glossary:start
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| glossary:start [2023/07/17 14:59] – peter | glossary:start [2023/07/17 15:57] (current) – peter | ||
|---|---|---|---|
| Line 16: | Line 16: | ||
| |ABC|Anti-Bribary and Corruption.| | |ABC|Anti-Bribary and Corruption.| | ||
| |ACA|Application Criticality Assessment.| | |ACA|Application Criticality Assessment.| | ||
| - | |ACKPIGGYBACKING | The practice of sending an ACK inside another packet going to the same destination.| | + | |ACKPIGGYBACKING|The practice of sending an ACK inside another packet going to the same destination.| |
| |ACL|Access Control List. A list of permissions attached to an object.| | |ACL|Access Control List. A list of permissions attached to an object.| | ||
| |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.| | |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.| | ||
| - | |Access Control List|ACL. A list of permissions attached to an object.| | + | |Access Control List|ACL.| |
| + | |:::|A list of permissions attached to an object.| | ||
| |Access Control Service|A security service that provides protection of system resources against unauthorized access. | |Access Control Service|A security service that provides protection of system resources against unauthorized access. | ||
| |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| | |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| | ||
| |Account Harvesting|The process of collecting all the legitimate account names on a system.| | |Account Harvesting|The process of collecting all the legitimate account names on a system.| | ||
| |Active Content|Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| | |Active Content|Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| | ||
| - | |Active Directory|AD. | + | |Active Directory|AD.| |
| + | |:::|A directory service implemented by Microsoft for Windows domain networks. | | ||
| |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| | |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| | ||
| |AD|Active Directory. | |AD|Active Directory. | ||
| |ADAL| Authoritive Data Access Layer.| | |ADAL| Authoritive Data Access Layer.| | ||
| - | |Address Resolution Protocol|ARP. | + | |Address Resolution Protocol|ARP.| |
| - | |ADS| Authoritive Data Source.| | + | |:::|A protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network. |
| + | |ADS|Authoritive Data Source.| | ||
| |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | ||
| - | |Advanced Encryption Standard|AES. | + | |Advanced Encryption Standard|AES.| |
| - | |AEOD | After End-of-Day.| | + | |:::|An encryption standard being developed by NIST. Intended to specify an unclassified, |
| + | |AEOD|After End-of-Day.| | ||
| |AES|Advanced Encryption Standard. | |AES|Advanced Encryption Standard. | ||
| - | |AIRB| Advanced Internal Rating Based Approach.| | + | |AIRB|Advanced Internal Rating Based Approach.| |
| - | |A&L| Assets and Liabilities | | + | |A& |
| - | |Algorithm| A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| | + | |Algorithm|A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| |
| |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.| | |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.| | ||
| |AMSC|Application Management Service Centre.| | |AMSC|Application Management Service Centre.| | ||
| Line 49: | Line 53: | ||
| |:::|A globally unique number assigned by a registrar for the purposes of Internet routing, | | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing, | | ||
| |Asymmetric Cryptography|Public-key cryptography. | |Asymmetric Cryptography|Public-key cryptography. | ||
| - | |Asymmetric Warfare | Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' | + | |Asymmetric Warfare|Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' |
| |Auditing|The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| | |Auditing|The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| | ||
| |Asymmetric Digital Subscriber Line|ADSL.| | |Asymmetric Digital Subscriber Line|ADSL.| | ||
| Line 61: | Line 65: | ||
| |Authorization|The approval, permission, or empowerment for someone or something to do something.| | |Authorization|The approval, permission, or empowerment for someone or something to do something.| | ||
| |Autonomous System|One network or series of networks that are all under one administrative control. | |Autonomous System|One network or series of networks that are all under one administrative control. | ||
| - | |Autonomous System Number|ASN. | + | |Autonomous System Number|ASN.| |
| + | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing.| | ||
| |Availability|The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| | |Availability|The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| | ||
| |Backdoor|A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| | |Backdoor|A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| | ||
| Line 67: | Line 72: | ||
| |Banner|A banner is the information that is displayed to a remote user trying to connect to a service. | |Banner|A banner is the information that is displayed to a remote user trying to connect to a service. | ||
| |BAP|Business and Personal.| | |BAP|Business and Personal.| | ||
| - | |Basic Authentication | Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| | + | |Basic Authentication|Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| |
| |Bastion Host|A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| | |Bastion Host|A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| | ||
| |BAU|Business as Usual.| | |BAU|Business as Usual.| | ||
| - | | BBS (Bulletin Board System) | A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, | + | |BBS|Bulletin Board System.| |
| - | | BCM (Business Continuity Management) | The management of a Business Continuity Plan (BCP).| | + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, |
| - | | BCP (Business Continuity Plan) | A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | + | |BCM|Business Continuity Management. The management of a Business Continuity Plan (BCP).| |
| - | | BDC | Business Delivery and Control.| | + | |BCP|Business Continuity Plan. A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| |
| - | | BEOD | Before End-of-Day.| | + | |BDC|Business Delivery and Control.| |
| - | | Berkeley Internet Name Domain | + | |BEOD|Before End-of-Day.| |
| - | | BIOS | Basic Input Output System. | + | |Berkeley Internet Name Domain|BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. |
| - | | BGP (Border Gateway Protocol) | An inter-autonomous system routing protocol. | + | |BIOS|Basic Input Output System. |
| - | | BIA (Business Impact Analysis) | A Business Impact Analysis determines what levels of impact to a system are tolerable.| | + | |BGP|Border Gateway Protocol. An inter-autonomous system routing protocol. |
| - | | BIND (Berkeley Internet Name Domain) | BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. | + | |BIA|Business Impact Analysis.| |
| - | | Biometrics | Biometrics use physical characteristics of the users to identify the user.| | + | |:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.| |
| - | | Bit | The smallest unit of information storage; a contraction of the term " | + | |BIND|Berkeley Internet Name Domain.| |
| - | | Block Cipher | A block cipher encrypts one block of data at a time.| | + | |:::|BIND is an implementation of DNS. DNS is used for domain name to IP address resolution. |
| - | | Blog | Blog is a direct means for an individual to share ideas, thoughts, opinions, and information concerning a particular topic with an audience, using the Web as the medium. | + | |Biometrics|Biometrics use physical characteristics of the users to identify the user.| |
| - | | BLoR | Business List of Records. | + | |Bit|The smallest unit of information storage; a contraction of the term " |
| - | | BOM | Business Only Membership.| | + | |Block Cipher|A block cipher encrypts one block of data at a time.| |
| - | | Border Gateway Protocol | + | |Blog|Blog is a direct means for an individual to share ideas, thoughts, opinions, and information concerning a particular topic with an audience, using the Web as the medium. |
| - | | Boot Record Infector | A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| | + | |BLoR|Business List of Records. |
| - | | Bot | Also called ‘Internet bots’; refers to computers that perform tasks without human input. | + | |BOM|Business Only Membership.| |
| - | | Botnet | A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.| | + | |Border Gateway Protocol|BGP.| |
| - | | B&R | Books and Records.| | + | |:::|An inter-autonomous system routing protocol. |
| - | | BRD | Business Requirements Document. | + | |Boot Record Infector|A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| |
| - | | Break Glass | Temporary limited access to a production environment. | + | |Bot|Also called ‘Internet bots’; refers to computers that perform tasks without human input. |
| - | | Bridge | A mechanism (software or hardware) which connect two communication segments. Bridges generally operate at OSI Layer 2 or 3, but may operate from the physical layer up to the application layer. | + | |Botnet|A botnet is a large number of compromised computers that are used to create and send spam or viruses or flood a network with messages as a denial of service attack.| |
| - | | BRM | Business Risk Managers.| | + | |B& |
| - | | Broadcast | To send the same message to an unknown number of destinations without addressing. Examples: ARP, Radio. See also multicast.| | + | |BRD|Business Requirements Document. |
| - | | Broadcast Address | An address used to broadcast a datagram to all hosts on a given network using UDP or ICMP protocol.| | + | |Break Glass|Temporary limited access to a production environment. |
| - | | Browser | A client computer program that can retrieve and display information from servers on the World Wide Web.| | + | |Bridge|A mechanism (software or hardware) which connect two communication segments. Bridges generally operate at OSI Layer 2 or 3, but may operate from the physical layer up to the application layer. |
| - | | Brute Force | A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, | + | |BRM|Business Risk Managers.| |
| - | | BSM | Balance Sheet Management.| | + | |Broadcast|To send the same message to an unknown number of destinations without addressing. Examples: ARP, Radio. See also multicast.| |
| - | | BSS 7799 | British Standard 7799. A standard code of practice and provides guidance on how to secure an information system. | + | |Broadcast Address|An address used to broadcast a datagram to all hosts on a given network using UDP or ICMP protocol.| |
| - | | BST | British Summer Time.| | + | |Browser|A client computer program that can retrieve and display information from servers on the World Wide Web.| |
| - | | Buffer Overflow | A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| | + | |Brute Force|A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, |
| - | | Bullet-proof hosting | Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. | + | |BSM|Balance Sheet Management.| |
| - | | Bulletin Board System | + | |BSS 7799|British Standard 7799.| |
| - | | Business Continuity Management | + | |:::|A standard code of practice and provides guidance on how to secure an information system. |
| - | | Business Continuity Plan (BCP) | A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | + | |BST|British Summer Time.| |
| - | | Business Impact Analysis | + | |Buffer Overflow|A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| |
| - | | Business Intelligence | Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; | + | |Bullet-proof hosting|Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. |
| - | | BYOD | Bring Your Own Device.| | + | |Bulletin Board System|BBS| |
| - | | Byte | A fundamental unit of computer storage; the smallest addressable unit in a computer' | + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, |
| - | | CA | Certificate Authority.| | + | |Business Continuity Management|BCM.| |
| - | | CAB | Change Advisory Board.| | + | |:::|The management of a Business Continuity Plan (BCP).| |
| - | | CAC (Call Admission Control) | The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| | + | |Business Continuity Plan|BCP.| |
| - | | Cache | Pronounced cash, a special high-speed storage mechanism. | + | |:::|A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| |
| - | | Cache Cramming | Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| | + | |Business Impact Analysis|BIA.| |
| - | | Cache Poisoning | Malicious or misleading data from a remote name server is saved [cached] by another name server. | + | |:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.| |
| - | | Call Admission Control | + | |Business Intelligence|Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; |
| - | | CAMS | Cash Management System.| | + | |BYOD|Bring Your Own Device.| |
| - | | Carding | Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. | + | |Byte|A fundamental unit of computer storage; the smallest addressable unit in a computer' |
| - | | Cash-out | The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| | + | |CA|Certificate Authority.| |
| - | | CCO | Chief Controls Office. | + | |CAB|Change Advisory Board.| |
| - | | CDC | Client Data Controls.| | + | |CAC|Call Admission Control.| |
| - | | CDI | Client Data Interface.| | + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| |
| - | | Cell | A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| | + | |Cache|Pronounced cash, a special high-speed storage mechanism. |
| - | | CERT (Computer Emergency Response Team) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |Cache Cramming|Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| |
| - | | Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| | + | |Cache Poisoning|Malicious or misleading data from a remote name server is saved [cached] by another name server. |
| - | | CFF | Common File Format.| | + | |Call Admission Control|CAC.| |
| - | | CGI (Common Gateway Interface) | This mechanism is used by HTTP servers (web servers) to pass parameters to executable scripts in order to generate responses dynamically.| | + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| |
| - | | Chain of Custody | Chain of Custody is the important application of the Federal rules of evidence and its handling.| | + | |CAMS|Cash Management System.| |
| - | | Challenge Handshake Authentication Protocol | + | |Carding|Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. |
| - | | CHAP (Challenge Handshake Authentication Protocol) | The Challenge-Handshake Authentication Protocol uses a challenge/ | + | |Cash-out|The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| |
| - | | Chatroom | The name for a discussion group or chat room.| | + | |CCO|Chief Controls Office.| |
| - | | Checksum | A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| | + | |:::|The Chief Controls Office centralizes and increases the focus on maintaining and enhancing an effective control framework.| |
| - | | CI | Configuration Item.| | + | |CDC|Client Data Controls.| |
| - | | CIP | Customer Identification Program.| | + | |CDI|Client Data Interface.| |
| - | | Cipher | A cryptographic algorithm for encryption and decryption.| | + | |Cell|A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| |
| - | | Ciphertext | Ciphertext is the encrypted form of the message being sent.| | + | |CERT|Computer Emergency Response Team. |
| - | | Circuit Switched Network | A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| | + | |Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| |
| - | | CIS | Customer Identification System.| | + | |CFF|Common File Format.| |
| - | | CIS | Customer Information System.| | + | |CGI|Common Gateway Interface. |
| - | | CIT | Component Integration Testing.| | + | |Chain of Custody|Chain of Custody is the important application of the Federal rules of evidence and its handling.| |
| - | | CL | Control Language.| | + | |Challenge Handshake Authentication Protocol|CHAP. |
| - | | Client | A system entity that requests and uses a service provided by another system entity, called a " | + | |CHAP|Challenge Handshake Authentication Protocol.| |
| - | | CMDB | Configuration Management Database.| | + | |:::|The Challenge-Handshake Authentication Protocol uses a challenge/ |
| - | | CMOD | Central Management On Demand.| | + | |Chatroom|The name for a discussion group or chat room.| |
| - | | CMR | Customer Master Record.| | + | |Checksum|A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| |
| - | | CMS | Change Management Standard.| | + | |CI|Configuration Item.| |
| - | | COA | Change of Address.| | + | |CIP|Customer Identification Program.| |
| - | | CoB | Close of Business.| | + | |Cipher|A cryptographic algorithm for encryption and decryption.| |
| - | | Cold Disaster Recovery Site | Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, | + | |Ciphertext|Ciphertext is the encrypted form of the message being sent.| |
| - | | Collision | A collision occurs when multiple systems transmit simultaneously on the same wire.| | + | |Circuit Switched Network|A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| |
| - | | Common Gateway Interface | + | |CIS|Customer Identification System.| |
| - | | Competitive Intelligence | Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| | + | |CIS|Customer Information System.| |
| - | | Competitor Intelligence | Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| | + | |CIT|Component Integration Testing.| |
| - | | Compromise | Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. | + | |CL|Control Language.| |
| - | | Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |Client|A system entity that requests and uses a service provided by another system entity, called a " |
| - | | Computer Network | A collection of host computers together with the sub-network or inter-network through which they can exchange data.| | + | |CMDB|Configuration Management Database.| |
| - | | CON | Change of Name.| | + | |CMOD|Central Management On Demand.| |
| - | | Confidentiality | Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| | + | |CMR|Customer Master Record.| |
| - | | Configuration Management | Establish a known baseline condition and manage it.| | + | |CMS|Change Management Standard.| |
| - | | COO | Chief Operating Office.| | + | |COA|Change of Address.| |
| - | | Cookie | Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. | + | |CoB|Close of Business.| |
| - | | Corruption | A threat action that undesirably alters system operation by adversely modifying system functions or data.| | + | |Cold Disaster Recovery Site|Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, |
| - | | Cost Benefit Analysis | A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| | + | |Collision|A collision occurs when multiple systems transmit simultaneously on the same wire.| |
| - | | Countermeasure | Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. | + | |Common Gateway Interface|CGI. |
| - | | Covert Channels | Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| | + | |Competitive Intelligence|Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| |
| - | | CP | Consultation Paper.| | + | |Competitor Intelligence|Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| |
| - | | CR | Change Record.| | + | |Compromise|Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. |
| - | | CR | Change Request.| | + | |Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| |
| - | | CRAID | Changes, Risks, Assumptions, | + | |Computer Network|A collection of host computers together with the sub-network or inter-network through which they can exchange data.| |
| - | | Crawler | A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| | + | |CON|Change of Name.| |
| - | | CRC (Cyclic Redundancy Check) | Sometimes called " | + | |Confidentiality|Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| |
| - | | Criminal Forum | A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| | + | |Configuration Management|Establish a known baseline condition and manage it.| |
| - | | CRON | Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| | + | |COO|Chief Operating Office.| |
| - | | Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| | + | |Cookie|Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. |
| - | | Cryptanalysis | The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| | + | |Corruption|A threat action that undesirably alters system operation by adversely modifying system functions or data.| |
| - | | Cryptographic Algorithm | Hash. An algorithm that employs the science of cryptography, | + | |Cost Benefit Analysis|A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| |
| - | | CSI | Continual Service Improvements.| | + | |Countermeasure|Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. |
| - | | CSP | Content Security Policy.| | + | |Covert Channels|Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| |
| - | | CTRP | Countries, Towns, Regions and Ports.| | + | |CP|Consultation Paper.| |
| - | | Cut-through | Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| | + | |CR|Change Record.| |
| - | | Cyberspace | Cyberspace is the notional environment in which communication over computer networks occurs. | + | |CR|Change Request.| |
| - | | Cyclic Redundancy Check (CRC) | Sometimes called " | + | |CRAID|Changes, |
| - | | Daemon | A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. | + | |Crawler|A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| |
| - | | Data Aggregation | Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| | + | |CRC|Cyclic Redundancy Check.| |
| - | | Data Custodian | A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| | + | |:::|Sometimes called " |
| - | | Data Encryption Standard | + | |Criminal Forum|A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| |
| - | | Data Encryption Standard (DES) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |CRON|Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| |
| - | | Data Mining | Data Mining is a technique used to analyze existing information, | + | |Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| |
| - | | Data Owner | A Data Owner is the entity having responsibility and authority for the data.| | + | |Cryptanalysis|The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| |
| - | | Data Warehouse | A central repository for all or significant parts of the data that an enterprise’s various business systems collect. | + | |Cryptographic Algorithm|Hash. |
| - | | Data Warehousing | Data Warehousing is the consolidation of several previously independent databases into one location.| | + | |CSI|Continual Service Improvements.| |
| - | | Datagram | Request for Comment 1594 says, "a self-contained, | + | |CSP|Content Security Policy.| |
| - | | Day Zero | The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. | + | |CTRP|Countries, |
| - | + | |Cut-through|Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| | |
| - | | DB | Database.| | + | |Cyberspace|Cyberspace is the notional environment in which communication over computer networks occurs. |
| - | | DBC | Detailed Business Case.| | + | |Cyclic Redundancy Check|CRC. |
| - | | DCF | Data Control Framework.| | + | |Daemon|A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. |
| - | | DCO | Device Configuration Overlay. | + | |Data Aggregation|Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| |
| - | | DCP | Demand Change Process.| | + | |Data Custodian|A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| |
| - | | Ddos (Distributed Denial of Service) | Distributed Denial of Service (DdoS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. | + | |Data Encryption Standard|DES. A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | Decapsulation | Decapsulation is the process of stripping off one layer' | + | |Data Mining|Data Mining is a technique used to analyze existing information, |
| - | | Decryption | Decryption is the process of transforming an encrypted message into its original plain-text.| | + | |Data Owner|A Data Owner is the entity having responsibility and authority for the data.| |
| - | | Deep Web | Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |Data Warehouse|A central repository for all or significant parts of the data that an enterprise’s various business systems collect. |
| - | | Defacement | Defacement is the method of modifying the content of a website in such a way that it becomes " | + | |Data Warehousing|Data Warehousing is the consolidation of several previously independent databases into one location.| |
| - | | Defense In-Depth | Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| | + | |Datagram|Request for Comment 1594 says, "a self-contained, |
| - | | Demilitarized Zone (DMZ) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |Day Zero|The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. |
| - | | Denial of Service | The prevention of authorized access to a system resource or the delaying of system operations and functions.| | + | |DB|Database.| |
| - | | DES (Data Encryption Standard) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |DBC|Detailed Business Case.| |
| - | | D&I | Diversity and Inclusion.| | + | |DCF|Data Control Framework.| |
| - | | Dictionary Attack | An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| | + | |DCO|Device Configuration Overlay.| |
| - | | Diffie-Hellman | A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. | + | |:::|A hidden part of a hard drive that is used by personal computer manufacturers to specify the configuration of a hard drive (regardless of its actual size) to present the same number of sectors to the BIOS and operating system.| |
| - | | Digest Authentication | Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| | + | |DCP|Demand Change Process.| |
| - | | Digital Certificate | A digital certificate is an electronic " | + | |DDOS|Distributed Denial of Service.| |
| - | | Digital Envelope | A digital envelope is an encrypted message with the encrypted session key.| | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | Digital Signature | A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | | + | |Decapsulation | Decapsulation is the process of stripping off one layer' |
| - | | Digital Signature Algorithm | + | |Decryption|Decryption is the process of transforming an encrypted message into its original plain-text.| |
| - | | Digital Signature Standard | + | |Deep Web|Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | Disassembly | The process of taking a binary program and deriving the source code from it.| | + | |Defacement|Defacement is the method of modifying the content of a website in such a way that it becomes " |
| - | | Disaster Recovery Plan (DRP) | A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| | + | |Defense In-Depth|Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| |
| - | | Discretionary Access Control | + | |Demilitarized Zone|DMZ.| |
| - | | Dispensation | Temporary exclusion from Policy or Scope.| | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | Disruption | A circumstance or event that interrupts or prevents the correct operation of system services and functions.| | + | |Denial of Service|The prevention of authorized access to a system resource or the delaying of system operations and functions.| |
| - | | Distance Vector | Distance vectors measure the cost of routes to determine the best route to all known networks.| | + | |DES|Data Encryption Standard).| |
| - | | Distributed Denial of Service | + | |:::|A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | Distributed Scans | Distributed Scans are scans that use multiple source addresses to gather information.| | + | |D& |
| - | | DLL (Dynamic Link Library) | A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. | + | |Dictionary Attack|An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| |
| - | | DLP | Data Loss Prevention.| | + | |Diffie-Hellman|A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. |
| - | | DMS | Document Management System.| | + | |Digest Authentication|Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| |
| - | | DM&W | Document Management and Workflow.| | + | |Digital Certificate|A digital certificate is an electronic " |
| - | | DMZ (Demilitarized Zone) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |Digital Envelope|A digital envelope is an encrypted message with the encrypted session key.| |
| - | | DNS (Domain Name System) | The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " | + | |Digital Signature|A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | |
| - | | Domain | A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. | + | |Digital Signature Algorithm|DSA.| |
| - | | Domain Hijacking | Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | Domain Name | A domain name locates an organization or other entity on the Internet. | + | |Digital Signature Standard|DSS.| |
| - | | Domain Name System | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | Download | To download is to retrieve Information from the Internet.| | + | |Disassembly|The process of taking a binary program and deriving the source code from it.| |
| - | | DP | Discussion Paper.| | + | |Disaster Recovery Plan|DRP.| |
| - | | DPIA | Data Protection Input Assessment.| | + | |:::|A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| |
| - | | DR | Disaster Recovery. | + | |Discretionary Access Control|DAC.| |
| - | | Drop Site | Malware that steals data will upload the information to a Drop Site for later retrieval.| | + | |:::|Discretionary Access Control consists of something the user can manage, such as a document password.| |
| - | | DSA (Digital Signature Algorithm) | An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. | + | |Dispensation|Temporary exclusion from Policy or Scope.| |
| - | | DSS (Digital Signature Standard | The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| | + | |Disruption|A circumstance or event that interrupts or prevents the correct operation of system services and functions.| |
| - | | DTU | Data Transfer Utility.| | + | |Distance Vector|Distance vectors measure the cost of routes to determine the best route to all known networks.| |
| - | | Due Care | Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| | + | |Distributed Denial of Service|DDOS.| |
| - | | Due Diligence | Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | Dump | Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| | + | |Distributed Scans|Distributed Scans are scans that use multiple source addresses to gather information.| |
| - | | DumpSec | DumpSec is a security tool that dumps a variety of information about a system' | + | |DLL|Dynamic Link Library.| |
| - | | Dumpster Diving | Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | DWB | Dispensation, | + | |DLP|Data Loss Prevention.| |
| - | | DX | Developer Experience.| | + | |DMS|Document Management System.| |
| - | | Dynamic Link Library | + | |DM& |
| - | | Dynamic Routing Protocol | Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. | + | |DMZ|Demilitarized Zone.| |
| - | | E2E | End-to-End. | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | EAD | Exposure at Default.| | + | |DNS|Domain Name System.| |
| - | | EAP (Extensible Authentication Protocol) | A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | Eavesdropping | Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| | + | |Domain|A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. |
| - | | e-Commerce | + | |Domain Hijacking|Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' |
| - | | Echo Reply | An echo reply is the response a machine that has received an echo request sends over ICMP.| | + | |Domain Name|A domain name locates an organization or other entity on the Internet. |
| - | | Echo Request | An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| | + | |Domain Name System|DNS.| |
| - | | EDS | European Data Store.| | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | EFT (Electronic Funds Transfer) | + | |Download|To download is to retrieve Information from the Internet.| |
| - | | Egress Filtering | Filtering outbound traffic.| | + | |DP|Discussion Paper.| |
| - | | EGP (Exterior Gateway Protocol) | A protocol which distributes routing information to the routers which connect autonomous systems.| | + | |DPIA|Data Protection Input Assessment.| |
| - | | EGW | Engagement Gateway.| | + | |DR|Disaster Recovery. |
| - | | EIN | Employee Identification Number. | + | |Drop Site|Malware that steals data will upload the information to a Drop Site for later retrieval.| |
| - | | Electronic Commerce | + | |DSA|Digital Signature Algorithm.| |
| - | | Electronic Funds Transfer | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | Emanations Analysis | Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| | + | |DSS|Digital Signature Standard.| |
| - | | Encapsulation | The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | Encryption | Cryptographic transformation of data (called " | + | |DTU|Data Transfer Utility.| |
| - | | EOD | End-of-Day.| | + | |Due Care|Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| |
| - | | Ephemeral Port | Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. | + | |Due Diligence|Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| |
| - | | Escrow Passwords | Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| | + | |Dump|Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| |
| - | | Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |DumpSec|DumpSec is a security tool that dumps a variety of information about a system' |
| - | | Ethernet | The most widely-installed LAN technology. | + | |Dumpster Diving|Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| |
| - | | ETL | Extract, Transform, Load.| | + | |DWB|Dispensation, |
| - | | EUDA | End User Developed Application.| | + | |DX|Developer Experience.| |
| - | | Event | An event is an observable occurrence in a system or network.| | + | |Dynamic Link Library|DLL.| |
| - | | EXCO | Executive Committee, Executive Council.| | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | Exploit | A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| | + | |Dynamic Routing Protocol|Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. |
| - | | Exponential Backoff Algorithm | An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| | + | |E2E|End-to-End. |
| - | | Exposure | A threat action whereby sensitive data is directly released to an unauthorized entity.| | + | |EAD|Exposure at Default.| |
| - | | Extended ACLS | Cisco. | + | |EAP|Extensible Authentication Protocol.| |
| - | | Extensible Authentication Protocol | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | Exterior Gateway Protocol | + | |Eavesdropping|Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| |
| - | | Extranet | Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, | + | |e-Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | False Rejects | False Rejects are when an authentication system fails to recognize a valid user.| | + | |Echo Reply| An echo reply is the response a machine that has received an echo request sends over ICMP.| |
| - | | Fast File System | The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| | + | |Echo Request|An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| |
| - | | Fast Flux | Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| | + | |EDS|European Data Store.| |
| - | | FAT | Functional Acceptance Testing. | + | |EFT|Electronic Funds Transfer is the transfer of cash or credit from one account to another using computers and telecommunications.| |
| - | | Fault Line Attacks | Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| | + | |Egress Filtering | Filtering outbound traffic.| |
| - | | FCT | Functional Confidence Testing. | + | |EGP|Exterior Gateway Protocol). |
| - | | File Transfer Protocol | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | Filter | + | |EGW|Engagement Gateway.| |
| - | | Filtering Router | An inter-network router that selectively prevents the passage of data packets according to a security policy. | + | |EIN|Employee Identification Number.| |
| - | | Finger | A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. | + | |Electronic Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | Fingerprinting | Sending strange packets to a system in order to gauge how it responds to determine the operating system.| | + | |Electronic Funds Transfer|Electronic Funds Transfer |
| - | | Firewall | A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| | + | |Emanations Analysis|Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| |
| - | | Flooding | An attack that attempts to cause a failure in (especially, | + | |Encapsulation|The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| |
| - | | Forest | A forest is a set of Active Directory domains that replicate their databases with each other.| | + | |Encryption|Cryptographic transformation of data (called " |
| - | | Fork Bomb | A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. | + | |EOD|End-of-Day.| |
| - | | Form-based Authentication | Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| | + | |Ephemeral Port|Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. |
| - | | Forward Lookup | Forward lookup uses an Internet domain name to find an IP address.| | + | |Escrow Passwords|Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| |
| - | | Forward Proxy | Forward Proxies are designed to be the server through which all requests are made.| | + | |Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | FQDN | Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| | + | |Ethernet|The most widely-installed LAN technology. |
| - | | Fragment Offset | The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| | + | |ETL|Extract, |
| - | | Fragment Overlap Attack | A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. | + | |EUDA|End User Developed Application.| |
| - | | Fragmentation | The process of storing a data file in several " | + | |Event|An event is an observable occurrence in a system or network.| |
| - | | Frames | Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. | + | |EXCO|Executive Committee, Executive Council.| |
| - | | FTP (File Transfer Protocol) | A TCP/IP protocol specifying the transfer of text or binary files across the network.| | + | |Exploit|A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| |
| - | | Full Duplex | A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. | + | |Exponential Backoff Algorithm|An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| |
| - | | Fully-Qualified Domain Name | A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| | + | |Exposure|A threat action whereby sensitive data is directly released to an unauthorized entity.| |
| - | | Fuzzing | The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " | + | |Extended ACLS|Cisco. |
| - | | Gateway | A network point that acts as an entrance to another network.| | + | |Extensible Authentication Protocol|EAP.| |
| - | | GETHOSTBYADDR | The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | GETHOSTBYNAME | The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| | + | |Exterior Gateway Protocol|EGP.| |
| - | | GIS | Global Information Security.| | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | GNU | GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. | + | |Extranet|Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, |
| - | | GNUTELLA | An Internet file sharing utility. | + | |False Rejects|False Rejects are when an authentication system fails to recognize a valid user.| |
| - | | GTIS | Global Technology Infrastructure Group.| | + | |Fast File System|The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| |
| - | | GW | Gateway.| | + | |Fast Flux|Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| |
| - | | Hactivist | An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, | + | |FAT|Functional Acceptance Testing.| |
| - | | HAM | Hardware Asset Management.| | + | |:::|See FCT.| |
| - | | Hardening | Hardening is the process of identifying and fixing vulnerabilities on a system.| | + | |Fault Line Attacks|Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| |
| - | | Hash Function | An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| | + | |FCT|Functional Confidence Testing.| |
| - | | Hash Functions | (cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. | + | |:::|Functional testing covers Unit Testing, Smoke Testing, Sanity Testing, Intergration Testing (Top Down, Bottom Up), Interface and Useability Testing, System Testing, Regression Testing, Per User Acceptance Testing (Alpha and Beta), User Acceptance Testing, White Box and Black Box Testing, Globalization and Location Testing.| |
| - | | Header | A header is the extra information in a packet that is needed for the protocol stack to process the packet.| | + | |File Transfer Protocol|FTP. |
| - | | Hijack Attack | A form of active wiretapping in which the attacker seizes control of a previously established communication association.| | + | |Filter A filter is used to specify which packets will or will not be used. It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.| |
| - | | Honey Client | See Honeymonkey.| | + | |Filtering Router|An inter-network router that selectively prevents the passage of data packets according to a security policy. |
| - | | Honey Pot | Programs that simulate one or more network services that you designate on your computer' | + | |Finger|A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. |
| - | | Honeymonkey | Automated system simulating a user browsing websites. | + | |Fingerprinting|Sending strange packets to a system in order to gauge how it responds to determine the operating system.| |
| - | | Hops | A hop is each exchange with a gateway a packet takes on its way to the destination.| | + | |Firewall|A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| |
| - | | Host | Any computer that has full two-way access to other computers on the Internet. | + | |Flooding|An attack that attempts to cause a failure in (especially, |
| - | | Host-based ID | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |Forest|A forest is a set of Active Directory domains that replicate their databases with each other.| |
| - | | Host-Based Intrusion Detection | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |Fork Bomb|A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. |
| - | | Hot Disaster Recovery Site | It contains fully redundant hardware and software, with telecommunications, | + | |Form-based Authentication|Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| |
| - | | Hot Fix | A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. | + | |Forward Lookup|Forward lookup uses an Internet domain name to find an IP address.| |
| - | | HPA | Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| | + | |Forward Proxy|Forward Proxies are designed to be the server through which all requests are made.| |
| - | | HTML (Hypertext Markup Language) | The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.| | + | |FQDN|Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| |
| - | | HTTP (Hypertext Transfer Protocol) | The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.| | + | |Fragment Offset|The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| |
| - | | HTTP Proxy | An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| | + | |Fragment Overlap Attack|A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. |
| - | | HTTPS | When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | | + | |Fragmentation|The process of storing a data file in several " |
| - | | HUB | A hub is a network device that operates by repeating data that it receives on one port to all the other ports. | + | |Frames|Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. |
| - | | Humint | + | |FTP|File Transfer Protocol).| |
| - | | Hybrid Attack | A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| | + | |:::|A TCP/IP protocol specifying the transfer of text or binary files across the network.| |
| - | | Hybrid Encryption | An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| | + | |Full Duplex|A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. |
| - | | Hyperlink | In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| | + | |Fully-Qualified Domain Name|A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| |
| - | | Hypertext Markup Language | + | |Fuzzing|The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " |
| - | | Hypertext Transfer Protocol | + | |Gateway|A network point that acts as an entrance to another network.| |
| - | | ICMP (Internet Control Message Protocol) | An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| | + | |GETHOSTBYADDR|The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| |
| - | | Identity | Identity is whom someone or what something is, for example, the name by which something is known.| | + | |GETHOSTBYNAME|The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| |
| - | | IETF (Internet Engineering Task Force) | The body that defines standard Internet operating protocols such as TCP/ | + | |GIS|Global Information Security.| |
| - | | IMAP (Internet Message Access Protocol) | A protocol that defines how a client should fetch mail from and return mail to a mail server. | + | |GNU|GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. |
| - | | Incident | An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| | + | |GNUTELLA|An Internet file sharing utility. |
| - | | Incident Handling | Incident Handling is an action plan for dealing with intrusions, cyber-theft, | + | |GTIS|Global Technology Infrastructure Group.| |
| - | | Incremental Backups | Incremental backups only backup the files that have been modified since the last backup. | + | |GW|Gateway.| |
| - | | Industrial Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |Hactivist|An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, |
| - | | INETD | Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| | + | |HAM|Hardware Asset Management.| |
| - | | Inference Attack | Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| | + | |Hardening|Hardening is the process of identifying and fixing vulnerabilities on a system.| |
| - | | Information Warfare | Information Warfare is the competition between offensive and defensive players over information resources.| | + | |Hash Function|An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| |
| - | | Ingress Filtering | Ingress Filtering is filtering inbound traffic.| | + | |Hash Functions|(cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. |
| - | | Input Validations Attack | Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| | + | |Header|A header is the extra information in a packet that is needed for the protocol stack to process the packet.| |
| - | | Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, | + | |Hijack Attack|A form of active wiretapping in which the attacker seizes control of a previously established communication association.| |
| - | | Integrity Star Property | In Integrity Star Property a user cannot read data of a lower integrity level then their own.| | + | |Honey Client|See Honeymonkey.| |
| - | | Intellectual Property | Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. | + | |Honey Pot|Programs that simulate one or more network services that you designate on your computer' |
| - | | Intelligence | Intelligence is high-level, processed, exploitable Information.| | + | |Honeymonkey|Automated system simulating a user browsing websites. |
| - | | International Organization for Standardization (ISO) | A voluntary, non-treaty, non-government organization, | + | |Hops|A hop is each exchange with a gateway a packet takes on its way to the destination.| |
| - | | International Telecommunications Union (ITU-T) | Telecommunication Standardization Sector (formerly " | + | |Host|Any computer that has full two-way access to other computers on the Internet. |
| - | | Internet | A term to describe connecting multiple separate networks together.| | + | |Host-based ID|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Internet Control Message Protocol | + | |Host-Based Intrusion Detection|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Internet Engineering Task Force (IETF) | The body that defines standard Internet operating protocols such as TCP/ | + | |Hot Disaster Recovery Site|It contains fully redundant hardware and software, with telecommunications, |
| - | | Internet Message Access Protocol | + | |Hot Fix|A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. |
| - | | Internet Protocol | + | |HPA|Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| |
| - | | Internet Protocol Security | + | |HTML|Hypertext Markup Language. |
| - | | Internet Relay Chat (IRC) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |HTTP|Hypertext Transfer Protocol. |
| - | | Internet Service Provider | + | |HTTP Proxy|An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| |
| - | | Internet Standard | A specification, | + | |HTTPS|When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | |
| - | | Interrupt | An Interrupt is a signal that informs the OS that something has occurred.| | + | |HUB|A hub is a network device that operates by repeating data that it receives on one port to all the other ports. |
| - | | Intranet | A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| | + | |Humint|Humint is an abbreviation for Human Intelligence; |
| - | | Intrusion Detection | A security management system for computers and networks. | + | |Hybrid Attack|A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| |
| - | | Invisible Web | Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |Hybrid Encryption|An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| |
| - | | IP (Internet Protocol) | The method or protocol by which data is sent from one computer to another on the Internet.| | + | |Hyperlink|In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| |
| - | | IP Address | A computer' | + | |Hypertext Markup Language|HTML. |
| - | | IP Flood | A denial of service attack that sends a host more echo request (" | + | |Hypertext Transfer Protocol|HTTP. |
| - | | IP Forwarding | IP forwarding is an Operating System option that allows a host to act as a router. | + | |ICMP|Internet Control Message Protocol.| |
| - | | IPSEC (Internet Protocol Security) | A developing standard for security at the network or packet processing layer of network communication.| | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | IP Spoofing | The technique of supplying a false IP address.| | + | |Identity | Identity is whom someone or what something is, for example, the name by which something is known.| |
| - | | IRC (Internet Relay Chat) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |IETF|Internet Engineering Task Force.| |
| - | | IRM | Information Risk Management.| | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | ISO (International Organization for Standardization) | A voluntary, non-treaty, non-government organization, | + | |IMAP|Internet Message Access Protocol.| |
| - | | ISP (Internet Service Provider) | An Internet Service Provider (ISP) is a company selling access to the Internet.| | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, | + | |Incident|An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| |
| - | | ITU-T (International Telecommunications Union) | Telecommunication Standardization Sector (formerly " | + | |Incident Handling|Incident Handling is an action plan for dealing with intrusions, cyber-theft, |
| - | | Jitter | Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| | + | |Incremental Backups|Incremental backups only backup the files that have been modified since the last backup. |
| - | | Jump Bag | A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| | + | |Industrial Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | Kerberos | A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, | + | |INETD|Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| |
| - | | Kernel | The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. | + | |Inference Attack|Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| |
| - | | KYC | Know Your Customer.| | + | |Information Warfare|Information Warfare is the competition between offensive and defensive players over information resources.| |
| - | | L2F (Layer 2 Forwarding Protocol) | An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| | + | |Ingress Filtering|Ingress Filtering is filtering inbound traffic.| |
| - | | L2FP (Layer 2 Tunnelling | + | |Input Validations Attack|Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| |
| - | | Lattice Techniques | Lattice Techniques use security designations to determine access to information.| | + | |Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, |
| - | | Layer 2 Forwarding Protocol | + | |Integrity Star Property|In Integrity Star Property a user cannot read data of a lower integrity level then their own.| |
| - | | Layer 2 Tunnelling | + | |Intellectual Property|Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. |
| - | | Least Privilege | Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| | + | |Intelligence|Intelligence is high-level, processed, exploitable Information.| |
| - | | Legion | Software to detect unprotected shares.| | + | |International Organization for Standardization (ISO)|A voluntary, non-treaty, non-government organization, |
| - | | Lightweight Directory Access Protocol | + | |International Telecommunications Union|ITU-T.| |
| - | | Link State | With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| | + | |Internet|A term to describe connecting multiple separate networks together.| |
| - | | LKM (Loadable Kernel Modules) | Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| | + | |Internet Control Message Protocol|ICMP.| |
| - | | Loadable Kernel Modules | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | Log Clipping | Log clipping is the selective removal of log entries from a system log to hide a compromise.| | + | |Internet Engineering Task Force|IETF.| |
| - | | Logic Bombs | Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | Logic Gate | A logic gate is an elementary building block of a digital circuit. | + | |Internet Message Access Protocol|IMAP.| |
| - | | Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | LTR | Large Transaction Report.| | + | |Internet Protocol|IP.| |
| - | | MAC (Mandatory Access Control) | Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | MAC Address | A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| | + | |Internet Protocol Security|IPSEC.| |
| - | | Malicious Code | Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | Malware | A generic term for a number of different types of malicious code.| | + | |Internet Relay Chat|IRC.| |
| - | | Mandatory Access Control | + | |:::|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | Man in the Middle | + | |Internet Service Provider|ISP.| |
| - | | Masquerade Attack | A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | MD5 | A one way cryptographic hash function. | + | |Internet Standard|A specification, |
| - | | Measures of Effectiveness | + | |Interrupt|An Interrupt is a signal that informs the OS that something has occurred.| |
| - | | MFT | Managed File Transfer.| | + | |Intranet|A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| |
| - | | MI | Management Information.| | + | |Intrusion Detection|A security management system for computers and networks. |
| - | | MITM (Man in the Middle) Attack | + | |Invisible Web|Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | MOE (Measures of Effectiveness) | Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| | + | |IP|Internet Protocol).| |
| - | | Monoculture | Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | Morris Worm | A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| | + | |IP Address|A computer' |
| - | | MoSCoW | Must, Should, Could, Would.| | + | |IP Flood|A denial of service attack that sends a host more echo request (" |
| - | | Mule | Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. | + | |IP Forwarding|IP forwarding is an Operating System option that allows a host to act as a router. |
| - | | Multi-Cast | Broadcasting from one host to a given set of hosts.| | + | |IPSEC|Internet Protocol Security).| |
| - | | Multi-Homed | You are " | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | Multiplexing | To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| | + | |IP Spoofing|The technique of supplying a false IP address.| |
| - | | NAT (Network Address Translation) | It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. | + | |IRC|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | National Institute of Standards and Technology | + | |IRM|Information Risk Management.| |
| - | | Natural Disaster | Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| | + | |ISO|International Organization for Standardization).| |
| - | | Netmask | 32-bit number indicating the range of IP addresses residing on a single IP network/ | + | |:::|A voluntary, non-treaty, non-government organization, |
| - | | Network Address Translation | + | |ISP|Internet Service Provider).| |
| - | | Network-based IDS | A network-based IDS system monitors the traffic on its network segment as a data source. | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | Network Mapping | To compile an electronic inventory of the systems and the services on your network.| | + | |Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, |
| - | | Network Taps | Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| | + | |ITU-T|International Telecommunications Union).| |
| - | | Newsgroup | Newsgroup is the name for a discussion group or chat room.| | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | Nginx | Nginx Web Server. | + | |Jitter|Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| |
| - | | Node | Node is any single device connected to a Network.| | + | |Jump Bag|A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| |
| - | | Non FCT | Non Functional Testing. | + | |Kerberos|A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, |
| - | | Non-printable character | A character that doesn' | + | |Kernel|The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. |
| - | | Non-repudiation | Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| | + | |KYC|Know Your Customer.| |
| - | | Null Session | Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| | + | |L2F|Layer 2 Forwarding Protocol).| |
| - | | OAT | Operational Acceptance Testing. | + | |:::|An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| |
| - | | Octet | A sequence of eight bits. An octet is an eight-bit byte.| | + | |L2FP|Layer 2 Tunneling |
| - | | One-way Encryption | Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| | + | |:::|An extension of the Point-to-Point |
| - | | One-way Function | A (mathematical) function, f, which is easy to compute the output based on a given input. | + | |Lattice Techniques|Lattice Techniques use security designations to determine access to information.| |
| - | | Open Shortest Path First (OSPF) | + | |Layer 2 Forwarding Protocol|L2F. |
| - | | Open Source Information | Open source information is unclassified published information. | + | |Layer 2 Tunneling |
| - | | Open Systems Interconnection | + | |Least Privilege|Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| |
| - | | OR | Operational Risk.| | + | |Legion|Software to detect unprotected shares.| |
| - | | ORF | Operational Risk Framework.| | + | |Lightweight Directory Access Protocol|LDAP. |
| - | | ORIA | Operational Risk Impact Assessment. | + | |Link State|With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| |
| - | | OSI (Open Systems Interconnection) | OSI is a standard description or " | + | |List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| |
| - | | OSI Layers | The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. | + | |LKM|Loadable Kernel Modules.| |
| - | | OSPF (Open Shortest Path First) | + | |:::|Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| |
| - | | Overload | Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| | + | |Loadable Kernel Modules|LKM. |
| - | | Packet | A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| | + | |Log Clipping|Log clipping is the selective removal of log entries from a system log to hide a compromise.| |
| - | | Packet Switched Network | A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| | + | |Logic Bombs|Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. |
| - | | PAN | Primary Account Number.| | + | |Logic Gate|A logic gate is an elementary building block of a digital circuit. |
| - | | Partitions | Major divisions of the total physical hard disk space.| | + | |Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| |
| - | | Password Authentication Protocol | + | |LTR|Large Transaction Report.| |
| - | | Password Cracking | Password cracking is the process of attempting to guess passwords, given the password file information.| | + | |MAC|Mandatory Access Control).| |
| - | | Password Sniffing | Passive wiretapping, | + | |:::|Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. |
| - | | PATS | Per Application Test Strategy.| | + | |MAC Address|A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| |
| - | | Patch | A patch is a small update released by a software manufacturer to fix bugs in existing programs.| | + | |Malicious Code|Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| |
| - | | Patching | Patching is the process of updating software to a different version.| | + | |Malware|A generic term for a number of different types of malicious code.| |
| - | | Payload | Payload is the actual application data a packet contains.| | + | |Mandatory Access Control|MAC. |
| - | | Penetration | Gaining unauthorized logical access to sensitive data by circumventing a system' | + | |Man in the Middle Attack|MITM.| |
| - | | Penetration Testing | Penetration testing is used to test the external perimeter security of a network or facility.| | + | |:::|In cryptography, |
| - | | PERL (Practical Extraction and Reporting Language) | A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | + | |Masquerade Attack|A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| |
| - | | Permutation | Permutation keeps the same letters but changes the position within a text to scramble the message.| | + | |MD5|A one way cryptographic hash function. |
| - | | Personal Firewalls | Personal firewalls are those firewalls that are installed and run on individual PCs.| | + | |Measures of Effectiveness|MOE.| |
| - | | PFS (Public Key Forward Secrecy) | For a key agreement protocol based on asymmetric cryptography, | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | Pharming | This is a more sophisticated form of MITM attack. | + | |MFT|Managed File Transfer.| |
| - | | Phishing | The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. | + | |MI|Management Information.| |
| - | | PII | Personal Identifiable Information.| | + | |MITM Attack|Man in the Middle.| |
| - | | Ping of Death | An attack that sends an improperly large ICMP echo request packet (a " | + | |:::|In cryptography, |
| - | | Ping Scan | A ping scan looks for machines that are responding to ICMP Echo Requests.| | + | |MOE|Measures of Effectiveness).| |
| - | | Ping Sweep | An attack that sends ICMP echo requests (" | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | PIR | Post Incident Review.| | + | |Monoculture|Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| |
| - | | PGP (Pretty Good Privacy) | Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| | + | |Morris Worm|A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| |
| - | | PKI (Public Key Infrastructure) | + | |MoSCoW | Must, Should, Could, Would.| |
| - | | Plaintext | Ordinary readable text before being encrypted into ciphertext or after being decrypted.| | + | |Mule|Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. |
| - | | PMI | Potential Major Incident.| | + | |Multi-Cast|Broadcasting from one host to a given set of hosts.| |
| - | | PoC (Proof of Concept) | A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, | + | |Multi-Homed|You are " |
| - | | POC | Point of Contact.| | + | |Multiplexing|To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| |
| - | | Point-to-Point | + | |NAT|Network Address Translation).| |
| - | | Point-to-Point | + | |:::|It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. |
| - | | Poison Reverse | Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| | + | |National Institute of Standards and Technology|NIST. |
| - | | Polyinstantiation | Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| | + | |Natural Disaster|Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| |
| - | | Polymorphism | Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| | + | |Netmask|32-bit number indicating the range of IP addresses residing on a single IP network/ |
| - | | POP3 (Post Office Protocol Version 3) | An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | + | |Network Address Translation|NAT. |
| + | |Network-based IDS|A network-based IDS system monitors the traffic on its network segment as a data source. | ||
| + | |Network Mapping|To compile an electronic inventory of the systems and the services on your network.| | ||
| + | |Network Taps|Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| | ||
| + | |Newsgroup|Newsgroup is the name for a discussion group or chat room.| | ||
| + | |Nginx|Nginx Web Server. | ||
| + | |Node|Node is any single device connected to a Network.| | ||
| + | |Non FCT|Non Functional Testing. | ||
| + | |Non-printable character|A character that doesn' | ||
| + | |Non-repudiation|Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| | ||
| + | |Null Session|Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| | ||
| + | |OAT|Operational Acceptance Testing. | ||
| + | |Octet|A sequence of eight bits. An octet is an eight-bit byte.| | ||
| + | |One-way Encryption|Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| | ||
| + | |One-way Function |A (mathematical) function, f, which is easy to compute the output based on a given input. | ||
| + | |Open Shortest Path First|(OSPF) Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| | ||
| + | |Open Source Information |Open source information is unclassified published information. | ||
| + | |Open Systems Interconnection|OSI is a standard description or " | ||
| + | |OR|Operational Risk.| | ||
| + | |ORF|Operational Risk Framework.| | ||
| + | |ORIA|Operational Risk Impact Assessment. | ||
| + | |OSI|Open Systems Interconnection.| | ||
| + | |:::|OSI is a standard description or " | ||
| + | |OSI Layers|The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. | ||
| + | |OSPF| Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| | ||
| + | |Overload|Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| | ||
| + | |Packet|A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| | ||
| + | |Packet Switched Network|A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| | ||
| + | |PAN|Primary Account Number.| | ||
| + | |Partitions|Major divisions of the total physical hard disk space.| | ||
| + | |Password Authentication Protocol|PAP. | ||
| + | |Password Cracking|Password cracking is the process of attempting to guess passwords, given the password file information.| | ||
| + | |Password Sniffing|Passive wiretapping, | ||
| + | |PATS|Per Application Test Strategy.| | ||
| + | |Patch|A patch is a small update released by a software manufacturer to fix bugs in existing programs.| | ||
| + | |Patching|Patching is the process of updating software to a different version.| | ||
| + | |Payload|Payload is the actual application data a packet contains.| | ||
| + | |Penetration|Gaining unauthorized logical access to sensitive data by circumventing a system' | ||
| + | |Penetration Testing|Penetration testing is used to test the external perimeter security of a network or facility.| | ||
| + | |PERL|Practical Extraction and Reporting Language).| | ||
| + | |:::|A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | ||
| + | |Permutation|Permutation keeps the same letters but changes the position within a text to scramble the message.| | ||
| + | |Personal Firewalls|Personal firewalls are those firewalls that are installed and run on individual PCs.| | ||
| + | |PFS|Public Key Forward Secrecy.| | ||
| + | |:::|For a key agreement protocol based on asymmetric cryptography, | ||
| + | |Pharming|This is a more sophisticated form of MITM attack. | ||
| + | |Phishing|The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. | ||
| + | |PII|Personal Identifiable Information.| | ||
| + | |Ping of Death|An attack that sends an improperly large ICMP echo request packet (a " | ||
| + | |Ping Scan|A ping scan looks for machines that are responding to ICMP Echo Requests.| | ||
| + | |Ping Sweep|An attack that sends ICMP echo requests (" | ||
| + | |PIR|Post Incident Review.| | ||
| + | |PGP|Pretty Good Privacy).| | ||
| + | |:::|Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| | ||
| + | |PKI|A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. | ||
| + | |Plaintext|Ordinary readable text before being encrypted into ciphertext or after being decrypted.| | ||
| + | |PMI|Potential Major Incident.| | ||
| + | |PoC|Proof of Concept).| | ||
| + | |:::|A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, | ||
| + | |POC|Point of Contact.| | ||
| + | |Point-to-Point|PPP.| | ||
| + | |:::|A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. | ||
| + | |Point-to-Point | ||
| + | |Poison Reverse|Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| | ||
| + | |Polyinstantiation|Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| | ||
| + | |Polymorphism|Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| | ||
| + | |POP3|Post Office Protocol Version 3).| | ||
| + | |:::|An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | ||
| |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. | |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. | ||
| |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " | |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " | ||
| Line 571: | Line 643: | ||
| |RPC Scans|RPC scans determine which RPC services are running on a machine.| | |RPC Scans|RPC scans determine which RPC services are running on a machine.| | ||
| |RSS|Really Simple Syndication.| | |RSS|Really Simple Syndication.| | ||
| - | |:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. | + | |:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. |
| |RTM|Requirements Traceability Matrix. | |RTM|Requirements Traceability Matrix. | ||
| - | |RTQ|Risk | + | |RTQ|Risk |
| |Rule Set Based Access Control|RSBAC.| | |Rule Set Based Access Control|RSBAC.| | ||
| |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.| | |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.| | ||
| Line 720: | Line 792: | ||
| |UAT|User Acceptance Testing.| | |UAT|User Acceptance Testing.| | ||
| |UDF|User Defined Field.| | |UDF|User Defined Field.| | ||
| - | |UDP|User Datagram Protocol)| | + | |UDP|User Datagram Protocol| |
| |:::|A communications protocol that, like TCP, runs on top of IP networks. | |:::|A communications protocol that, like TCP, runs on top of IP networks. | ||
| |UDP Scan|UDP scans perform scans to determine which UDP ports are open.| | |UDP Scan|UDP scans perform scans to determine which UDP ports are open.| | ||
| Line 767: | Line 839: | ||
| |Windowing|A windowing system is a system for sharing a computer' | |Windowing|A windowing system is a system for sharing a computer' | ||
| |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | ||
| - | |Wired Equivalent Privacy|WEP. | + | |Wired Equivalent Privacy|WEP.| |
| + | |:::|A security protocol for wireless local area networks defined in the standard IEEE 802.11b.| | ||
| |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | ||
| |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.| | |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.| | ||
| - | |World Wide Web Consortium|W3C. The W3C is an international organization that develops Web standards.| | + | |World Wide Web Consortium|W3C.| |
| - | |World Wide Web|WWW. | + | |:::|The W3C is an international organization that develops Web standards.| |
| + | |World Wide Web|WWW.| | ||
| + | |:::|Also known as "THE WEB" or W3.| | ||
| |Worm|A computer program that can run independently, | |Worm|A computer program that can run independently, | ||
| |WWW|World Wide Web.| | |WWW|World Wide Web.| | ||
glossary/start.1689605961.txt.gz · Last modified: 2023/07/17 14:59 by peter