Term
|
Definition
| executable files on websites |
|
|
Term
|
Definition
| programs that look for virus signatures or variations of them in files and systems |
|
|
Term
| Application-level Firewall |
|
Definition
| firewall that verifies access to applications by requiring users to log into the firewall before they can access applications inside the organization (from outside). |
|
|
Term
|
Definition
| uses two keys: a public key for encrypting and a private key for decrypting |
|
|
Term
| Asymmetric Security Warfare |
|
Definition
| one party must do everything to protect itself, while the other party (the attacker) only needs to find the one security weakness. |
|
|
Term
|
Definition
| software programs that can scan for unexpected actions to detect potential hackers |
|
|
Term
|
Definition
| process by which the identity of a transacting party is verified |
|
|
Term
| Authentication (Biometrics) |
|
Definition
| matching the individual with his/her stored biometric data |
|
|
Term
|
Definition
| system and/or data are available when needed |
|
|
Term
|
Definition
| ways for hackers to re-access the compromised system at will. |
|
|
Term
|
Definition
| biometrics that use human behavior |
|
|
Term
| Behavioral-Based Antivirus Protection Tools |
|
Definition
| programs that look for suspicious behaviors in programs instead of just a virus' signature. |
|
|
Term
|
Definition
| technologies that use human features to recognize individuals and grant them access |
|
|
Term
|
Definition
| algorithm used to encrypt and decrypt plaintext |
|
|
Term
|
Definition
| encrypted (unreadable) message |
|
|
Term
|
Definition
| making sure only authorized individuals can access information or data |
|
|
Term
|
Definition
| controls meant to repair damages after a security problem has occurred |
|
|
Term
|
Definition
| converting ciphertext back to plaintext |
|
|
Term
|
Definition
| key used to convert unreadable text into its original form |
|
|
Term
|
Definition
| multiple layers of security protection in place |
|
|
Term
| Denial of service threats |
|
Definition
| threats that render a system inoperative or limit its capability to operate, or make data unavailable |
|
|
Term
|
Definition
| controls meant to find or discover where and when security threats occur |
|
|
Term
|
Definition
| when all words of several dictionaries in multiple languages are tested as passwords with numbers before and after the words |
|
|
Term
|
Definition
| procedures and tools to recover systems affected by disasters and destruction |
|
|
Term
| Distributed denial of service attacks (DDOS) |
|
Definition
| when many computers are being used for DOS attacks |
|
|
Term
|
Definition
| analyses segments from an individual DNA |
|
|
Term
|
Definition
| manages the requests as they occur, deciding on both denials and permissions as they arrive |
|
|
Term
| Dynamic Signature Recognition |
|
Definition
| analyses not only the signature but how it is written using pressure points |
|
|
Term
|
Definition
| analyses the shape of the ear |
|
|
Term
|
Definition
| sending a large number of requests, emails, or synchronization (SYN) messages to fill a target's mailboxes, systems, communication ports, or memory buffers, with the intent of blocking legitimate messages from entering the systems or overloading the system to make it crash |
|
|
Term
|
Definition
| application of a mathematical algorithm to a message or information that scrambles that message or information to make it unreadable |
|
|
Term
|
Definition
| key used to convert the text into unreadable form |
|
|
Term
|
Definition
| firewall used to protect access to the internal network and computers of the organization |
|
|
Term
|
Definition
| Analyses facial features or patterns |
|
|
Term
| Finger geometry recognition |
|
Definition
| analyses 3D geometry of the finger |
|
|
Term
|
Definition
| analyses ridges and valleys (minutiae) on the surface tips of human fingers |
|
|
Term
|
Definition
| computer or a router that controls access in and out of the organization's networks, applications, and computers |
|
|
Term
|
Definition
| the hardware and software to perform firewall function |
|
|
Term
|
Definition
| analyses the walking style of gait of individuals |
|
|
Term
|
Definition
| hackers that try to find information that, if revealed, will advance human causes |
|
|
Term
| Hand Geometry Recognition |
|
Definition
| Analyses geometric features of the hand such as length of fingers and width of the hand |
|
|
Term
|
Definition
| firewall installed on a computer |
|
|
Term
| Identification (biometrics) |
|
Definition
| identifying an individual from an entire population of individuals with stored biometric data |
|
|
Term
|
Definition
| set of protections put in place to safeguard information systems and/or data from security threats such as unauthorized access, use, disclosure, disruption, modification, or destruction |
|
|
Term
|
Definition
| when data are consistent and complete |
|
|
Term
|
Definition
| firewall used inside an organization, between departments or divisions |
|
|
Term
|
Definition
| analyses features (eyeprints) in the iris (iris) or the patterns of veins in the back of the eye (retina) |
|
|
Term
|
Definition
| a set of linked public key and private key |
|
|
Term
| Keystroke capture programs |
|
Definition
| software that logs all information entered into a computer |
|
|
Term
|
Definition
| analyses rhythm and patterns of keystroke of individuals on a keyboard |
|
|
Term
|
Definition
| when an individual needs to know something to gain access |
|
|
Term
|
Definition
| security solutions that protect access to systems, applications, or data by ensuring users or systems are authenticated and allowed to have such access |
|
|
Term
|
Definition
| making sure a party cannot renege on obligations, for example by denying that they entered into a transaction with a Web merchant |
|
|
Term
|
Definition
| also called a screening level firewall, controls access by looking at the source and destination addresses in data packets |
|
|
Term
|
Definition
| small units of data that flow through networks, allowing for the transmission of messages |
|
|
Term
|
Definition
| software used to recover passwords that are forgotten |
|
|
Term
|
Definition
| firewall installed on a given personal computer |
|
|
Term
|
Definition
| controls that involve protecting the physical access to systems, applications, or data |
|
|
Term
|
Definition
| using physical traits to identify individuals |
|
|
Term
|
Definition
| original message before it is encrypted |
|
|
Term
|
Definition
| when an individual owns a form of identification |
|
|
Term
|
Definition
| controls meant to stop or limit the security threat from happening in the first place |
|
|
Term
|
Definition
| the process of identifying, assessing, and prioritizing the security risks an organization may face, and deciding whether to accept, mitigate, or shape the security risks |
|
|
Term
|
Definition
| software that allow hackers to have unfettered access to everything on the system, including adding, deleting, and copying files |
|
|
Term
|
Definition
| Protection against security threats |
|
|
Term
|
Definition
| the layers of protection technologies and policies used to secure stored information |
|
|
Term
|
Definition
| descriptions of the general security guidelines for an organization. |
|
|
Term
|
Definition
| specific statements describing how to implement the security policies. |
|
|
Term
|
Definition
| broadly categorized as denial of service, unauthorized access, and theft and fraud. |
|
|
Term
|
Definition
| a hacker uses an innocent third party to multiply the messages being sent to the intended target. |
|
|
Term
|
Definition
| software that monitors transmissions, capturing unauthorized data of interest. |
|
|
Term
|
Definition
| tricking individuals into giving out security information. |
|
|
Term
|
Definition
| applications installed and running on a computer |
|
|
Term
|
Definition
| sending e-mails to many individuals at once, sending unsolicited commercial e-mail to individuals, or targeting one individual computer or network and sending thousands of messages to it. |
|
|
Term
|
Definition
| pretending to be someone else (or another computer) to enter a system or gain attention. |
|
|
Term
|
Definition
| a form of virus that logs everything a user is doing on their computer, unbeknownst to them. |
|
|
Term
|
Definition
| a firewall that has predetermined ways of dealing with transmission requests. |
|
|
Term
| Static Signature Recognition |
|
Definition
| compares scanned or ink signatures with stored signatures. |
|
|
Term
|
Definition
| more advanced virus that changes its own bit pattern to become undetectable by virus scanners. |
|
|
Term
|
Definition
| encryption where the same key is used for encrypting and decrypting data |
|
|
Term
| Target-of- Opportunity Threats |
|
Definition
| threats (such as viruses) send out to find any victim possible |
|
|
Term
|
Definition
| threats related to the loss of systems or data due to theft or fraudulent activities |
|
|
Term
|
Definition
| physical or behavioral human characteristics are needed to gain access of systems or data |
|
|
Term
|
Definition
| viruses embedded into a legitimate file |
|
|
Term
| Unauthorized access threats |
|
Definition
| individuals who access systems and/or data illegally |
|
|
Term
|
Definition
| assigned profiles that consist of a user identification, a password, and a set of privileges |
|
|
Term
|
Definition
| computer program designed to perform unwanted events |
|
|
Term
|
Definition
| false virus alerts sent and resent by individuals |
|
|
Term
|
Definition
| bit patterns of the virus that can be recognized |
|
|
Term
| Voice recognition (speaker recognition) |
|
Definition
| Analyses voice to determine the identity of a speaker; different from speech recognition (determining what is being said) |
|
|
Term
| Wi-Fi Protection access (WPA) |
|
Definition
| recent and powerful encryption algorithm for wireless security |
|
|
Term
| Wired Equivalent Privacy (WEP) |
|
Definition
| older encryption algorithm for wireless security |
|
|
Term
|
Definition
| viruses that can propagate themselves throughout the internet with no user intervention |
|
|
