A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
A:
Access Point - In a wireless local area network (WLAN), an access point transmits and receives data. It connects users to other users within the network and can serve multiple users within a certain area.
Annualized Loss Expectancy (ALE) - The total expected monetary loss to an information asset over one year; calculated as the SLE times the EAF.
Anti-Virus/Anti-Spam Server - A computer that houses applications that manage virus and spam detection and elimination.
Attacker - An individual trying to compromise any element of your data security infrastructure; same as a cracker.
Authentication Header (AH) - A security protocol that authenticates packets from servers and ensures messages are not tampered with while in route.
Authentication Server - A computer that houses software that authenticates users and data trying to access your network. Restriction of access to computer systems is the first defense against system compromise.
Backdoor - A malware program that allows an attacker to issue commands to or access a compromised system.
Blended Threat - A multifaceted threat that may include two or more traditional threats, such as viruses, worms, backdoors, keystroke recording, denial of service attacks and configuration manipulation.
Biometrics - An authentication process whereas a user authenticates based on a personal characteristic, such as a fingerprint, voice, retina or writing pattern.
Botnet - A large number of compromised computers that are used to create and send spam, viruses, or flood a network with messages as a denial of service attack.
Certificate Authority - A trusted third party that issues and maintains digital certificates.
Certificate Repository - A database, such as an LDAP directory, that stores individuals' digital certificates.
Challenge/Response - An authentication process where the system prompts (the challenge) users to provide a password, code or passphrase (the response).
Contractual Value - Contractual value is the measure of an asset's worth from a contractual obligation perspective; this may include penalty costs, loss of future payments and legal proceedings.
Core Switch - Like other switches, a core switch channels data to its intended destination, but generally handles exchanges within a network and not outside of it (i.e. to the Internet).
Cryptography - The conversion of data into a secret code for transmission over a public network and long-term data storage.
Decryption - The process of translating a coded sequence of bytes back to its original sequence.
Demilitarized Zone (DMZ) - A semi-trusted domain between the Internet and an organization's secure domain. This is often the domain of web and application servers.
Denial of Service (DoS) Attack - A denial of service attack prevents legitimate users from accessing system resources.
Dictionary Attack - A brute force attack that uses common words as possible passwords.
Digital Certificate - A digital credential that attests to the identity of the individual listed on the certificate. This also contains the individual's public key used to verify messages sent by the individual.
Distributed Denial of Service (DDoS) - A DoS that uses multiple computer systems to attack a targeted computer system.
Domain - A logically distinct segment of a network that is managed as a single security area.
Domain Hijacking - The act of gaining control of a Web domain and hosting a different web site at that domain or leaving the domain unavailable to visitors; often connected to phishing.
Dynamic Host Configuration Protocol (DHCP) - A network protocol that automatically assigns IP addresses to clients logging onto a TCP/IP network.
Encapsulating Security Payload (ESP) - A security protocol that authenticates packets from servers, ensures that messages are not tampered with while in route and encrypts the packet payload ensuring confidentiality.
Encryption - The process of coding, or "scrambling", a sequence of bytes so it can not be understood without first unscrambling the code.
Estimated Annual Frequency (EAF) - The estimated annual frequency is the number of times a threat will occur in a year.
Ethernet-Based Video Camera - Allows you to maintain physical security via video surveillance and may include additional features such as event recording and remote monitoring via a Web browser.
Exposure Factor (EF) - The exposure factor is the percent of an asset lost due to a threat.
Identity Management - A system that coordinate authentication and password management across network applications and resources.
Internet Control Message Protocol (ICMP) - An extension to the Internet Protocol (IP) that supports packets containing error, control and informational messages.
Intrusion Detection System (IDS) - Monitors network activity and can alert personnel when suspicious activity occurs and shut down suspect connections automatically.
Intrusion Prevention System (IPS) - Inline device, implementing a basic IDS that network traffic flows through; can block any traffic that appears to be an intrusion.
IP Security (IPSec) - Framework for establishing encrypted communications between two devices by using two protocols: AH and ESP.
Light-weight Directory Access Protocol (LDAP) - A protocol used to access a directory listing; LDAP is a sibling protocol to HTTP and FTP and uses the ldap:// prefix in its URL.
Pass-phrase - A long difficult-to-crack series of words and characters that is used like a password.
Patch Management Server - A computer that houses applications or software related to software patches.
Payload - Code portion of malware that damages a computer system.
Perimeter Firewall/VPN Gateway - a security appliance that drops into the network, to screen out illegitimate traffic based on your network security policies.
Phishing - A form of online scam that attempts to mislead people into disclosing private information, such as credit card numbers; well-known brands are often used to lure subjects to spoofed Web sites or even hijacked domains that look legitimate, but will prompt subjects for personal information.
Policy - A formal document describing an organization's position on a particular aspect of enterprise security.
Polymorphic Virus - A virus that changes it surface characteristics with each replication; functionality does not change.
Premaster Secret - A client-generated, 48-byte secret key that is encrypted under the public key from the server's certificate.
Private Key - The private part of a two-part, public key cryptography system, which is kept secret and never transmitted over a network.
Procedure - A step-by-step description of tasks required under a security policy.
Public Key - The published part of a two-part, public key cryptography system.
Public Key Infrastructure (PKI) - A secure method for exchanging information within an organization, an industry, a nation or worldwide; a PKI uses the asymmetric encryption method, also known as the "public/private key" method, for encrypting IDs and documents/messages.
Public/Private Key - A cryptographic method that uses a two-part key (code) that is made up of public and private components. To encrypt messages, the published public keys of the recipients are used. To decrypt the messages, the recipients use their unpublished private keys known only to them.
Registration Authority - An entity responsible for identifying individuals and requesting certificates from a certificate authority.
Regulatory Value - Regulatory value is the measurement of an asset's worth from a regulatory perspective. This includes all legal requirements, such as record retention, fines, penalties, legal counsel and other direct costs for noncompliance.
Remote VPN User - A user connecting to your network from another location via a VPN (virtual private network) or private, encrypted channel through the Internet.
Rootkit - A tool that hides other software from detection; often used with malware.
Router - A device that determines the next network point to which an information packet should be forwarded toward its destination. Packet filtering routers, the simplest form of firewall protection, screen incoming and outgoing packets based on IP header information, including source and destination addresses, protocol and source and destination port numbers.
Secure Sockets Layer (SSL) - The leading security protocol on the Internet. In a typical SSL session, the server sends its public key to the browser; the browser uses that public key to send a randomly generated secret key back to the original server in order to have a secret key exchange for that session.
Security Threat - The ability to exploit a computer or network vulnerability.
Security Vulnerability - An opening into a system or an opportunity to acquire information.
Service Set Identifier (SSID) - SSID is a 32-character unique identifier attached to the header of packets sent over a wireless network that acts as a password when a mobile device tries to connect to the network. The SSID differentiates one WLAN from another; so all access points and all devices attempting to connect to a specific WLAN must use the same SSID.
Symmetric or Session Key - A key used only once and for a limited time such as during transmission of a single message.
Single Loss Expectancy (SLE) - Anticipated monetary value of a loss due to one instance of threat.
Single Sign-On (SSO) - An authentication process in a client/server relationship where the client can enter one name and password and have access to more than one application or access to a number of resources.
Social Engineering - Illegally entering a computer system by having persuaded an authorized person to reveal IDs, passwords and other confidential information.
Spy - An attacker intending to conduct espionage, usually in a corporate or government environment.
Spyware - Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes.
Structured Query Language (SQL) - A language used to search and process data in a relational database.
Switch - A device that channels incoming data from any of multiple input ports to the specific output port that will take the data toward its intended destination.
Transmission Control Protocol (TCP) - A protocol within the TCP/IP protocol suite that is used when reliable packet delivery is essential; TCP requires confirmation of packet delivery for all transmitted packets.
Trojan -A program that appears legitimate, but performs some illicit activity when it is run. It may be used to locate password information, to make the system more vulnerable to future entry or simply destroy programs/data on the hard disk. A Trojan is similar to a virus, except that it does not replicate itself.
Two-Factor Authentication - An authentication process whereas a user authenticates using two different types of identification; for example, a smart card and a password.
URl Filter Server - A computer that houses software that allows you to manage and restrict user access from select Web sites and content in compliance with your organization's policies.
User Datagram Protocol (UDP) - A protocol within the TCP/IP protocol suite that is used in place of TCP when reliable packet delivery is not required or not practical, such as in live video delivery.
Virtual Private Network (VPN) - A secure channel over the Internet in which all communication is encrypted.
Virus - A malicious program that replicates and transmits itself by exploiting vulnerabilities in other programs.
Virus Signature - A pattern that identifies a known entity, such as a virus. Signatures also describe calculated numbers or character strings that correspond to a file.
Web Defacement - A form of malicious hacking in which a Web site is vandalized; often the hacker will replace the site's normal content with a specific political or social message or will erase the content from the site entirely.
Web Server - A computer that houses Website files and manages requests to and from the Internet.
Wired Equivalent Privacy (WEP) - A security protocol, designed to provide the same level of security as that of a wired LAN, for wireless local area networks defined in the 802.11b standard.
Worm - A malicious program that replicates and transmits itself with dependency on other programs; typically exploits a single vulnerability although newer worms are exploiting multiple vulnerabilities.
