glossary:start
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| glossary:start [2023/07/17 14:56] – peter | glossary:start [2023/07/17 15:57] (current) – peter | ||
|---|---|---|---|
| Line 16: | Line 16: | ||
| |ABC|Anti-Bribary and Corruption.| | |ABC|Anti-Bribary and Corruption.| | ||
| |ACA|Application Criticality Assessment.| | |ACA|Application Criticality Assessment.| | ||
| - | |ACKPIGGYBACKING | The practice of sending an ACK inside another packet going to the same destination.| | + | |ACKPIGGYBACKING|The practice of sending an ACK inside another packet going to the same destination.| |
| |ACL|Access Control List. A list of permissions attached to an object.| | |ACL|Access Control List. A list of permissions attached to an object.| | ||
| |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.| | |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.| | ||
| - | |Access Control List|ACL. A list of permissions attached to an object.| | + | |Access Control List|ACL.| |
| + | |:::|A list of permissions attached to an object.| | ||
| |Access Control Service|A security service that provides protection of system resources against unauthorized access. | |Access Control Service|A security service that provides protection of system resources against unauthorized access. | ||
| |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| | |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| | ||
| |Account Harvesting|The process of collecting all the legitimate account names on a system.| | |Account Harvesting|The process of collecting all the legitimate account names on a system.| | ||
| |Active Content|Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| | |Active Content|Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| | ||
| - | |Active Directory|AD. | + | |Active Directory|AD.| |
| + | |:::|A directory service implemented by Microsoft for Windows domain networks. | | ||
| |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| | |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| | ||
| |AD|Active Directory. | |AD|Active Directory. | ||
| |ADAL| Authoritive Data Access Layer.| | |ADAL| Authoritive Data Access Layer.| | ||
| - | |Address Resolution Protocol|ARP. | + | |Address Resolution Protocol|ARP.| |
| - | |ADS| Authoritive Data Source.| | + | |:::|A protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network. |
| + | |ADS|Authoritive Data Source.| | ||
| |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | ||
| - | |Advanced Encryption Standard|AES. | + | |Advanced Encryption Standard|AES.| |
| - | |AEOD | After End-of-Day.| | + | |:::|An encryption standard being developed by NIST. Intended to specify an unclassified, |
| + | |AEOD|After End-of-Day.| | ||
| |AES|Advanced Encryption Standard. | |AES|Advanced Encryption Standard. | ||
| - | |AIRB| Advanced Internal Rating Based Approach.| | + | |AIRB|Advanced Internal Rating Based Approach.| |
| - | |A&L| Assets and Liabilities | | + | |A& |
| - | |Algorithm| A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| | + | |Algorithm|A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| |
| |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.| | |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.| | ||
| |AMSC|Application Management Service Centre.| | |AMSC|Application Management Service Centre.| | ||
| Line 44: | Line 48: | ||
| |ARM|Approved Reporting Mechanism.| | |ARM|Approved Reporting Mechanism.| | ||
| |ARP|Address Resolution Protocol. | |ARP|Address Resolution Protocol. | ||
| - | | ARPANET | Advanced Research Projects Agency Network. | + | |ARPANET|Advanced Research Projects Agency Network. |
| - | | ASCII | American Standard Code for Information Interchange.| | + | |ASCII|American Standard Code for Information Interchange.| |
| - | | ASN (Autonomous System Number) | A globally unique number assigned by a registrar for the purposes of Internet routing, | | + | |ASN|Autonomous System Number.| |
| - | | Asymmetric Cryptography | Public-key cryptography. | + | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing, | |
| - | | Asymmetric Warfare | Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' | + | |Asymmetric Cryptography|Public-key cryptography. |
| - | | Auditing | The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| | + | |Asymmetric Warfare|Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' |
| - | | Asymmetric Digital Subscriber Line (ADSL) | Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | + | |Auditing|The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| |
| - | | Asynchronous Transfer Mode (ATM) | Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. | + | |Asymmetric Digital Subscriber Line|ADSL.| |
| - | | ATM (Asynchronous Transfer Mode) | Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. | + | |:::|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. |
| - | | ATP | Accelerated Training Program.| | + | |Asynchronous Transfer Mode|Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. |
| - | | AUA | Assets Under Administration.| | + | |ATM|Asynchronous Transfer Mode (ATM) is a broadband technology that permits large volumes of voice, image, text, or video data to be transmitted simultaneously. |
| - | | AUM | Assets Under Management.| | + | |ATP|Accelerated Training Program.| |
| - | | Authentication | The process of confirming the correctness of the claimed identity.| | + | |AUA|Assets Under Administration.| |
| - | | Authorization | The approval, permission, or empowerment for someone or something to do something.| | + | |AUM|Assets Under Management.| |
| - | | Autonomous System | One network or series of networks that are all under one administrative control. | + | |Authentication|The process of confirming the correctness of the claimed identity.| |
| - | | Autonomous System Number | + | |Authorization|The approval, permission, or empowerment for someone or something to do something.| |
| - | | Availability | The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| | + | |Autonomous System|One network or series of networks that are all under one administrative control. |
| - | | Backdoor | A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| | + | |Autonomous System Number|ASN.| |
| - | | Bandwidth | Commonly used to mean the capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second.| | + | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing.| |
| - | | Banner | A banner is the information that is displayed to a remote user trying to connect to a service. | + | |Availability|The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| |
| - | | BAP | Business and Personal.| | + | |Backdoor|A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| |
| - | | Basic Authentication | Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| | + | |Bandwidth|Commonly used to mean the capacity of a communication channel to pass data through the channel in a given amount of time. Usually expressed in bits per second.| |
| - | | Bastion Host | A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| | + | |Banner|A banner is the information that is displayed to a remote user trying to connect to a service. |
| - | | BAU | Business as Usual.| | + | |BAP|Business and Personal.| |
| - | | BBS (Bulletin Board System) | A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, | + | |Basic Authentication|Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| |
| - | | BCM (Business Continuity Management) | The management of a Business Continuity Plan (BCP).| | + | |Bastion Host|A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| |
| - | | BCP (Business Continuity Plan) | A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | + | |BAU|Business as Usual.| |
| - | | BDC | Business Delivery and Control.| | + | |BBS|Bulletin Board System.| |
| - | | BEOD | Before End-of-Day.| | + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, |
| - | | Berkeley Internet Name Domain | + | |BCM|Business Continuity Management. The management of a Business Continuity Plan (BCP).| |
| - | | BIOS | Basic Input Output System. | + | |BCP|Business Continuity Plan. A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| |
| - | | BGP (Border Gateway Protocol) | An inter-autonomous system routing protocol. | + | |BDC|Business Delivery and Control.| |
| - | | BIA (Business Impact Analysis) | A Business Impact Analysis determines what levels of impact to a system are tolerable.| | + | |BEOD|Before End-of-Day.| |
| - | | BIND (Berkeley Internet Name Domain) | BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. | + | |Berkeley Internet Name Domain|BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. |
| - | | Biometrics | Biometrics use physical characteristics of the users to identify the user.| | + | |BIOS|Basic Input Output System. |
| - | | Bit | The smallest unit of information storage; a contraction of the term " | + | |BGP|Border Gateway Protocol. An inter-autonomous system routing protocol. |
| - | | Block Cipher | A block cipher encrypts one block of data at a time.| | + | |BIA|Business Impact Analysis.| |
| - | | Blog | Blog is a direct means for an individual to share ideas, thoughts, opinions, and information concerning a particular topic with an audience, using the Web as the medium. | + | |:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.| |
| - | | BLoR | Business List of Records. | + | |BIND|Berkeley Internet Name Domain.| |
| - | | BOM | Business Only Membership.| | + | |:::|BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. |
| - | | Border Gateway Protocol | + | |Biometrics|Biometrics use physical characteristics of the users to identify the user.| |
| - | | Boot Record Infector | A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| | + | |Bit|The smallest unit of information storage; a contraction of the term " |
| - | | Bot | Also called ‘Internet bots’; refers to computers that perform tasks without human input. | + | |Block Cipher|A block cipher encrypts one block of data at a time.| |
| - | | Botnet | A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.| | + | |Blog|Blog is a direct means for an individual to share ideas, thoughts, opinions, and information concerning a particular topic with an audience, using the Web as the medium. |
| - | | B&R | Books and Records.| | + | |BLoR|Business List of Records. |
| - | | BRD | Business Requirements Document. | + | |BOM|Business Only Membership.| |
| - | | Break Glass | Temporary limited access to a production environment. | + | |Border Gateway Protocol|BGP.| |
| - | | Bridge | A mechanism (software or hardware) which connect two communication segments. Bridges generally operate at OSI Layer 2 or 3, but may operate from the physical layer up to the application layer. | + | |:::|An inter-autonomous system routing protocol. |
| - | | BRM | Business Risk Managers.| | + | |Boot Record Infector|A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| |
| - | | Broadcast | To send the same message to an unknown number of destinations without addressing. Examples: ARP, Radio. See also multicast.| | + | |Bot|Also called ‘Internet bots’; refers to computers that perform tasks without human input. |
| - | | Broadcast Address | An address used to broadcast a datagram to all hosts on a given network using UDP or ICMP protocol.| | + | |Botnet|A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.| |
| - | | Browser | A client computer program that can retrieve and display information from servers on the World Wide Web.| | + | |B& |
| - | | Brute Force | A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, | + | |BRD|Business Requirements Document. |
| - | | BSM | Balance Sheet Management.| | + | |Break Glass|Temporary limited access to a production environment. |
| - | | BSS 7799 | British Standard 7799. A standard code of practice and provides guidance on how to secure an information system. | + | |Bridge|A mechanism (software or hardware) which connect two communication segments. Bridges generally operate at OSI Layer 2 or 3, but may operate from the physical layer up to the application layer. |
| - | | BST | British Summer Time.| | + | |BRM|Business Risk Managers.| |
| - | | Buffer Overflow | A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| | + | |Broadcast|To send the same message to an unknown number of destinations without addressing. Examples: ARP, Radio. See also multicast.| |
| - | | Bullet-proof hosting | Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. | + | |Broadcast Address|An address used to broadcast a datagram to all hosts on a given network using UDP or ICMP protocol.| |
| - | | Bulletin Board System | + | |Browser|A client computer program that can retrieve and display information from servers on the World Wide Web.| |
| - | | Business Continuity Management | + | |Brute Force|A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, |
| - | | Business Continuity Plan (BCP) | A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | + | |BSM|Balance Sheet Management.| |
| - | | Business Impact Analysis | + | |BSS 7799|British Standard 7799.| |
| - | | Business Intelligence | Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; | + | |:::|A standard code of practice and provides guidance on how to secure an information system. |
| - | | BYOD | Bring Your Own Device.| | + | |BST|British Summer Time.| |
| - | | Byte | A fundamental unit of computer storage; the smallest addressable unit in a computer' | + | |Buffer Overflow|A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| |
| - | | CA | Certificate Authority.| | + | |Bullet-proof hosting|Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. |
| - | | CAB | Change Advisory Board.| | + | |Bulletin Board System|BBS| |
| - | | CAC (Call Admission Control) | The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| | + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, |
| - | | Cache | Pronounced cash, a special high-speed storage mechanism. | + | |Business Continuity Management|BCM.| |
| - | | Cache Cramming | Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| | + | |:::|The management of a Business Continuity Plan (BCP).| |
| - | | Cache Poisoning | Malicious or misleading data from a remote name server is saved [cached] by another name server. | + | |Business Continuity Plan|BCP.| |
| - | | Call Admission Control | + | |:::|A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| |
| - | | CAMS | Cash Management System.| | + | |Business Impact Analysis|BIA.| |
| - | | Carding | Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. | + | |:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.| |
| - | | Cash-out | The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| | + | |Business Intelligence|Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; |
| - | | CCO | Chief Controls Office. | + | |BYOD|Bring Your Own Device.| |
| - | | CDC | Client Data Controls.| | + | |Byte|A fundamental unit of computer storage; the smallest addressable unit in a computer' |
| - | | CDI | Client Data Interface.| | + | |CA|Certificate Authority.| |
| - | | Cell | A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| | + | |CAB|Change Advisory Board.| |
| - | | CERT (Computer Emergency Response Team) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |CAC|Call Admission Control.| |
| - | | Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| | + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| |
| - | | CFF | Common File Format.| | + | |Cache|Pronounced cash, a special high-speed storage mechanism. |
| - | | CGI (Common Gateway Interface) | This mechanism is used by HTTP servers (web servers) to pass parameters to executable scripts in order to generate responses dynamically.| | + | |Cache Cramming|Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| |
| - | | Chain of Custody | Chain of Custody is the important application of the Federal rules of evidence and its handling.| | + | |Cache Poisoning|Malicious or misleading data from a remote name server is saved [cached] by another name server. |
| - | | Challenge Handshake Authentication Protocol | + | |Call Admission Control|CAC.| |
| - | | CHAP (Challenge Handshake Authentication Protocol) | The Challenge-Handshake Authentication Protocol uses a challenge/ | + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| |
| - | | Chatroom | The name for a discussion group or chat room.| | + | |CAMS|Cash Management System.| |
| - | | Checksum | A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| | + | |Carding|Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. |
| - | | CI | Configuration Item.| | + | |Cash-out|The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| |
| - | | CIP | Customer Identification Program.| | + | |CCO|Chief Controls Office.| |
| - | | Cipher | A cryptographic algorithm for encryption and decryption.| | + | |:::|The Chief Controls Office centralizes and increases the focus on maintaining and enhancing an effective control framework.| |
| - | | Ciphertext | Ciphertext is the encrypted form of the message being sent.| | + | |CDC|Client Data Controls.| |
| - | | Circuit Switched Network | A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| | + | |CDI|Client Data Interface.| |
| - | | CIS | Customer Identification System.| | + | |Cell|A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| |
| - | | CIS | Customer Information System.| | + | |CERT|Computer Emergency Response Team. |
| - | | CIT | Component Integration Testing.| | + | |Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| |
| - | | CL | Control Language.| | + | |CFF|Common File Format.| |
| - | | Client | A system entity that requests and uses a service provided by another system entity, called a " | + | |CGI|Common Gateway Interface. |
| - | | CMDB | Configuration Management Database.| | + | |Chain of Custody|Chain of Custody is the important application of the Federal rules of evidence and its handling.| |
| - | | CMOD | Central Management On Demand.| | + | |Challenge Handshake Authentication Protocol|CHAP. |
| - | | CMR | Customer Master Record.| | + | |CHAP|Challenge Handshake Authentication Protocol.| |
| - | | CMS | Change Management Standard.| | + | |:::|The Challenge-Handshake Authentication Protocol uses a challenge/ |
| - | | COA | Change of Address.| | + | |Chatroom|The name for a discussion group or chat room.| |
| - | | CoB | Close of Business.| | + | |Checksum|A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| |
| - | | Cold Disaster Recovery Site | Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, | + | |CI|Configuration Item.| |
| - | | Collision | A collision occurs when multiple systems transmit simultaneously on the same wire.| | + | |CIP|Customer Identification Program.| |
| - | | Common Gateway Interface | + | |Cipher|A cryptographic algorithm for encryption and decryption.| |
| - | | Competitive Intelligence | Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| | + | |Ciphertext|Ciphertext is the encrypted form of the message being sent.| |
| - | | Competitor Intelligence | Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| | + | |Circuit Switched Network|A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| |
| - | | Compromise | Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. | + | |CIS|Customer Identification System.| |
| - | | Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |CIS|Customer Information System.| |
| - | | Computer Network | A collection of host computers together with the sub-network or inter-network through which they can exchange data.| | + | |CIT|Component Integration Testing.| |
| - | | CON | Change of Name.| | + | |CL|Control Language.| |
| - | | Confidentiality | Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| | + | |Client|A system entity that requests and uses a service provided by another system entity, called a " |
| - | | Configuration Management | Establish a known baseline condition and manage it.| | + | |CMDB|Configuration Management Database.| |
| - | | COO | Chief Operating Office.| | + | |CMOD|Central Management On Demand.| |
| - | | Cookie | Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. | + | |CMR|Customer Master Record.| |
| - | | Corruption | A threat action that undesirably alters system operation by adversely modifying system functions or data.| | + | |CMS|Change Management Standard.| |
| - | | Cost Benefit Analysis | A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| | + | |COA|Change of Address.| |
| - | | Countermeasure | Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. | + | |CoB|Close of Business.| |
| - | | Covert Channels | Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| | + | |Cold Disaster Recovery Site|Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, |
| - | | CP | Consultation Paper.| | + | |Collision|A collision occurs when multiple systems transmit simultaneously on the same wire.| |
| - | | CR | Change Record.| | + | |Common Gateway Interface|CGI. |
| - | | CR | Change Request.| | + | |Competitive Intelligence|Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| |
| - | | CRAID | Changes, Risks, Assumptions, | + | |Competitor Intelligence|Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| |
| - | | Crawler | A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| | + | |Compromise|Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. |
| - | | CRC (Cyclic Redundancy Check) | Sometimes called " | + | |Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| |
| - | | Criminal Forum | A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| | + | |Computer Network|A collection of host computers together with the sub-network or inter-network through which they can exchange data.| |
| - | | CRON | Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| | + | |CON|Change of Name.| |
| - | | Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| | + | |Confidentiality|Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| |
| - | | Cryptanalysis | The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| | + | |Configuration Management|Establish a known baseline condition and manage it.| |
| - | | Cryptographic Algorithm | Hash. An algorithm that employs the science of cryptography, | + | |COO|Chief Operating Office.| |
| - | | CSI | Continual Service Improvements.| | + | |Cookie|Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. |
| - | | CSP | Content Security Policy.| | + | |Corruption|A threat action that undesirably alters system operation by adversely modifying system functions or data.| |
| - | | CTRP | Countries, Towns, Regions and Ports.| | + | |Cost Benefit Analysis|A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| |
| - | | Cut-through | Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| | + | |Countermeasure|Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. |
| - | | Cyberspace | Cyberspace is the notional environment in which communication over computer networks occurs. | + | |Covert Channels|Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| |
| - | | Cyclic Redundancy Check (CRC) | Sometimes called " | + | |CP|Consultation Paper.| |
| - | | Daemon | A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. | + | |CR|Change Record.| |
| - | | Data Aggregation | Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| | + | |CR|Change Request.| |
| - | | Data Custodian | A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| | + | |CRAID|Changes, |
| - | | Data Encryption Standard | + | |Crawler|A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| |
| - | | Data Encryption Standard (DES) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |CRC|Cyclic Redundancy Check.| |
| - | | Data Mining | Data Mining is a technique used to analyze existing information, | + | |:::|Sometimes called " |
| - | | Data Owner | A Data Owner is the entity having responsibility and authority for the data.| | + | |Criminal Forum|A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| |
| - | | Data Warehouse | A central repository for all or significant parts of the data that an enterprise’s various business systems collect. | + | |CRON|Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| |
| - | | Data Warehousing | Data Warehousing is the consolidation of several previously independent databases into one location.| | + | |Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| |
| - | | Datagram | Request for Comment 1594 says, "a self-contained, | + | |Cryptanalysis|The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| |
| - | | Day Zero | The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. | + | |Cryptographic Algorithm|Hash. |
| - | + | |CSI|Continual Service Improvements.| | |
| - | | DB | Database.| | + | |CSP|Content Security Policy.| |
| - | | DBC | Detailed Business Case.| | + | |CTRP|Countries, |
| - | | DCF | Data Control Framework.| | + | |Cut-through|Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| |
| - | | DCO | Device Configuration Overlay. | + | |Cyberspace|Cyberspace is the notional environment in which communication over computer networks occurs. |
| - | | DCP | Demand Change Process.| | + | |Cyclic Redundancy Check|CRC. |
| - | | Ddos (Distributed Denial of Service) | Distributed Denial of Service (DdoS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. | + | |Daemon|A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. |
| - | | Decapsulation | Decapsulation is the process of stripping off one layer' | + | |Data Aggregation|Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| |
| - | | Decryption | Decryption is the process of transforming an encrypted message into its original plain-text.| | + | |Data Custodian|A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| |
| - | | Deep Web | Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |Data Encryption Standard|DES. A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | Defacement | Defacement is the method of modifying the content of a website in such a way that it becomes " | + | |Data Mining|Data Mining is a technique used to analyze existing information, |
| - | | Defense In-Depth | Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| | + | |Data Owner|A Data Owner is the entity having responsibility and authority for the data.| |
| - | | Demilitarized Zone (DMZ) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |Data Warehouse|A central repository for all or significant parts of the data that an enterprise’s various business systems collect. |
| - | | Denial of Service | The prevention of authorized access to a system resource or the delaying of system operations and functions.| | + | |Data Warehousing|Data Warehousing is the consolidation of several previously independent databases into one location.| |
| - | | DES (Data Encryption Standard) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |Datagram|Request for Comment 1594 says, "a self-contained, |
| - | | D&I | Diversity and Inclusion.| | + | |Day Zero|The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. |
| - | | Dictionary Attack | An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| | + | |DB|Database.| |
| - | | Diffie-Hellman | A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. | + | |DBC|Detailed Business Case.| |
| - | | Digest Authentication | Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| | + | |DCF|Data Control Framework.| |
| - | | Digital Certificate | A digital certificate is an electronic " | + | |DCO|Device Configuration Overlay.| |
| - | | Digital Envelope | A digital envelope is an encrypted message with the encrypted session key.| | + | |:::|A hidden part of a hard drive that is used by personal computer manufacturers to specify the configuration of a hard drive (regardless of its actual size) to present the same number of sectors to the BIOS and operating system.| |
| - | | Digital Signature | A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | | + | |DCP|Demand Change Process.| |
| - | | Digital Signature Algorithm | + | |DDOS|Distributed Denial of Service.| |
| - | | Digital Signature Standard | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | Disassembly | The process of taking a binary program and deriving the source code from it.| | + | |Decapsulation | Decapsulation is the process of stripping off one layer' |
| - | | Disaster Recovery Plan (DRP) | A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| | + | |Decryption|Decryption is the process of transforming an encrypted message into its original plain-text.| |
| - | | Discretionary Access Control | + | |Deep Web|Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | Dispensation | Temporary exclusion from Policy or Scope.| | + | |Defacement|Defacement is the method of modifying the content of a website in such a way that it becomes " |
| - | | Disruption | A circumstance or event that interrupts or prevents the correct operation of system services and functions.| | + | |Defense In-Depth|Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| |
| - | | Distance Vector | Distance vectors measure the cost of routes to determine the best route to all known networks.| | + | |Demilitarized Zone|DMZ.| |
| - | | Distributed Denial of Service | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | Distributed Scans | Distributed Scans are scans that use multiple source addresses to gather information.| | + | |Denial of Service|The prevention of authorized access to a system resource or the delaying of system operations and functions.| |
| - | | DLL (Dynamic Link Library) | A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. | + | |DES|Data Encryption Standard).| |
| - | | DLP | Data Loss Prevention.| | + | |:::|A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | DMS | Document Management System.| | + | |D& |
| - | | DM&W | Document Management and Workflow.| | + | |Dictionary Attack|An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| |
| - | | DMZ (Demilitarized Zone) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |Diffie-Hellman|A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. |
| - | | DNS (Domain Name System) | The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " | + | |Digest Authentication|Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| |
| - | | Domain | A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. | + | |Digital Certificate|A digital certificate is an electronic " |
| - | | Domain Hijacking | Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' | + | |Digital Envelope|A digital envelope is an encrypted message with the encrypted session key.| |
| - | | Domain Name | A domain name locates an organization or other entity on the Internet. | + | |Digital Signature|A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | |
| - | | Domain Name System | + | |Digital Signature Algorithm|DSA.| |
| - | | Download | To download is to retrieve Information from the Internet.| | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | DP | Discussion Paper.| | + | |Digital Signature Standard|DSS.| |
| - | | DPIA | Data Protection Input Assessment.| | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | DR | Disaster Recovery. | + | |Disassembly|The process of taking a binary program and deriving the source code from it.| |
| - | | Drop Site | Malware that steals data will upload the information to a Drop Site for later retrieval.| | + | |Disaster Recovery Plan|DRP.| |
| - | | DSA (Digital Signature Algorithm) | An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. | + | |:::|A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| |
| - | | DSS (Digital Signature Standard | The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| | + | |Discretionary Access Control|DAC.| |
| - | | DTU | Data Transfer Utility.| | + | |:::|Discretionary Access Control consists of something the user can manage, such as a document password.| |
| - | | Due Care | Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| | + | |Dispensation|Temporary exclusion from Policy or Scope.| |
| - | | Due Diligence | Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| | + | |Disruption|A circumstance or event that interrupts or prevents the correct operation of system services and functions.| |
| - | | Dump | Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| | + | |Distance Vector|Distance vectors measure the cost of routes to determine the best route to all known networks.| |
| - | | DumpSec | DumpSec is a security tool that dumps a variety of information about a system' | + | |Distributed Denial of Service|DDOS.| |
| - | | Dumpster Diving | Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | DWB | Dispensation, | + | |Distributed Scans|Distributed Scans are scans that use multiple source addresses to gather information.| |
| - | | DX | Developer Experience.| | + | |DLL|Dynamic Link Library.| |
| - | | Dynamic Link Library | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | Dynamic Routing Protocol | Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. | + | |DLP|Data Loss Prevention.| |
| - | | E2E | End-to-End. | + | |DMS|Document Management System.| |
| - | | EAD | Exposure at Default.| | + | |DM& |
| - | | EAP (Extensible Authentication Protocol) | A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, | + | |DMZ|Demilitarized Zone.| |
| - | | Eavesdropping | Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | e-Commerce | + | |DNS|Domain Name System.| |
| - | | Echo Reply | An echo reply is the response a machine that has received an echo request sends over ICMP.| | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | Echo Request | An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| | + | |Domain|A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. |
| - | | EDS | European Data Store.| | + | |Domain Hijacking|Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' |
| - | | EFT (Electronic Funds Transfer) | + | |Domain Name|A domain name locates an organization or other entity on the Internet. |
| - | | Egress Filtering | Filtering outbound traffic.| | + | |Domain Name System|DNS.| |
| - | | EGP (Exterior Gateway Protocol) | A protocol which distributes routing information to the routers which connect autonomous systems.| | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | EGW | Engagement Gateway.| | + | |Download|To download is to retrieve Information from the Internet.| |
| - | | EIN | Employee Identification Number. | + | |DP|Discussion Paper.| |
| - | | Electronic Commerce | + | |DPIA|Data Protection Input Assessment.| |
| - | | Electronic Funds Transfer | + | |DR|Disaster Recovery. |
| - | | Emanations Analysis | Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| | + | |Drop Site|Malware that steals data will upload the information to a Drop Site for later retrieval.| |
| - | | Encapsulation | The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| | + | |DSA|Digital Signature Algorithm.| |
| - | | Encryption | Cryptographic transformation of data (called " | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | EOD | End-of-Day.| | + | |DSS|Digital Signature Standard.| |
| - | | Ephemeral Port | Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | Escrow Passwords | Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| | + | |DTU|Data Transfer Utility.| |
| - | | Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |Due Care|Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| |
| - | | Ethernet | The most widely-installed LAN technology. | + | |Due Diligence|Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| |
| - | | ETL | Extract, Transform, Load.| | + | |Dump|Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| |
| - | | EUDA | End User Developed Application.| | + | |DumpSec|DumpSec is a security tool that dumps a variety of information about a system' |
| - | | Event | An event is an observable occurrence in a system or network.| | + | |Dumpster Diving|Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| |
| - | | EXCO | Executive Committee, Executive Council.| | + | |DWB|Dispensation, |
| - | | Exploit | A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| | + | |DX|Developer Experience.| |
| - | | Exponential Backoff Algorithm | An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| | + | |Dynamic Link Library|DLL.| |
| - | | Exposure | A threat action whereby sensitive data is directly released to an unauthorized entity.| | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | Extended ACLS | Cisco. | + | |Dynamic Routing Protocol|Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. |
| - | | Extensible Authentication Protocol | + | |E2E|End-to-End. |
| - | | Exterior Gateway Protocol | + | |EAD|Exposure at Default.| |
| - | | Extranet | Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, | + | |EAP|Extensible Authentication Protocol.| |
| - | | False Rejects | False Rejects are when an authentication system fails to recognize a valid user.| | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | Fast File System | The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| | + | |Eavesdropping|Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| |
| - | | Fast Flux | Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| | + | |e-Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | FAT | Functional Acceptance Testing. | + | |Echo Reply| An echo reply is the response a machine that has received an echo request sends over ICMP.| |
| - | | Fault Line Attacks | Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| | + | |Echo Request|An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| |
| - | | FCT | Functional Confidence Testing. | + | |EDS|European Data Store.| |
| - | | File Transfer Protocol | + | |EFT|Electronic Funds Transfer is the transfer of cash or credit from one account to another using computers and telecommunications.| |
| - | | Filter | + | |Egress Filtering | Filtering outbound traffic.| |
| - | | Filtering Router | An inter-network router that selectively prevents the passage of data packets according to a security policy. | + | |EGP|Exterior Gateway Protocol). |
| - | | Finger | A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | Fingerprinting | Sending strange packets to a system in order to gauge how it responds to determine the operating system.| | + | |EGW|Engagement Gateway.| |
| - | | Firewall | A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| | + | |EIN|Employee Identification Number.| |
| - | | Flooding | An attack that attempts to cause a failure in (especially, | + | |Electronic Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | Forest | A forest is a set of Active Directory domains that replicate their databases with each other.| | + | |Electronic Funds Transfer|Electronic Funds Transfer |
| - | | Fork Bomb | A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. | + | |Emanations Analysis|Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| |
| - | | Form-based Authentication | Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| | + | |Encapsulation|The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| |
| - | | Forward Lookup | Forward lookup uses an Internet domain name to find an IP address.| | + | |Encryption|Cryptographic transformation of data (called " |
| - | | Forward Proxy | Forward Proxies are designed to be the server through which all requests are made.| | + | |EOD|End-of-Day.| |
| - | | FQDN | Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| | + | |Ephemeral Port|Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. |
| - | | Fragment Offset | The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| | + | |Escrow Passwords|Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| |
| - | | Fragment Overlap Attack | A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. | + | |Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | Fragmentation | The process of storing a data file in several " | + | |Ethernet|The most widely-installed LAN technology. |
| - | | Frames | Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. | + | |ETL|Extract, |
| - | | FTP (File Transfer Protocol) | A TCP/IP protocol specifying the transfer of text or binary files across the network.| | + | |EUDA|End User Developed Application.| |
| - | | Full Duplex | A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. | + | |Event|An event is an observable occurrence in a system or network.| |
| - | | Fully-Qualified Domain Name | A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| | + | |EXCO|Executive Committee, Executive Council.| |
| - | | Fuzzing | The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " | + | |Exploit|A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| |
| - | | Gateway | A network point that acts as an entrance to another network.| | + | |Exponential Backoff Algorithm|An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| |
| - | | GETHOSTBYADDR | The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| | + | |Exposure|A threat action whereby sensitive data is directly released to an unauthorized entity.| |
| - | | GETHOSTBYNAME | The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| | + | |Extended ACLS|Cisco. |
| - | | GIS | Global Information Security.| | + | |Extensible Authentication Protocol|EAP.| |
| - | | GNU | GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | GNUTELLA | An Internet file sharing utility. | + | |Exterior Gateway Protocol|EGP.| |
| - | | GTIS | Global Technology Infrastructure Group.| | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | GW | Gateway.| | + | |Extranet|Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, |
| - | | Hactivist | An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, | + | |False Rejects|False Rejects are when an authentication system fails to recognize a valid user.| |
| - | | HAM | Hardware Asset Management.| | + | |Fast File System|The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| |
| - | | Hardening | Hardening is the process of identifying and fixing vulnerabilities on a system.| | + | |Fast Flux|Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| |
| - | | Hash Function | An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| | + | |FAT|Functional Acceptance Testing.| |
| - | | Hash Functions | (cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. | + | |:::|See FCT.| |
| - | | Header | A header is the extra information in a packet that is needed for the protocol stack to process the packet.| | + | |Fault Line Attacks|Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| |
| - | | Hijack Attack | A form of active wiretapping in which the attacker seizes control of a previously established communication association.| | + | |FCT|Functional Confidence Testing.| |
| - | | Honey Client | See Honeymonkey.| | + | |:::|Functional testing covers Unit Testing, Smoke Testing, Sanity Testing, Intergration Testing (Top Down, Bottom Up), Interface and Useability Testing, System Testing, Regression Testing, Per User Acceptance Testing (Alpha and Beta), User Acceptance Testing, White Box and Black Box Testing, Globalization and Location Testing.| |
| - | | Honey Pot | Programs that simulate one or more network services that you designate on your computer' | + | |File Transfer Protocol|FTP. |
| - | | Honeymonkey | Automated system simulating a user browsing websites. | + | |Filter A filter is used to specify which packets will or will not be used. It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.| |
| - | | Hops | A hop is each exchange with a gateway a packet takes on its way to the destination.| | + | |Filtering Router|An inter-network router that selectively prevents the passage of data packets according to a security policy. |
| - | | Host | Any computer that has full two-way access to other computers on the Internet. | + | |Finger|A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. |
| - | | Host-based ID | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |Fingerprinting|Sending strange packets to a system in order to gauge how it responds to determine the operating system.| |
| - | | Host-Based Intrusion Detection | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |Firewall|A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| |
| - | | Hot Disaster Recovery Site | It contains fully redundant hardware and software, with telecommunications, | + | |Flooding|An attack that attempts to cause a failure in (especially, |
| - | | Hot Fix | A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. | + | |Forest|A forest is a set of Active Directory domains that replicate their databases with each other.| |
| - | | HPA | Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| | + | |Fork Bomb|A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. |
| - | | HTML (Hypertext Markup Language) | The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.| | + | |Form-based Authentication|Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| |
| - | | HTTP (Hypertext Transfer Protocol) | The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.| | + | |Forward Lookup|Forward lookup uses an Internet domain name to find an IP address.| |
| - | | HTTP Proxy | An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| | + | |Forward Proxy|Forward Proxies are designed to be the server through which all requests are made.| |
| - | | HTTPS | When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | | + | |FQDN|Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| |
| - | | HUB | A hub is a network device that operates by repeating data that it receives on one port to all the other ports. | + | |Fragment Offset|The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| |
| - | | Humint | + | |Fragment Overlap Attack|A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. |
| - | | Hybrid Attack | A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| | + | |Fragmentation|The process of storing a data file in several " |
| - | | Hybrid Encryption | An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| | + | |Frames|Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. |
| - | | Hyperlink | In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| | + | |FTP|File Transfer Protocol).| |
| - | | Hypertext Markup Language | + | |:::|A TCP/IP protocol specifying the transfer of text or binary files across the network.| |
| - | | Hypertext Transfer Protocol | + | |Full Duplex|A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. |
| - | | ICMP (Internet Control Message Protocol) | An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| | + | |Fully-Qualified Domain Name|A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| |
| - | | Identity | Identity is whom someone or what something is, for example, the name by which something is known.| | + | |Fuzzing|The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " |
| - | | IETF (Internet Engineering Task Force) | The body that defines standard Internet operating protocols such as TCP/ | + | |Gateway|A network point that acts as an entrance to another network.| |
| - | | IMAP (Internet Message Access Protocol) | A protocol that defines how a client should fetch mail from and return mail to a mail server. | + | |GETHOSTBYADDR|The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| |
| - | | Incident | An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| | + | |GETHOSTBYNAME|The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| |
| - | | Incident Handling | Incident Handling is an action plan for dealing with intrusions, cyber-theft, | + | |GIS|Global Information Security.| |
| - | | Incremental Backups | Incremental backups only backup the files that have been modified since the last backup. | + | |GNU|GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. |
| - | | Industrial Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |GNUTELLA|An Internet file sharing utility. |
| - | | INETD | Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| | + | |GTIS|Global Technology Infrastructure Group.| |
| - | | Inference Attack | Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| | + | |GW|Gateway.| |
| - | | Information Warfare | Information Warfare is the competition between offensive and defensive players over information resources.| | + | |Hactivist|An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, |
| - | | Ingress Filtering | Ingress Filtering is filtering inbound traffic.| | + | |HAM|Hardware Asset Management.| |
| - | | Input Validations Attack | Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| | + | |Hardening|Hardening is the process of identifying and fixing vulnerabilities on a system.| |
| - | | Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, | + | |Hash Function|An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| |
| - | | Integrity Star Property | In Integrity Star Property a user cannot read data of a lower integrity level then their own.| | + | |Hash Functions|(cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. |
| - | | Intellectual Property | Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. | + | |Header|A header is the extra information in a packet that is needed for the protocol stack to process the packet.| |
| - | | Intelligence | Intelligence is high-level, processed, exploitable Information.| | + | |Hijack Attack|A form of active wiretapping in which the attacker seizes control of a previously established communication association.| |
| - | | International Organization for Standardization (ISO) | A voluntary, non-treaty, non-government organization, | + | |Honey Client|See Honeymonkey.| |
| - | | International Telecommunications Union (ITU-T) | Telecommunication Standardization Sector (formerly " | + | |Honey Pot|Programs that simulate one or more network services that you designate on your computer' |
| - | | Internet | A term to describe connecting multiple separate networks together.| | + | |Honeymonkey|Automated system simulating a user browsing websites. |
| - | | Internet Control Message Protocol | + | |Hops|A hop is each exchange with a gateway a packet takes on its way to the destination.| |
| - | | Internet Engineering Task Force (IETF) | The body that defines standard Internet operating protocols such as TCP/ | + | |Host|Any computer that has full two-way access to other computers on the Internet. |
| - | | Internet Message Access Protocol | + | |Host-based ID|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Internet Protocol | + | |Host-Based Intrusion Detection|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Internet Protocol Security | + | |Hot Disaster Recovery Site|It contains fully redundant hardware and software, with telecommunications, |
| - | | Internet Relay Chat (IRC) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |Hot Fix|A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. |
| - | | Internet Service Provider | + | |HPA|Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| |
| - | | Internet Standard | A specification, | + | |HTML|Hypertext Markup Language. |
| - | | Interrupt | An Interrupt is a signal that informs the OS that something has occurred.| | + | |HTTP|Hypertext Transfer Protocol. |
| - | | Intranet | A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| | + | |HTTP Proxy|An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| |
| - | | Intrusion Detection | A security management system for computers and networks. | + | |HTTPS|When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | |
| - | | Invisible Web | Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |HUB|A hub is a network device that operates by repeating data that it receives on one port to all the other ports. |
| - | | IP (Internet Protocol) | The method or protocol by which data is sent from one computer to another on the Internet.| | + | |Humint|Humint is an abbreviation for Human Intelligence; |
| - | | IP Address | A computer' | + | |Hybrid Attack|A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| |
| - | | IP Flood | A denial of service attack that sends a host more echo request (" | + | |Hybrid Encryption|An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| |
| - | | IP Forwarding | IP forwarding is an Operating System option that allows a host to act as a router. | + | |Hyperlink|In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| |
| - | | IPSEC (Internet Protocol Security) | A developing standard for security at the network or packet processing layer of network communication.| | + | |Hypertext Markup Language|HTML. |
| - | | IP Spoofing | The technique of supplying a false IP address.| | + | |Hypertext Transfer Protocol|HTTP. |
| - | | IRC (Internet Relay Chat) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |ICMP|Internet Control Message Protocol.| |
| - | | IRM | Information Risk Management.| | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | ISO (International Organization for Standardization) | A voluntary, non-treaty, non-government organization, | + | |Identity | Identity is whom someone or what something is, for example, the name by which something is known.| |
| - | | ISP (Internet Service Provider) | An Internet Service Provider (ISP) is a company selling access to the Internet.| | + | |IETF|Internet Engineering Task Force.| |
| - | | Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | ITU-T (International Telecommunications Union) | Telecommunication Standardization Sector (formerly " | + | |IMAP|Internet Message Access Protocol.| |
| - | | Jitter | Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | Jump Bag | A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| | + | |Incident|An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| |
| - | | Kerberos | A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, | + | |Incident Handling|Incident Handling is an action plan for dealing with intrusions, cyber-theft, |
| - | | Kernel | The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. | + | |Incremental Backups|Incremental backups only backup the files that have been modified since the last backup. |
| - | | KYC | Know Your Customer.| | + | |Industrial Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | L2F (Layer 2 Forwarding Protocol) | An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| | + | |INETD|Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| |
| - | | L2FP (Layer 2 Tunnelling | + | |Inference Attack|Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| |
| - | | Lattice Techniques | Lattice Techniques use security designations to determine access to information.| | + | |Information Warfare|Information Warfare is the competition between offensive and defensive players over information resources.| |
| - | | Layer 2 Forwarding Protocol | + | |Ingress Filtering|Ingress Filtering is filtering inbound traffic.| |
| - | | Layer 2 Tunnelling | + | |Input Validations Attack|Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| |
| - | | Least Privilege | Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| | + | |Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, |
| - | | Legion | Software to detect unprotected shares.| | + | |Integrity Star Property|In Integrity Star Property a user cannot read data of a lower integrity level then their own.| |
| - | | Lightweight Directory Access Protocol | + | |Intellectual Property|Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. |
| - | | Link State | With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| | + | |Intelligence|Intelligence is high-level, processed, exploitable Information.| |
| - | | List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| | + | |International Organization for Standardization (ISO)|A voluntary, non-treaty, non-government organization, |
| - | | LKM (Loadable Kernel Modules) | Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| | + | |International Telecommunications Union|ITU-T.| |
| - | | Loadable Kernel Modules | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | Log Clipping | Log clipping is the selective removal of log entries from a system log to hide a compromise.| | + | |Internet|A term to describe connecting multiple separate networks together.| |
| - | | Logic Bombs | Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. | + | |Internet Control Message Protocol|ICMP.| |
| - | | Logic Gate | A logic gate is an elementary building block of a digital circuit. | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| | + | |Internet Engineering Task Force|IETF.| |
| - | | LTR | Large Transaction Report.| | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | MAC (Mandatory Access Control) | Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. | + | |Internet Message Access Protocol|IMAP.| |
| - | | MAC Address | A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | Malicious Code | Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| | + | |Internet Protocol|IP.| |
| - | | Malware | A generic term for a number of different types of malicious code.| | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | Mandatory Access Control | + | |Internet Protocol Security|IPSEC.| |
| - | | Man in the Middle | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | Masquerade Attack | A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| | + | |Internet Relay Chat|IRC.| |
| - | | MD5 | A one way cryptographic hash function. | + | |:::|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | Measures of Effectiveness | + | |Internet Service Provider|ISP.| |
| - | | MFT | Managed File Transfer.| | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | MI | Management Information.| | + | |Internet Standard|A specification, |
| - | | MITM (Man in the Middle) Attack | + | |Interrupt|An Interrupt is a signal that informs the OS that something has occurred.| |
| - | | MOE (Measures of Effectiveness) | Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| | + | |Intranet|A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| |
| - | | Monoculture | Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| | + | |Intrusion Detection|A security management system for computers and networks. |
| - | | Morris Worm | A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| | + | |Invisible Web|Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | MoSCoW | Must, Should, Could, Would.| | + | |IP|Internet Protocol).| |
| - | | Mule | Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | Multi-Cast | Broadcasting from one host to a given set of hosts.| | + | |IP Address|A computer' |
| - | | Multi-Homed | You are " | + | |IP Flood|A denial of service attack that sends a host more echo request (" |
| - | | Multiplexing | To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| | + | |IP Forwarding|IP forwarding is an Operating System option that allows a host to act as a router. |
| - | | NAT (Network Address Translation) | It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. | + | |IPSEC|Internet Protocol Security).| |
| - | | National Institute of Standards and Technology | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | Natural Disaster | Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| | + | |IP Spoofing|The technique of supplying a false IP address.| |
| - | | Netmask | 32-bit number indicating the range of IP addresses residing on a single IP network/ | + | |IRC|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | Network Address Translation | + | |IRM|Information Risk Management.| |
| - | | Network-based IDS | A network-based IDS system monitors the traffic on its network segment as a data source. | + | |ISO|International Organization for Standardization).| |
| - | | Network Mapping | To compile an electronic inventory of the systems and the services on your network.| | + | |:::|A voluntary, non-treaty, non-government organization, |
| - | | Network Taps | Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| | + | |ISP|Internet Service Provider).| |
| - | | Newsgroup | Newsgroup is the name for a discussion group or chat room.| | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | Nginx | Nginx Web Server. | + | |Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, |
| - | | Node | Node is any single device connected to a Network.| | + | |ITU-T|International Telecommunications Union).| |
| - | | Non FCT | Non Functional Testing. | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | Non-printable character | A character that doesn' | + | |Jitter|Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| |
| - | | Non-repudiation | Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| | + | |Jump Bag|A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| |
| - | | Null Session | Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| | + | |Kerberos|A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, |
| - | | OAT | Operational Acceptance Testing. | + | |Kernel|The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. |
| - | | Octet | A sequence of eight bits. An octet is an eight-bit byte.| | + | |KYC|Know Your Customer.| |
| - | | One-way Encryption | Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| | + | |L2F|Layer 2 Forwarding Protocol).| |
| - | | One-way Function | A (mathematical) function, f, which is easy to compute the output based on a given input. | + | |:::|An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| |
| - | | Open Shortest Path First (OSPF) | + | |L2FP|Layer 2 Tunneling |
| - | | Open Source Information | Open source information is unclassified published information. | + | |:::|An extension of the Point-to-Point |
| - | | Open Systems Interconnection | + | |Lattice Techniques|Lattice Techniques use security designations to determine access to information.| |
| - | | OR | Operational Risk.| | + | |Layer 2 Forwarding Protocol|L2F. |
| - | | ORF | Operational Risk Framework.| | + | |Layer 2 Tunneling |
| - | | ORIA | Operational Risk Impact Assessment. | + | |Least Privilege|Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| |
| - | | OSI (Open Systems Interconnection) | OSI is a standard description or " | + | |Legion|Software to detect unprotected shares.| |
| - | | OSI Layers | The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. | + | |Lightweight Directory Access Protocol|LDAP. |
| - | | OSPF (Open Shortest Path First) | + | |Link State|With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| |
| - | | Overload | Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| | + | |List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| |
| - | | Packet | A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| | + | |LKM|Loadable Kernel Modules.| |
| - | | Packet Switched Network | A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| | + | |:::|Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| |
| - | | PAN | Primary Account Number.| | + | |Loadable Kernel Modules|LKM. |
| - | | Partitions | Major divisions of the total physical hard disk space.| | + | |Log Clipping|Log clipping is the selective removal of log entries from a system log to hide a compromise.| |
| - | | Password Authentication Protocol | + | |Logic Bombs|Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. |
| - | | Password Cracking | Password cracking is the process of attempting to guess passwords, given the password file information.| | + | |Logic Gate|A logic gate is an elementary building block of a digital circuit. |
| - | | Password Sniffing | Passive wiretapping, | + | |Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| |
| - | | PATS | Per Application Test Strategy.| | + | |LTR|Large Transaction Report.| |
| - | | Patch | A patch is a small update released by a software manufacturer to fix bugs in existing programs.| | + | |MAC|Mandatory Access Control).| |
| - | | Patching | Patching is the process of updating software to a different version.| | + | |:::|Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. |
| - | | Payload | Payload is the actual application data a packet contains.| | + | |MAC Address|A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| |
| - | | Penetration | Gaining unauthorized logical access to sensitive data by circumventing a system' | + | |Malicious Code|Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| |
| - | | Penetration Testing | Penetration testing is used to test the external perimeter security of a network or facility.| | + | |Malware|A generic term for a number of different types of malicious code.| |
| - | | PERL (Practical Extraction and Reporting Language) | A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | + | |Mandatory Access Control|MAC. |
| - | | Permutation | Permutation keeps the same letters but changes the position within a text to scramble the message.| | + | |Man in the Middle Attack|MITM.| |
| - | | Personal Firewalls | Personal firewalls are those firewalls that are installed and run on individual PCs.| | + | |:::|In cryptography, |
| - | | PFS (Public Key Forward Secrecy) | For a key agreement protocol based on asymmetric cryptography, | + | |Masquerade Attack|A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| |
| - | | Pharming | This is a more sophisticated form of MITM attack. | + | |MD5|A one way cryptographic hash function. |
| - | | Phishing | The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. | + | |Measures of Effectiveness|MOE.| |
| - | | PII | Personal Identifiable Information.| | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | Ping of Death | An attack that sends an improperly large ICMP echo request packet (a " | + | |MFT|Managed File Transfer.| |
| - | | Ping Scan | A ping scan looks for machines that are responding to ICMP Echo Requests.| | + | |MI|Management Information.| |
| - | | Ping Sweep | An attack that sends ICMP echo requests (" | + | |MITM Attack|Man in the Middle.| |
| - | | PIR | Post Incident Review.| | + | |:::|In cryptography, |
| - | | PGP (Pretty Good Privacy) | Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| | + | |MOE|Measures of Effectiveness).| |
| - | | PKI (Public Key Infrastructure) | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | Plaintext | Ordinary readable text before being encrypted into ciphertext or after being decrypted.| | + | |Monoculture|Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| |
| - | | PMI | Potential Major Incident.| | + | |Morris Worm|A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| |
| - | | PoC (Proof of Concept) | A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, | + | |MoSCoW | Must, Should, Could, Would.| |
| - | | POC | Point of Contact.| | + | |Mule|Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. |
| - | | Point-to-Point | + | |Multi-Cast|Broadcasting from one host to a given set of hosts.| |
| - | | Point-to-Point | + | |Multi-Homed|You are " |
| - | | Poison Reverse | Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| | + | |Multiplexing|To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| |
| - | | Polyinstantiation | Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| | + | |NAT|Network Address Translation).| |
| - | | Polymorphism | Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| | + | |:::|It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. |
| - | | POP3 (Post Office Protocol Version 3) | An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | + | |National Institute of Standards and Technology|NIST. |
| + | |Natural Disaster|Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| | ||
| + | |Netmask|32-bit number indicating the range of IP addresses residing on a single IP network/ | ||
| + | |Network Address Translation|NAT. | ||
| + | |Network-based IDS|A network-based IDS system monitors the traffic on its network segment as a data source. | ||
| + | |Network Mapping|To compile an electronic inventory of the systems and the services on your network.| | ||
| + | |Network Taps|Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| | ||
| + | |Newsgroup|Newsgroup is the name for a discussion group or chat room.| | ||
| + | |Nginx|Nginx Web Server. | ||
| + | |Node|Node is any single device connected to a Network.| | ||
| + | |Non FCT|Non Functional Testing. | ||
| + | |Non-printable character|A character that doesn' | ||
| + | |Non-repudiation|Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| | ||
| + | |Null Session|Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| | ||
| + | |OAT|Operational Acceptance Testing. | ||
| + | |Octet|A sequence of eight bits. An octet is an eight-bit byte.| | ||
| + | |One-way Encryption|Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| | ||
| + | |One-way Function |A (mathematical) function, f, which is easy to compute the output based on a given input. | ||
| + | |Open Shortest Path First|(OSPF) Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| | ||
| + | |Open Source Information |Open source information is unclassified published information. | ||
| + | |Open Systems Interconnection|OSI is a standard description or " | ||
| + | |OR|Operational Risk.| | ||
| + | |ORF|Operational Risk Framework.| | ||
| + | |ORIA|Operational Risk Impact Assessment. | ||
| + | |OSI|Open Systems Interconnection.| | ||
| + | |:::|OSI is a standard description or " | ||
| + | |OSI Layers|The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. | ||
| + | |OSPF| Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| | ||
| + | |Overload|Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| | ||
| + | |Packet|A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| | ||
| + | |Packet Switched Network|A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| | ||
| + | |PAN|Primary Account Number.| | ||
| + | |Partitions|Major divisions of the total physical hard disk space.| | ||
| + | |Password Authentication Protocol|PAP. | ||
| + | |Password Cracking|Password cracking is the process of attempting to guess passwords, given the password file information.| | ||
| + | |Password Sniffing|Passive wiretapping, | ||
| + | |PATS|Per Application Test Strategy.| | ||
| + | |Patch|A patch is a small update released by a software manufacturer to fix bugs in existing programs.| | ||
| + | |Patching|Patching is the process of updating software to a different version.| | ||
| + | |Payload|Payload is the actual application data a packet contains.| | ||
| + | |Penetration|Gaining unauthorized logical access to sensitive data by circumventing a system' | ||
| + | |Penetration Testing|Penetration testing is used to test the external perimeter security of a network or facility.| | ||
| + | |PERL|Practical Extraction and Reporting Language).| | ||
| + | |:::|A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | ||
| + | |Permutation|Permutation keeps the same letters but changes the position within a text to scramble the message.| | ||
| + | |Personal Firewalls|Personal firewalls are those firewalls that are installed and run on individual PCs.| | ||
| + | |PFS|Public Key Forward Secrecy.| | ||
| + | |:::|For a key agreement protocol based on asymmetric cryptography, | ||
| + | |Pharming|This is a more sophisticated form of MITM attack. | ||
| + | |Phishing|The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. | ||
| + | |PII|Personal Identifiable Information.| | ||
| + | |Ping of Death|An attack that sends an improperly large ICMP echo request packet (a " | ||
| + | |Ping Scan|A ping scan looks for machines that are responding to ICMP Echo Requests.| | ||
| + | |Ping Sweep|An attack that sends ICMP echo requests (" | ||
| + | |PIR|Post Incident Review.| | ||
| + | |PGP|Pretty Good Privacy).| | ||
| + | |:::|Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| | ||
| + | |PKI|A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. | ||
| + | |Plaintext|Ordinary readable text before being encrypted into ciphertext or after being decrypted.| | ||
| + | |PMI|Potential Major Incident.| | ||
| + | |PoC|Proof of Concept).| | ||
| + | |:::|A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, | ||
| + | |POC|Point of Contact.| | ||
| + | |Point-to-Point|PPP.| | ||
| + | |:::|A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. | ||
| + | |Point-to-Point | ||
| + | |Poison Reverse|Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| | ||
| + | |Polyinstantiation|Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| | ||
| + | |Polymorphism|Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| | ||
| + | |POP3|Post Office Protocol Version 3).| | ||
| + | |:::|An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | ||
| |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. | |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. | ||
| |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " | |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " | ||
| Line 569: | Line 643: | ||
| |RPC Scans|RPC scans determine which RPC services are running on a machine.| | |RPC Scans|RPC scans determine which RPC services are running on a machine.| | ||
| |RSS|Really Simple Syndication.| | |RSS|Really Simple Syndication.| | ||
| - | |:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. | + | |:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. |
| |RTM|Requirements Traceability Matrix. | |RTM|Requirements Traceability Matrix. | ||
| - | |RTQ|Risk | + | |RTQ|Risk |
| |Rule Set Based Access Control|RSBAC.| | |Rule Set Based Access Control|RSBAC.| | ||
| |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.| | |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.| | ||
| Line 718: | Line 792: | ||
| |UAT|User Acceptance Testing.| | |UAT|User Acceptance Testing.| | ||
| |UDF|User Defined Field.| | |UDF|User Defined Field.| | ||
| - | |UDP|User Datagram Protocol)| | + | |UDP|User Datagram Protocol| |
| |:::|A communications protocol that, like TCP, runs on top of IP networks. | |:::|A communications protocol that, like TCP, runs on top of IP networks. | ||
| |UDP Scan|UDP scans perform scans to determine which UDP ports are open.| | |UDP Scan|UDP scans perform scans to determine which UDP ports are open.| | ||
| Line 765: | Line 839: | ||
| |Windowing|A windowing system is a system for sharing a computer' | |Windowing|A windowing system is a system for sharing a computer' | ||
| |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | ||
| - | |Wired Equivalent Privacy|WEP. | + | |Wired Equivalent Privacy|WEP.| |
| + | |:::|A security protocol for wireless local area networks defined in the standard IEEE 802.11b.| | ||
| |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | ||
| |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.| | |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.| | ||
| - | |World Wide Web Consortium|W3C. The W3C is an international organization that develops Web standards.| | + | |World Wide Web Consortium|W3C.| |
| - | |World Wide Web|WWW. | + | |:::|The W3C is an international organization that develops Web standards.| |
| + | |World Wide Web|WWW.| | ||
| + | |:::|Also known as "THE WEB" or W3.| | ||
| |Worm|A computer program that can run independently, | |Worm|A computer program that can run independently, | ||
| |WWW|World Wide Web.| | |WWW|World Wide Web.| | ||
glossary/start.1689605793.txt.gz · Last modified: 2023/07/17 14:56 by peter