
|
|
Term
|
Definition
| Any device or process that is used to reduce risk. |
|
|
Term
|
Definition
A document or series of documents that clearly defines the defense
mechanisms an organization will employ to keep information secure. |
|
|
Term
|
Definition
Having the server perform all validations and error recovery
procedures. |
|
|
Term
|
Definition
Software that is a cumulative package of all security updates plus additional
features. |
|
|
Term
|
Definition
| A written placard that explains a warning, such as notice that an area is restricted. |
|
|
Term
|
Definition
A cell phone with an operating system that allows it to run third-party
applications (apps). |
|
|
Term
|
Definition
An argument regarding which database technology is better. Also called
NoSQL databases vs. SQL databases. |
|
|
Term
|
Definition
| Devices in which additional hardware cannot easily be added or attached. |
|
|
Term
|
Definition
| Security controls that are carried out or managed by devices. |
|
|
Term
|
Definition
| An operating system that has been designed through OS hardening. |
|
|
Term
|
Definition
| Monitoring activity that is captured by a video camera. |
|
|
Term
|
Definition
| Permitting nothing unless it appears on the list. |
|
|
Term
|
Definition
| A substitute for a regular function that is used in testing. |
|
|
