Term
|
Definition
An authentication technology used to connect devices to a LAN or WLAN. It is an example of
port‐based network access control (NAC). |
|
|
Term
|
Definition
A list of permissions attached to an object. ACLs specify what level of access a
user, users, or groups have to an object. When dealing with firewalls, an ACL is a set of rules that applies
to a list of network names, IP addresses, and port numbers. |
|
|
Term
|
Definition
Specifies methodologies by which admission to physical areas and, more
importantly, computer systems, is managed and organized. |
|
|
Term
|
Definition
AnencryptionstandardusedwithWPAandWPA2.The
successor to DES/ 3DES and is another symmetric key encryption standard composed of three different
block ciphers: AES‐128, AES‐192, and AES‐256. |
|
|
Term
|
Definition
Also known a sstatistical anomaly‐based monitoring, establishes a
performance baseline based on a set of normal network traffic evaluations. |
|
|
Term
|
Definition
Each client connected to the AP will not be able to communicate with each other, but they
can each still access the Internet. |
|
|
Term
|
Definition
A firewall that can control the traffic associated with specific applications. Works all
the way up to the Application Layer of the OSI model. |
|
|
Term
application-level gateway
(ALG) |
|
Definition
Applies security mechanisms to specific applications, such as FTP and/
or BitTorrent. It supports address and port translation and checks whether the type of application traffic
is allowed. |
|
|
Term
| application white-listing |
|
Definition
| A method of restricting users to specific applications. |
|
|
Term
| application black-listing |
|
Definition
| A method of disallowing one or more applications from use. |
|
|
Term
|
Definition
An attack that exploits Ethernet networks, and it may enable an attacker to sniff frames
of information, modify that information, or stop it from getting to its intended destination. |
|
|
Term
|
Definition
A type of cipher that uses a pair of different keys to encrypt and decrypt
data. |
|
|
Term
|
Definition
| The path or means by which an attacker gains access to a computer. |
|
|
Term
|
Definition
A type of DMZ where the DMZ is located between the LAN and application‐
level gateway (ALG) Applies security mechanisms to specific applications, such as FTP and/ or BitTorrent.
It supports address and port translation and checks whether the type of application traffic is allowed. |
|
|
Term
|
Definition
| A service‐level agreement (SLA)that is reoccurring |
|
|
Term
|
Definition
| A type of algorithm that encrypts a number of bits as individual units known as blocks. |
|
|
Term
|
Definition
When there is an accumulation of broadcast and multicast packet traffic on the LAN
coming from one or more network interfaces. |
|
|
Term
|
Definition
The examination of critical versus noncritical functions, it is part of a business
continuity plan |
|
|
Term
|
Definition
| The entity (usually a server)that issues digital certificates to users. |
|
|
Term
|
Definition
A list of certificates no longer valid or that have been revoked by the
issuer. |
|
|
Term
|
Definition
| Digitally signed electronic documents that bind a public key with a user identity. |
|
|
Term
|
Definition
An authentication scheme used by the Point‐
to‐Point Protocol (PPP) that is the standard for dial‐up connections. |
|
|
Term
|
Definition
A structured way of changing the state of a computer system, network, or IT
procedure. |
|
|
Term
|
Definition
| An algorithm that can perform encryption or decryption. |
|
|
Term
|
Definition
Works at the Session Layer of the OSI model and applies security mechanisms
when a TCP or UDP connection is established; acts as a go‐between for the Transport and Application
Layers in TCP/ IP. |
|
|
Term
|
Definition
| Two or more servers that work with each other. |
|
|
Term
|
Definition
A site that has tables, chairs, bathrooms, and possibly some technical setup (for example, basic
phone, data, and electric lines), but will require days if not weeks to set up properly. |
|
|
Term
|
Definition
An online list of known vulnerabilities (and patches)
to software, especially web servers. It is maintained by the MITRE Corporation. |
|
|
Term
|
Definition
| Technical assessments made of applications, systems, or networks |
|
|
Term
|
Definition
| Preventing the disclosure of information to unauthorized persons |
|
|
Term
|
Definition
Individual computer programs that block external files that use Java‐Script or images
from loading into the browser |
|
|
Term
|
Definition
Text files placed on the client computer that store information about it, which could include
your computer’s browsing habits and credentials. Tracking cookies are used by spyware to collect
information about a web user’s activities. Session cookies are used by attackers in an attempt to hijack a
session. |
|
|
Term
|
Definition
An attack that exploits the trust a website has in a user’s browser in
an attempt to transmit unauthorized commands to the website. |
|
|
Term
|
Definition
| A type of vulnerability found in web applications used with session hijacking. |
|
|
Term
|
Definition
When a signal transmitted on one copper wire creates an undesired effect on another wire;
the signal “bleeds” over, so to speak. |
|
|
Term
|
Definition
A password attack that uses a considerable set of pre-calculated encrypted
passwords located in a lookup table. |
|
|
Term
| cryptographic hash functions |
|
Definition
| Hash functions based on block ciphers. |
|
|
Term
data emanation
signal emanation |
|
Definition
The electromagnetic field generated by a network cable or
network device, which can be manipulated to eavesdrop on conversations or to steal data. |
|
|
Term
|
Definition
An oldertype of block cipherselected by theUnited Statesfederal
government back in the 1970s as its encryption standard; due to its weak key, it is now considered
deprecated. |
|
|
Term
|
Definition
A special area of the network (sometimes referred to as a subnetwork)that
houses servers that host information accessed by clients or other networks on the Internet. |
|
|
Term
|
Definition
Type of backup that backs up only the contents of a folder that have changed since
the last full backup. |
|
|
Term
| Diffie-Hellman key exchange |
|
Definition
the first practical method for establishing a
shared secret key over an unprotected communications channel. |
|
|
Term
|
Definition
../ (dot dot slash) attack, a method of accessing unauthorized
parent directories. |
|
|
Term
|
Definition
| An access control policy generally determined by the owner. |
|
|
Term
|
Definition
| When each disk is connected to a separate controller. |
|
|
Term
|
Definition
When a thief attempts to take responsibility for a shipment by diverting the delivery to a
nearby location. |
|
|
Term
|
Definition
| The modification of name resolution information that should be in a DNS server’s cache. |
|
|
Term
|
Definition
The process of deleting a domain name during the five‐day grace period (known
as the add grace period, or AGP) and immediately reregistering it for another five‐day period to keep a
domain name indefinitely and for free. |
|
|
Term
|
Definition
A disturbance that can affect electrical circuits, devices, and cables
due to electromagnetic conduction or radiation. |
|
|
Term
|
Definition
A type of public key cryptography based on the structure of an
elliptic curve. |
|
|
Term
|
Definition
When an administrator sets a rule that allows a specific type of traffic through a firewall,
often within an ACL. |
|
|
Term
|
Definition
When an administrator sets a rule that denies a specific type of traffic access through a
firewall, often within an ACL. |
|
|
Term
|
Definition
Not an authenticationmechanisminitselfbutinstead
defines message formats. 802.1X would be the authentication mechanism and defines how EAP is
encapsulated within messages. |
|
|
Term
|
Definition
| When a switch broadcasts data on all ports the way a hub does. |
|
|
Term
|
Definition
When a system denies a user who actually should be allowed access to the system— for
example, when an IDS/ IPS fails to block an attack, thinking it is legitimate traffic. |
|
|
Term
|
Definition
When a system authenticates a user who should not be allowed access to the system—
for example, when an IDS/ IPS blocks legitimate traffic from passing on to the network. |
|
|
Term
|
Definition
When a biometric system fails to recognize an authorized person and doesn’t allow that
person access. |
|
|
Term
| federated identity management |
|
Definition
When a user’s identity is shared across multiple identity
management systems. |
|
|
Term
|
Definition
Security feature implemented on some firewalls to protect against SYN floods and other
flooding attacks. Also known as attack guards. |
|
|
Term
|
Definition
An attack that works by creating a large number of processes quickly to saturate the
available processing space in the computer’s operating system. It is a type of wabbit. |
|
|
Term
|
Definition
e A type of DoS similar to the Smurf attack, but the traffic sent is UDP echo traffic as opposed to
ICMP echo traffic |
|
|
Term
Internet Control Message Protocol
(ICMP) |
|
Definition
| is a network layer protocol used by network devices to diagnose network communication issues. ICMP is mainly used to determine whether or not data is reaching its intended destination in a timely manner. Commonly, the ICMP protocol is used on network devices, such as routers. ICMP is crucial for error reporting and testing, but it can also be used in distributed denial-of-service (DDoS) attacks. |
|
|
Term
|
Definition
When random data is inputted into a computer program in an attempt to find
vulnerabilities. |
|
|
Term
|
Definition
A backup rotation scheme in which three sets of backup tapes must be
defined— usually they are daily, weekly, and monthly, which correspond to son, father, and grandfather |
|
|
Term
|
Definition
A general term used to describe applications that are behaving improperly but without
serious consequences; often describes types of spyware. Group Policy Used in Microsoft environments
to govern user and computer accounts through a set of rules. |
|
|
Term
|
Definition
The act of configuring an OS securely, updating it, creating rules and policies to help govern
the system in a secure manner, and removing unnecessary applications and services. |
|
|
Term
|
Definition
A physical device that deals with the encryption of authentication
processes, digital signings, and payment processes. |
|
|
Term
|
Definition
Generally is a single computer but could also be a file, group of files, or an area of unused IP
address space used to attract and trap potential attackers to counteract any attempts at unauthorized
access of the network. |
|
|
Term
|
Definition
One or more computers, servers, or an area of a network, used to attract and trap potential
attackers to counteract any attempts at unauthorized access of the network. |
|
|
Term
|
Definition
Atypeofsystemloadedonanindividualcomputer;it
analyzes and monitors what happens inside that computer— for example, if any changes have been
made to file integrity. |
|
|
Term
|
Definition
A near duplicate of the original site of the organization, complete with phones, computers,
networking devices, and full backups |
|
|
Term
|
Definition
A site that has tables, chairs, bathrooms, and possibly some technical setup (for example, basic
phone, data, and electric lines), but will require days if not weeks to set up properly |
|
|
Term
|
Definition
Originally, a hotfix was defined as a single problem fixing patch to an individual OS or application
that was installed live while the system was up and running, and without a reboot necessary. However,
this term has changed over time and varies from vendor to vendor. |
|
|
Term
|
Definition
| Caches web pages from servers on the Internet for a set amount of time |
|
|
Term
|
Definition
The portion of virtual machine software that allows multiple virtual operating systems
(guests) to run at the same time on a single computer. |
|
|
Term
|
Definition
Denies all traffic to a resource unless the users generating that traffic are specifically
granted access to the resource. For example, when a device denies all traffic unless a rule is made to
open the port associated with the type of traffic desired to be let through. |
|
|
Term
|
Definition
The monitoring and detection of security events on a computer network and
the execution of proper responses to those security events. |
|
|
Term
|
Definition
A set of procedures that an investigator follows when examining a computer security
incident. |
|
|
Term
|
Definition
Type of backup that backs up only the contents of a folder that have changed
since the last full backup or the last incremental backup. |
|
|
Term
|
Definition
The practice of managing risks that are related to computer hardware and
software systems. |
|
|
Term
Infrastructure as a Service
(IaaS) |
|
Definition
A cloud computing service that offers computer networking, storage,
load balancing, routing, and VM hosting. |
|
|
Term
|
Definition
| A process that ensures the correct usage of data. |
|
|
Term
|
Definition
When arithmetic operations attempt to create a numeric value that is too big for the
available memory space. |
|
|
Term
|
Definition
| This means that authorization is necessary before data can be modified. |
|
|
Term
|
Definition
A filter that is usually applied as software at the Application Layer and can filter
out various types of Internet activities such as websites accessed, e‐mail, instant messaging, and more. It
is used most often to disallow access to inappropriate web material. |
|
|
Term
Internet Protocol Security
(IPsec) |
|
Definition
) A TCP/IP protocolthat authenticates and encryptsIP packets,
effectively securing communications between computers and devices using the protocol. |
|
|
Term
|
Definition
Secures a network by keeping machines behind it anonymous; it does this through the use of
NAT |
|
|
Term
|
Definition
A type of related‐key attack, which is when an attacker observes the operation of a cipher
using several different keys and finds a mathematical relationship between them, allowing the attacker to ultimately decipher data. |
|
|
Term
|
Definition
When users are cycled through various assignments. Kerberos An authentication protocol
that enables computers to prove their identity to each other in a secure manner |
|
|
Term
|
Definition
The original hash used to store Windows passwords, known as LM hash, based off the
DES algorithm. |
|
|
Term
(L2TP)
Layer 2 Tunneling Protocol |
|
Definition
Atunnelingprotocolusedtoconnect virtualprivatenetworks.It
does not include confidentiality or encryption on its own. It uses port 1701 and can be more secure than
PPTP if used in conjunction with IPsec. |
|
|
Term
|
Definition
When multiple computers are connected in an attempt to share resources
such as CPU, RAM, and hard disks |
|
|
Term
|
Definition
Also known as Flash cookies, these are files stored on users’ computers
that allow websites to collect information about visitors. Also referred to as “local shared objects.” |
|
|
Term
|
Definition
An attack thatsends numerous packetsto a switch, each of which has a differentsource
MAC address, in an attempt to use up the memory on the switch. If this is successful, the switch will
change state to fail‐open mode |
|
|
Term
|
Definition
An access control policy determined by a computer system, not by a
user or owner, as it is in DAC. |
|
|
Term
|
Definition
Infects a vulnerable web browser and modifies online transactions. Similar
to MITM. |
|
|
Term
| multifactor authentication |
|
Definition
When two or more types of authentication are used when dealing with
user access control. |
|
|
Term
|
Definition
| Sets the rules by which connections to a network are governed. |
|
|
Term
|
Definition
The process of changing an IP address while it is in transit across a
router. This is usually implemented so that one larger address space (private) can be remapped to
another address space, or single IP address (public). |
|
|
Term
|
Definition
The idea of ensuring that a person or group cannot refute the validity of your proof
against them. |
|
|
Term
|
Definition
Successor to the LM hash. A more advanced hash used to store Windows passwords,
based off the RC4 algorithm. |
|
|
Term
|
Definition
| Successor to the NTLM hash. Based off the MD5 hashing algorithm. |
|
|
Term
|
Definition
When used by an attacker, a malicious connection to the Windows inter-process
communications share (IPC $) |
|
|
Term
|
Definition
An alternative to using a certificate revocation list(CRL).It
contains less information than a CRL does, and does not require encryption. |
|
|
Term
|
Definition
A standard and a programming language
designed to standardize the transfer of secure public information across networks and the Internet
utilizing any security tools and services available |
|
|
Term
|
Definition
In the context of firewalls, inspects each packet passing through the firewall and
accepts or rejects it based on rules. Two types of packet filtering include stateless packet filters and
stateful packet inspection (SPI). |
|
|
Term
|
Definition
| The planning, testing, implementing, and auditing of patches. |
|
|
Term
|
Definition
Generally consists of an attacker exploiting security flaws in routers and
other networking hardware by flashing the firmware of the device and replacing it with a modified image. |
|
|
Term
|
Definition
When an attacker redirects one website’s traffic to another bogus and possibly malicious
website by modifying a DNS server or hosts file. |
|
|
Term
Platform as a Service
(PaaS) |
|
Definition
A cloud computing service that provides varioussoftware solutionsto
organizations, especially the ability to develop applications without the cost or administration of a
physical platform. |
|
|
Term
|
Definition
A tunneling protocol used to support VPNs. Generally
includes security mechanisms, and no additional software or protocols need to be loaded. A VPN device
or server must have inbound port 1723 open to enable incoming PPTP connections. |
|
|
Term
|
Definition
| Like NAT, but it translates both IP addresses and port numbers |
|
|
Term
|
Definition
| Software used to decipher which ports are open on a host. |
|
|
Term
|
Definition
An encryption program used primarily for signing, encrypting, and
decrypting e‐mails in an attempt to increase the security of e‐mail communication. |
|
|
Term
|
Definition
| A type of key that is known only to a specific user or users who keep the key a secret. |
|
|
Term
|
Definition
The act of exploiting a bug or design flaw in a software or firmware application to
gain access to resources that normally would’ve been protected from an application or user. |
|
|
Term
|
Definition
In a network adapter, this passes all traffic to the CPU, not just the frames
addressed to it. When the network adapter captures all packets that it has access to regardless of the
destination for those packets. |
|
|
Term
| protected distribution system |
|
Definition
Security system implemented to protect unencrypted data transfer
over wired networks. |
|
|
Term
|
Definition
(PEAP) Protocol used to encapsulate EAP packets
within encrypted and authenticated tunnels. |
|
|
Term
|
Definition
| Software tool used to capture and analyze packets. |
|
|
Term
|
Definition
Acts as an intermediary between clients, usually located on a LAN, and the servers that
they want to access, usually located on the Internet. |
|
|
Term
|
Definition
A type of key that is known to all parties involved in encrypted transactions within a given
group. |
|
|
Term
|
Definition
Uses asymmetric keys alone or in addition to symmetric keys. The asymmetric
key algorithm creates a secret private key and a published public key. |
|
|
Term
|
Definition
An entire system of hardware and software, policies and procedures,
and people, used to create, distribute, manage, store, and revoke digital certificates. |
|
|
Term
| qualitative risk assessment |
|
Definition
An assessment that assigns numeric values to the probability of a risk and
the impact it can have on the system or network. |
|
|
Term
| quantitative risk assessment |
|
Definition
| An assessment that measures risk by using exact monetary values. |
|
|
Term
|
Definition
Interference that can come from AM/ FM transmissions and cell
towers. |
|
|
Term
|
Definition
| Data is copied to two identical disks. If one disk fails, the other continues to operate. |
|
|
Term
| RAID 5 Striping with parity |
|
Definition
Data is striped across multiple disks; fault‐tolerant parity data is also
written to each disk. |
|
|
Term
|
Definition
In password cracking, a set of pre-calculated encrypted passwords located in a lookup
table. |
|
|
Term
|
Definition
| In business impact analysis, the acceptable latency of data. |
|
|
Term
|
Definition
In business impact analysis, the acceptable amount of time to restore a
function. |
|
|
Term
|
Definition
| Secondary connections to another ISP; for example, a backup T‐1 line |
|
|
Term
|
Definition
An enclosure that contains two complete power supplies, the second of
which turns on when the first fails. |
|
|
Term
|
Definition
| Used to verify requests for certificates. |
|
|
Term
Remote Access Service
(RAS) |
|
Definition
A networking service that allows incoming connections from remote dial‐
in clients. It is also used with VPNs. |
|
|
Term
|
Definition
| Used to provide centralized administration of dial‐up, VPN, and wireless authentication. |
|
|
Term
remote code execution
(RCE) |
|
Definition
When an attacker acquires control of a remote computer through a code
vulnerability. Also known as arbitrary code execution. Attackers often use a web browser’s URL field or a
tool such as Netcat to accomplish this. |
|
|
Term
|
Definition
| When a risk is reduced or eliminated altogether. |
|
|
Term
|
Definition
The identification, assessment, and prioritization of risks, and the mitigation and
monitoring of those risks. |
|
|
Term
|
Definition
An access model that works with sets of permissions, instead of
individual permissions that are label‐based. So roles are created for various job functions in an
organization. |
|
|
Term
|
Definition
A type of software designed to gain administrator‐level control over a computer system without
being detected. |
|
|
Term
|
Definition
A public key cryptography algorithm created by Rivest, Shamir, Adleman. It is commonly used in e‐
commerce. S/ MIME An IETF standard that provides cryptographic security for electronic messaging such
as e‐mail |
|
|
Term
|
Definition
| An unexpected decrease in the amount of voltage provided. |
|
|
Term
|
Definition
A group of hash functions designed by theNSA and published by the
NIST, widely used in government. The most common currently is SHA‐1. |
|
|
Term
|
Definition
| A protocol that can create a secure channel between two computers or network devices. |
|
|
Term
|
Definition
A cryptographic protocol that provides secure Internet communications
such as web browsing, instant messaging, e‐mail, and VoIP. |
|
|
Term
|
Definition
| Files that log activity of users. They show who did what and when, plus whether they succeeded or failed in their attempt. |
|
|
Term
|
Definition
| The risk level to which a system, or other technology element, is exposed. |
|
|
Term
| security posture assessment |
|
Definition
An assessment that uses baseline reporting and other analyses to
discover vulnerabilities and weaknesses in systems and networks. |
|
|
Term
|
Definition
| A group of updates, bug fixes, updated drivers, and security fixes that is installed from one downloadable package or from one disc. |
|
|
Term
Simple Network Management Protocol
(SNMP) |
|
Definition
A TCP/ IP protocol that monitors network‐attached
devices and computers. It’s usually incorporated as part of a network management system. |
|
|
Term
|
Definition
A type of DoS that sends large amounts of ICMP echoes, broadcasting the ICMP echo
requests to every computer on its network or subnetwork. The header of the ICMP echo requests will
have a spoofed IP address. That IP address is the target of the Smurf attack. Every computer that replies
to the ICMP echo requests will do so to the spoofed IP. |
|
|
Term
|
Definition
Software deployed by the network management system that is loaded on managed
devices. The software redirects the information that the NMS needs to monitor the remote managed
devices. |
|
|
Term
|
Definition
A cloud computing service where users access applications over the
Internet that are provided by a third party. |
|
|
Term
|
Definition
| A type of phishing attack that targets particular individuals. |
|
|
Term
|
Definition
A short transient in voltage that can be due to a short circuit, tripped circuit breaker, power
outage, or lightning strike. |
|
|
Term
|
Definition
| The abuse of instant messaging systems, a derivative of spam. |
|
|
Term
|
Definition
| When an attacker masquerades as another person by falsifying information. |
|
|
Term
stateful packet inspection
(SPI) |
|
Definition
Type of packet inspection that keeps track of network connections by
examining the header in each packet. |
|
|
Term
|
Definition
| A type of algorithm that encrypts each byte in a message one at a time |
|
|
Term
|
Definition
System of hardware and software that controls
and monitors industrial systems such as HVAC. |
|
|
Term
|
Definition
| Means that there is an unexpected increase in the amount of voltage provided |
|
|
Term
|
Definition
| A class of cipher that use is identical or closely related keys for encryption and decryption. |
|
|
Term
|
Definition
A type of DoS where an attacker sends a large amount of SYN request packets to a server in
an attempt to deny service. |
|
|
Term
|
Definition
The process of creating systems and applications, and the
methodologies used to do so. |
|
|
Term
|
Definition
Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP
session immediately. |
|
|
Term
|
Definition
When a hacker takes over a TCP session between two computers without the need of
a cookie or any other type of host access |
|
|
Term
|
Definition
A type of DoS that sends mangled IP fragments with overlapping and oversized
payloads to the target machine |
|
|
Term
|
Definition
| Refers to the investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization. |
|
|
Term
|
Definition
| An algorithm used to secure wireless computer networks meant as a replacement for WEP. |
|
|
Term
|
Definition
| A remote authentication protocol similar to RADIUS used in Cisco networks. |
|
|
Term
|
Definition
| A way of prioritizing threats to an application. |
|
|
Term
|
Definition
| The method a threat uses to gain access to a target computer. |
|
|
Term
|
Definition
| Part of the authentication process used by Kerberos. |
|
|
Term
|
Definition
| The successor to SSL. Provides secure Internet communications. This is shown in a browser as HTTPS. |
|
|
Term
|
Definition
| Similar to DES but applies the cipher algorithm three times to each cipher block. |
|
|
Term
|
Definition
| A system that adheres to criteria for multilevel security and meets. |
|
|
Term
typosquatting
(URL hijacking) |
|
Definition
A method used by attackers that takes advantage of user typos when
accessing websites. Instead of the expected website, the user ends up at a website with a similar name but often malicious content. |
|
|
Term
|
Definition
| A similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process. |
|
|
Term
|
Definition
| A security component of Windows that keeps every user(besides the actual Administrator account) in standard user mode instead of as an administrator with full administrative rights— even if they are a member of the administrators group. |
|
|
Term
|
Definition
| A device used to add computers to a 10BASE5 network. It pierces the copper conductor of a coaxial cable and can also be used for malicious purposes. |
|
|
Term
|
Definition
| A connection between two or more computers or devices that are not on the same private network. |
|
|
Term
|
Definition
The act of gaining access to traffic on other VLANs that would not normally be accessible
by jumping from one VLAN to another. |
|
|
Term
|
Definition
A hardware appliance that allows hundreds of users to connect to the network from
remote locations via a VPN. |
|
|
Term
|
Definition
Baselining of the network to assess the current security state of computers,
servers, network devices, and the entire network in general. |
|
|
Term
|
Definition
| The practice of finding and mitigating software vulnerabilities in computers and networks. |
|
|
Term
|
Definition
| The act of scanning for weaknesses and susceptibilities in the network and on individual systems. |
|
|
Term
|
Definition
| The act of physically drawing symbols in public places that denote open, closed, or protected wireless networks. |
|
|
Term
|
Definition
| The act of scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to computer networks. |
|
|
Term
|
Definition
| The act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna, often a particularly strong antenna. |
|
|
Term
|
Definition
| A site that has computers, phones, and servers, but they might require some configuration before users can start working on them. |
|
|
Term
|
Definition
An attacker profiles which websites a user accesses and later infects those sites
to redirect the user to other websites. |
|
|
Term
|
Definition
A method of testing applications or systems where the tester is given access to the
internal workings of the system. |
|
|
Term
Wi-Fi Protected Access
(WPA) |
|
Definition
| A security protocol created by the Wi‐Fi Alliance to secure wireless computer networks; more secure than WEP. |
|
|
Term
Wi-Fi Protected Setup
(WPS) |
|
Definition
Asimplifiedwayof connecting towireless networksusing aneight‐digit
code. It is now deprecated due to its insecure nature and should be disabled if currently used. |
|
|
Term
Wired Equivalent Privacy
(WEP) |
|
Definition
| A deprecated wireless network security standard, less secure than WPA. |
|
|
Term
|
Definition
| A common PKI standard developed by the ITU‐T that incorporates the single sign‐on authentication method. |
|
|
Term
|
Definition
| An individual compromised computer in a botnet. |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
MTBF Mean Time Between Failures
MTTF Mean Time to Failure
MTTR Mean Time to Recover or Mean Time to Repair |
|
Definition
|
|
Term
|
Definition
|
|
Term
| NTFS New Technology File System |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
PBX
Private Branch Exchange |
|
Definition
|
|
Term
PFS Perfect Forward Secrecy
PFX Personal Exchange Format |
|
Definition
|
|
Term
| PHI Personal Health Information |
|
Definition
|
|
Term
|
Definition
|
|
Term
RBAC Role-based Access Control
RBAC Rule-based Access Control |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| RC4 Rivest Cipher version 4 |
|
Definition
|
|
Term
RTO Recovery Time Objective
RTOS Real-time Operating System |
|
Definition
|
|
Term
| RTP Real-time Transport Protocol |
|
Definition
|
|
Term
| SAML Security Assertions Markup Language |
|
Definition
|
|
Term
| SDK Software Development Kit |
|
Definition
|
|
Term
SDLC Software Development Life Cycle
SDLM Software Development Life Cycle Methodology |
|
Definition
|
|
Term
| SED Self-encrypting Drive |
|
Definition
|
|
Term
| SQL Structured Query Language |
|
Definition
|
|
Term
| SPoF Single Point of Failure |
|
Definition
|
|
Term
| TCP/IP Transmission Control Protocol/Internet Protocol |
|
Definition
|
|
Term
| TGT Ticket Granting Ticket |
|
Definition
|
|
Term
| TSIG Transaction Signature |
|
Definition
|
|
Term
| TPM Trusted Platform Module |
|
Definition
|
|
Term
| UEFI Unified Extensible Firmware Interface |
|
Definition
|
|
Term
| UDP User Datagram Protocol |
|
Definition
|
|
Term
|
Definition
|
|
Term
VDE Virtual Desktop Environment
VDI Virtual Desktop Infrastructure |
|
Definition
|
|
Term
| WAF Web Application Firewall |
|
Definition
|
|
Term
| WAF Web Application Firewall |
|
Definition
|
|
Term
WIDS Wireless Intrusion Detection System
WIPS Wireless Intrusion Prevention System |
|
Definition
|
|
Term
WPA WiFi Protected Access
WPA2 WiFi Protected Access 2 |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| XML Extensible Markup Language |
|
Definition
|
|
