glossary:start
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| glossary:start [2023/07/17 15:05] – peter | glossary:start [2023/07/17 15:57] (current) – peter | ||
|---|---|---|---|
| Line 19: | Line 19: | ||
| |ACL|Access Control List. A list of permissions attached to an object.| | |ACL|Access Control List. A list of permissions attached to an object.| | ||
| |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.| | |Access Control|Access Control ensures that resources are only granted to those users who are entitled to them.| | ||
| - | |Access Control List|ACL. A list of permissions attached to an object.| | + | |Access Control List|ACL.| |
| + | |:::|A list of permissions attached to an object.| | ||
| |Access Control Service|A security service that provides protection of system resources against unauthorized access. | |Access Control Service|A security service that provides protection of system resources against unauthorized access. | ||
| |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| | |Access Matrix|An Access Matrix uses rows to represent subjects and columns to represent objects with privileges listed in each cell.| | ||
| |Account Harvesting|The process of collecting all the legitimate account names on a system.| | |Account Harvesting|The process of collecting all the legitimate account names on a system.| | ||
| |Active Content|Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| | |Active Content|Program code embedded in the contents of a web page. When the page is accessed by a web browser, the embedded code is automatically downloaded and executed on the user's workstation. Ex. Java, ActiveX (MS).| | ||
| - | |Active Directory|AD. | + | |Active Directory|AD.| |
| + | |:::|A directory service implemented by Microsoft for Windows domain networks. | | ||
| |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| | |Activity Monitors|Aim to prevent virus infection by monitoring for malicious activity on a system, and blocking that activity when possible.| | ||
| |AD|Active Directory. | |AD|Active Directory. | ||
| |ADAL| Authoritive Data Access Layer.| | |ADAL| Authoritive Data Access Layer.| | ||
| - | |Address Resolution Protocol|ARP. | + | |Address Resolution Protocol|ARP.| |
| - | |ADS| Authoritive Data Source.| | + | |:::|A protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network. |
| + | |ADS|Authoritive Data Source.| | ||
| |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | |ADSL|Asymmetric Digital Subscriber Line (ADSL) is a technology for transmitting digital information at high bandwidth on existing phone lines to homes and businesses. | ||
| - | |Advanced Encryption Standard|AES. | + | |Advanced Encryption Standard|AES.| |
| - | |AEOD | After End-of-Day.| | + | |:::|An encryption standard being developed by NIST. Intended to specify an unclassified, |
| + | |AEOD|After End-of-Day.| | ||
| |AES|Advanced Encryption Standard. | |AES|Advanced Encryption Standard. | ||
| - | |AIRB| Advanced Internal Rating Based Approach.| | + | |AIRB|Advanced Internal Rating Based Approach.| |
| - | |A&L| Assets and Liabilities | | + | |A& |
| - | |Algorithm| A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| | + | |Algorithm|A finite set of step-by-step instructions for a problem-solving or computation procedure, especially one that can be implemented by a computer.| |
| |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.| | |AML|Anti money laundering (AML) is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities.| | ||
| |AMSC|Application Management Service Centre.| | |AMSC|Application Management Service Centre.| | ||
| Line 49: | Line 53: | ||
| |:::|A globally unique number assigned by a registrar for the purposes of Internet routing, | | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing, | | ||
| |Asymmetric Cryptography|Public-key cryptography. | |Asymmetric Cryptography|Public-key cryptography. | ||
| - | |Asymmetric Warfare | Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' | + | |Asymmetric Warfare|Asymmetric warfare is the application of dissimilar strategies, tactics, capabilities and approaches used to circumvent or negate an opponent' |
| |Auditing|The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| | |Auditing|The information gathering and analysis of assets to ensure such things as policy compliance and security from vulnerabilities.| | ||
| |Asymmetric Digital Subscriber Line|ADSL.| | |Asymmetric Digital Subscriber Line|ADSL.| | ||
| Line 61: | Line 65: | ||
| |Authorization|The approval, permission, or empowerment for someone or something to do something.| | |Authorization|The approval, permission, or empowerment for someone or something to do something.| | ||
| |Autonomous System|One network or series of networks that are all under one administrative control. | |Autonomous System|One network or series of networks that are all under one administrative control. | ||
| - | |Autonomous System Number|ASN. | + | |Autonomous System Number|ASN.| |
| + | |:::|A globally unique number assigned by a registrar for the purposes of Internet routing.| | ||
| |Availability|The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| | |Availability|The need to ensure that the business purpose of the system can be met and that it is accessible to those who need to use it.| | ||
| |Backdoor|A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| | |Backdoor|A backdoor is a tool installed after a compromise to give an attacker easier access to the compromised system around any security mechanisms that are in place.| | ||
| Line 67: | Line 72: | ||
| |Banner|A banner is the information that is displayed to a remote user trying to connect to a service. | |Banner|A banner is the information that is displayed to a remote user trying to connect to a service. | ||
| |BAP|Business and Personal.| | |BAP|Business and Personal.| | ||
| - | |Basic Authentication | Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| | + | |Basic Authentication|Basic Authentication is the simplest web-based authentication scheme that works by sending the username and password with each request.| |
| |Bastion Host|A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| | |Bastion Host|A bastion host has been hardened in anticipation of vulnerabilities that have not been discovered yet.| | ||
| |BAU|Business as Usual.| | |BAU|Business as Usual.| | ||
| - | |BBS|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, | + | |BBS|Bulletin Board System.| |
| + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, | ||
| |BCM|Business Continuity Management. The management of a Business Continuity Plan (BCP).| | |BCM|Business Continuity Management. The management of a Business Continuity Plan (BCP).| | ||
| |BCP|Business Continuity Plan. A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | |BCP|Business Continuity Plan. A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | ||
| Line 88: | Line 94: | ||
| |BLoR|Business List of Records. | |BLoR|Business List of Records. | ||
| |BOM|Business Only Membership.| | |BOM|Business Only Membership.| | ||
| - | |Border Gateway Protocol|BGP. | + | |Border Gateway Protocol|BGP.| |
| + | |:::|An inter-autonomous system routing protocol. | ||
| |Boot Record Infector|A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| | |Boot Record Infector|A boot record infector is a piece of malware that inserts malicious code into the boot sector of a disk.| | ||
| |Bot|Also called ‘Internet bots’; refers to computers that perform tasks without human input. | |Bot|Also called ‘Internet bots’; refers to computers that perform tasks without human input. | ||
| Line 102: | Line 109: | ||
| |Brute Force|A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, | |Brute Force|A crypto-analysis technique or other kind of attack method involving an exhaustive procedure that tries all possibilities, | ||
| |BSM|Balance Sheet Management.| | |BSM|Balance Sheet Management.| | ||
| - | |BSS 7799|British Standard 7799. A standard code of practice and provides guidance on how to secure an information system. | + | |BSS 7799|British Standard 7799.| |
| + | |:::|A standard code of practice and provides guidance on how to secure an information system. | ||
| |BST|British Summer Time.| | |BST|British Summer Time.| | ||
| |Buffer Overflow|A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| | |Buffer Overflow|A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.| | ||
| |Bullet-proof hosting|Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. | |Bullet-proof hosting|Bullet-proof hosting is a service provided by some domain hosting or web hosting firms that allow their customer considerable leniency in the kinds of material they may upload and distribute. | ||
| - | |Bulletin Board System|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, | + | |Bulletin Board System|BBS| |
| - | |Business Continuity Management|BCM. The management of a Business Continuity Plan (BCP).| | + | |:::|A Bulletin Board System (BBS) is a computerized meeting and announcement system that allows people to carry on discussions, |
| - | |Business Continuity Plan|BCP. | + | |Business Continuity Management|BCM.| |
| - | |Business Impact Analysis|BIA. | + | |:::|The management of a Business Continuity Plan (BCP).| |
| + | |Business Continuity Plan|BCP.| | ||
| + | |:::|A Business Continuity Plan is the plan for emergency response, backup operations, and post-disaster recovery steps that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation.| | ||
| + | |Business Impact Analysis|BIA.| | ||
| + | |:::|A Business Impact Analysis determines what levels of impact to a system are tolerable.| | ||
| |Business Intelligence|Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; | |Business Intelligence|Business intelligence is now widely accepted as being concerned with information technology solutions for transforming the output from large data collections into Intelligence; | ||
| |BYOD|Bring Your Own Device.| | |BYOD|Bring Your Own Device.| | ||
| Line 115: | Line 127: | ||
| |CA|Certificate Authority.| | |CA|Certificate Authority.| | ||
| |CAB|Change Advisory Board.| | |CAB|Change Advisory Board.| | ||
| - | |CAC|Call Admission Control. | + | |CAC|Call Admission Control.| |
| + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| | ||
| |Cache|Pronounced cash, a special high-speed storage mechanism. | |Cache|Pronounced cash, a special high-speed storage mechanism. | ||
| |Cache Cramming|Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| | |Cache Cramming|Cache Cramming is the technique of tricking a browser to run cached Java code from the local disk, instead of the internet zone, so it runs with less restrictive permissions.| | ||
| |Cache Poisoning|Malicious or misleading data from a remote name server is saved [cached] by another name server. | |Cache Poisoning|Malicious or misleading data from a remote name server is saved [cached] by another name server. | ||
| - | |Call Admission Control|CAC. | + | |Call Admission Control|CAC.| |
| + | |:::|The inspection and control all inbound and outbound voice network activity by a voice firewall based on user-defined policies.| | ||
| |CAMS|Cash Management System.| | |CAMS|Cash Management System.| | ||
| |Carding|Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. | |Carding|Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. | ||
| - | | Cash-out | The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| | + | |Cash-out|The aspect of a cybercrime operation where stolen electronic funds are finally withdrawn from the finance system in the form of hard cash, often perpetrated by the use of ‘money mules’.| |
| - | | CCO | Chief Controls Office. | + | |CCO|Chief Controls Office.| |
| - | | CDC | Client Data Controls.| | + | |:::|The Chief Controls Office centralizes and increases the focus on maintaining and enhancing an effective control framework.| |
| - | | CDI | Client Data Interface.| | + | |CDC|Client Data Controls.| |
| - | | Cell | A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| | + | |CDI|Client Data Interface.| |
| - | | CERT (Computer Emergency Response Team) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |Cell|A cell is a unit of data transmitted over an ATM network. A cell is also a single physical memory location within flash memory.| |
| - | | Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| | + | |CERT|Computer Emergency Response Team. |
| - | | CFF | Common File Format.| | + | |Certificate-based Authentication | Certificate-Based Authentication is the use of SSL and certificates to authenticate and encrypt HTTP traffic.| |
| - | | CGI (Common Gateway Interface) | This mechanism is used by HTTP servers (web servers) to pass parameters to executable scripts in order to generate responses dynamically.| | + | |CFF|Common File Format.| |
| - | | Chain of Custody | Chain of Custody is the important application of the Federal rules of evidence and its handling.| | + | |CGI|Common Gateway Interface. |
| - | | Challenge Handshake Authentication Protocol | + | |Chain of Custody|Chain of Custody is the important application of the Federal rules of evidence and its handling.| |
| - | | CHAP (Challenge Handshake Authentication Protocol) | The Challenge-Handshake Authentication Protocol uses a challenge/ | + | |Challenge Handshake Authentication Protocol|CHAP. |
| - | | Chatroom | The name for a discussion group or chat room.| | + | |CHAP|Challenge Handshake Authentication Protocol.| |
| - | | Checksum | A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| | + | |:::|The Challenge-Handshake Authentication Protocol uses a challenge/ |
| - | | CI | Configuration Item.| | + | |Chatroom|The name for a discussion group or chat room.| |
| - | | CIP | Customer Identification Program.| | + | |Checksum|A value that is computed by a function that is dependent on the contents of a data object and is stored or transmitted together with the object, for the purpose of detecting changes in the data.| |
| - | | Cipher | A cryptographic algorithm for encryption and decryption.| | + | |CI|Configuration Item.| |
| - | | Ciphertext | Ciphertext is the encrypted form of the message being sent.| | + | |CIP|Customer Identification Program.| |
| - | | Circuit Switched Network | A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| | + | |Cipher|A cryptographic algorithm for encryption and decryption.| |
| - | | CIS | Customer Identification System.| | + | |Ciphertext|Ciphertext is the encrypted form of the message being sent.| |
| - | | CIS | Customer Information System.| | + | |Circuit Switched Network|A circuit switched network is where a single continuous physical circuit connected two endpoints where the route was immutable once set up.| |
| - | | CIT | Component Integration Testing.| | + | |CIS|Customer Identification System.| |
| - | | CL | Control Language.| | + | |CIS|Customer Information System.| |
| - | | Client | A system entity that requests and uses a service provided by another system entity, called a " | + | |CIT|Component Integration Testing.| |
| - | | CMDB | Configuration Management Database.| | + | |CL|Control Language.| |
| - | | CMOD | Central Management On Demand.| | + | |Client|A system entity that requests and uses a service provided by another system entity, called a " |
| - | | CMR | Customer Master Record.| | + | |CMDB|Configuration Management Database.| |
| - | | CMS | Change Management Standard.| | + | |CMOD|Central Management On Demand.| |
| - | | COA | Change of Address.| | + | |CMR|Customer Master Record.| |
| - | | CoB | Close of Business.| | + | |CMS|Change Management Standard.| |
| - | | Cold Disaster Recovery Site | Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, | + | |COA|Change of Address.| |
| - | | Collision | A collision occurs when multiple systems transmit simultaneously on the same wire.| | + | |CoB|Close of Business.| |
| - | | Common Gateway Interface | + | |Cold Disaster Recovery Site|Hardware is ordered, shipped and installed, and software is loaded. Basic telecommunications, |
| - | | Competitive Intelligence | Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| | + | |Collision|A collision occurs when multiple systems transmit simultaneously on the same wire.| |
| - | | Competitor Intelligence | Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| | + | |Common Gateway Interface|CGI. |
| - | | Compromise | Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. | + | |Competitive Intelligence|Competitive Intelligence is espionage using legal, or at least not obviously illegal, means.| |
| - | | Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| | + | |Competitor Intelligence|Competitor Intelligence is a subdivision of Business intelligence that concerns the current and proposed business activities of competitors.| |
| - | | Computer Network | A collection of host computers together with the sub-network or inter-network through which they can exchange data.| | + | |Compromise|Also called a security breach, a security compromise is a term used to describe an intentional or unintentional event that has exposed confidential data to unauthorized persons. |
| - | | CON | Change of Name.| | + | |Computer Emergency Response Team (CERT) | An organization that studies computer and network INFOSEC in order to provide incident response services to victims of attacks, publish alerts concerning vulnerabilities and threats, and offer other information to help improve computer and network security.| |
| - | | Confidentiality | Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| | + | |Computer Network|A collection of host computers together with the sub-network or inter-network through which they can exchange data.| |
| - | | Configuration Management | Establish a known baseline condition and manage it.| | + | |CON|Change of Name.| |
| - | | COO | Chief Operating Office.| | + | |Confidentiality|Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.| |
| - | | Cookie | Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. | + | |Configuration Management|Establish a known baseline condition and manage it.| |
| - | | Corruption | A threat action that undesirably alters system operation by adversely modifying system functions or data.| | + | |COO|Chief Operating Office.| |
| - | | Cost Benefit Analysis | A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| | + | |Cookie|Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. |
| - | | Countermeasure | Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. | + | |Corruption|A threat action that undesirably alters system operation by adversely modifying system functions or data.| |
| - | | Covert Channels | Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| | + | |Cost Benefit Analysis|A cost benefit analysis compares the cost of implementing countermeasures with the value of the reduced risk.| |
| - | | CP | Consultation Paper.| | + | |Countermeasure|Reactive methods used to prevent an exploit from successfully occurring once a threat has been detected. |
| - | | CR | Change Record.| | + | |Covert Channels|Covert Channels are the means by which information can be communicated between two parties in a covert fashion using normal system operations. For example by changing the amount of hard drive space that is available on a file server can be used to communicate information.| |
| - | | CR | Change Request.| | + | |CP|Consultation Paper.| |
| - | | CRAID | Changes, Risks, Assumptions, | + | |CR|Change Record.| |
| - | | Crawler | A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| | + | |CR|Change Request.| |
| - | | CRC (Cyclic Redundancy Check) | Sometimes called " | + | |CRAID|Changes, |
| - | | Criminal Forum | A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| | + | |Crawler|A crawler uses existing Internet search engines to carry out automatic search and retrieval of selected Information on behalf of a user. It may also be known as Web crawler.| |
| - | | CRON | Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| | + | |CRC|Cyclic Redundancy Check.| |
| - | | Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| | + | |:::|Sometimes called " |
| - | | Cryptanalysis | The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| | + | |Criminal Forum|A forum, usually web based, devoted to the black market trading of stolen credit card details, stolen identity details and tools to commit computer offences.| |
| - | | Cryptographic Algorithm | Hash. An algorithm that employs the science of cryptography, | + | |CRON|Cron is a Unix application that runs jobs for users and administrators at scheduled times of the day.| |
| - | | CSI | Continual Service Improvements.| | + | |Crossover cable | A crossover cable reverses the pairs of cables at the other end and can be used to connect devices directly together.| |
| - | | CSP | Content Security Policy.| | + | |Cryptanalysis|The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plain-text without knowing the key.| |
| - | | CTRP | Countries, Towns, Regions and Ports.| | + | |Cryptographic Algorithm|Hash. |
| - | | Cut-through | Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| | + | |CSI|Continual Service Improvements.| |
| - | | Cyberspace | Cyberspace is the notional environment in which communication over computer networks occurs. | + | |CSP|Content Security Policy.| |
| - | | Cyclic Redundancy Check (CRC) | Sometimes called " | + | |CTRP|Countries, |
| - | | Daemon | A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. | + | |Cut-through|Cut-Through is a method of switching where only the header of a packet is read before it is forwarded to its destination.| |
| - | | Data Aggregation | Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| | + | |Cyberspace|Cyberspace is the notional environment in which communication over computer networks occurs. |
| - | | Data Custodian | A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| | + | |Cyclic Redundancy Check|CRC. |
| - | | Data Encryption Standard | + | |Daemon|A program which is often started at the time the system boots and runs continuously without intervention from any of the users on the system. |
| - | | Data Encryption Standard (DES) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |Data Aggregation|Data Aggregation is the ability to get a more complete picture of the information by analyzing several different types of records at once.| |
| - | | Data Mining | Data Mining is a technique used to analyze existing information, | + | |Data Custodian|A Data Custodian is the entity currently using or manipulating the data, and therefore, temporarily taking responsibility for the data.| |
| - | | Data Owner | A Data Owner is the entity having responsibility and authority for the data.| | + | |Data Encryption Standard|DES. A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | Data Warehouse | A central repository for all or significant parts of the data that an enterprise’s various business systems collect. | + | |Data Mining|Data Mining is a technique used to analyze existing information, |
| - | | Data Warehousing | Data Warehousing is the consolidation of several previously independent databases into one location.| | + | |Data Owner|A Data Owner is the entity having responsibility and authority for the data.| |
| - | | Datagram | Request for Comment 1594 says, "a self-contained, | + | |Data Warehouse|A central repository for all or significant parts of the data that an enterprise’s various business systems collect. |
| - | | Day Zero | The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. | + | |Data Warehousing|Data Warehousing is the consolidation of several previously independent databases into one location.| |
| - | + | |Datagram|Request for Comment 1594 says, "a self-contained, | |
| - | | DB | Database.| | + | |Day Zero|The "Day Zero" or "Zero Day" is the day a new vulnerability is made known. |
| - | | DBC | Detailed Business Case.| | + | |DB|Database.| |
| - | | DCF | Data Control Framework.| | + | |DBC|Detailed Business Case.| |
| - | | DCO | Device Configuration Overlay. | + | |DCF|Data Control Framework.| |
| - | | DCP | Demand Change Process.| | + | |DCO|Device Configuration Overlay.| |
| - | | Ddos (Distributed Denial of Service) | Distributed Denial of Service (DdoS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. | + | |:::|A hidden part of a hard drive that is used by personal computer manufacturers to specify the configuration of a hard drive (regardless of its actual size) to present the same number of sectors to the BIOS and operating system.| |
| - | | Decapsulation | Decapsulation is the process of stripping off one layer' | + | |DCP|Demand Change Process.| |
| - | | Decryption | Decryption is the process of transforming an encrypted message into its original plain-text.| | + | |DDOS|Distributed Denial of Service.| |
| - | | Deep Web | Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | Defacement | Defacement is the method of modifying the content of a website in such a way that it becomes " | + | |Decapsulation | Decapsulation is the process of stripping off one layer' |
| - | | Defense In-Depth | Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| | + | |Decryption|Decryption is the process of transforming an encrypted message into its original plain-text.| |
| - | | Demilitarized Zone (DMZ) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |Deep Web|Invisible Web. That portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | Denial of Service | The prevention of authorized access to a system resource or the delaying of system operations and functions.| | + | |Defacement|Defacement is the method of modifying the content of a website in such a way that it becomes " |
| - | | DES (Data Encryption Standard) | A widely-used method of data encryption using a private (secret) key. There are 72, | + | |Defense In-Depth|Defense In-Depth is the approach of using multiple layers of security to guard against failure of a single security component.| |
| - | | D&I | Diversity and Inclusion.| | + | |Demilitarized Zone|DMZ.| |
| - | | Dictionary Attack | An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | Diffie-Hellman | A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. | + | |Denial of Service|The prevention of authorized access to a system resource or the delaying of system operations and functions.| |
| - | | Digest Authentication | Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| | + | |DES|Data Encryption Standard).| |
| - | | Digital Certificate | A digital certificate is an electronic " | + | |:::|A widely-used method of data encryption using a private (secret) key. There are 72, |
| - | | Digital Envelope | A digital envelope is an encrypted message with the encrypted session key.| | + | |D& |
| - | | Digital Signature | A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | | + | |Dictionary Attack|An attack that tries all of the phrases or words in a dictionary, trying to crack a password or key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.| |
| - | | Digital Signature Algorithm | + | |Diffie-Hellman|A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. |
| - | | Digital Signature Standard | + | |Digest Authentication|Digest Authentication allows a web client to compute MD5 hashes of the password to prove it has the password.| |
| - | | Disassembly | The process of taking a binary program and deriving the source code from it.| | + | |Digital Certificate|A digital certificate is an electronic " |
| - | | Disaster Recovery Plan (DRP) | A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| | + | |Digital Envelope|A digital envelope is an encrypted message with the encrypted session key.| |
| - | | Discretionary Access Control | + | |Digital Signature|A digital signature is a hash of a message that uniquely identifies the sender of the message and proves the message hasn't changed since transmission. | |
| - | | Dispensation | Temporary exclusion from Policy or Scope.| | + | |Digital Signature Algorithm|DSA.| |
| - | | Disruption | A circumstance or event that interrupts or prevents the correct operation of system services and functions.| | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | Distance Vector | Distance vectors measure the cost of routes to determine the best route to all known networks.| | + | |Digital Signature Standard|DSS.| |
| - | | Distributed Denial of Service | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | Distributed Scans | Distributed Scans are scans that use multiple source addresses to gather information.| | + | |Disassembly|The process of taking a binary program and deriving the source code from it.| |
| - | | DLL (Dynamic Link Library) | A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. | + | |Disaster Recovery Plan|DRP.| |
| - | | DLP | Data Loss Prevention.| | + | |:::|A Disaster Recovery Plan is the process of recovery of IT systems in the event of a disruption or disaster.| |
| - | | DMS | Document Management System.| | + | |Discretionary Access Control|DAC.| |
| - | | DM&W | Document Management and Workflow.| | + | |:::|Discretionary Access Control consists of something the user can manage, such as a document password.| |
| - | | DMZ (Demilitarized Zone) | In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' | + | |Dispensation|Temporary exclusion from Policy or Scope.| |
| - | | DNS (Domain Name System) | The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " | + | |Disruption|A circumstance or event that interrupts or prevents the correct operation of system services and functions.| |
| - | | Domain | A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. | + | |Distance Vector|Distance vectors measure the cost of routes to determine the best route to all known networks.| |
| - | | Domain Hijacking | Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' | + | |Distributed Denial of Service|DDOS.| |
| - | | Domain Name | A domain name locates an organization or other entity on the Internet. | + | |:::|Distributed Denial of Service (DDOS) is an attack in which multiple systems flood the bandwidth or resources of a targeted system in an attempt to make it unavailable. |
| - | | Domain Name System | + | |Distributed Scans|Distributed Scans are scans that use multiple source addresses to gather information.| |
| - | | Download | To download is to retrieve Information from the Internet.| | + | |DLL|Dynamic Link Library.| |
| - | | DP | Discussion Paper.| | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | DPIA | Data Protection Input Assessment.| | + | |DLP|Data Loss Prevention.| |
| - | | DR | Disaster Recovery. | + | |DMS|Document Management System.| |
| - | | Drop Site | Malware that steals data will upload the information to a Drop Site for later retrieval.| | + | |DM& |
| - | | DSA (Digital Signature Algorithm) | An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. | + | |DMZ|Demilitarized Zone.| |
| - | | DSS (Digital Signature Standard | The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| | + | |:::|In computer security, in general a demilitarized zone (DMZ) or perimeter network is a network area (a sub-network) that sits between an organization' |
| - | | DTU | Data Transfer Utility.| | + | |DNS|Domain Name System.| |
| - | | Due Care | Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | Due Diligence | Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| | + | |Domain|A sphere of knowledge, or a collection of facts about some program entities or a number of network points or addresses, identified by a name. On the Internet, a domain consists of a set of network addresses. |
| - | | Dump | Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| | + | |Domain Hijacking|Domain hijacking is an attack by which an attacker takes over a domain by first blocking access to the domain' |
| - | | DumpSec | DumpSec is a security tool that dumps a variety of information about a system' | + | |Domain Name|A domain name locates an organization or other entity on the Internet. |
| - | | Dumpster Diving | Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| | + | |Domain Name System|DNS.| |
| - | | DWB | Dispensation, | + | |:::|The domain name system (DNS) is the way that Internet domain names are located and translated into Internet Protocol addresses. A domain name is a meaningful and easy-to-remember " |
| - | | DX | Developer Experience.| | + | |Download|To download is to retrieve Information from the Internet.| |
| - | | Dynamic Link Library | + | |DP|Discussion Paper.| |
| - | | Dynamic Routing Protocol | Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. | + | |DPIA|Data Protection Input Assessment.| |
| - | | E2E | End-to-End. | + | |DR|Disaster Recovery. |
| - | | EAD | Exposure at Default.| | + | |Drop Site|Malware that steals data will upload the information to a Drop Site for later retrieval.| |
| - | | EAP (Extensible Authentication Protocol) | A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, | + | |DSA|Digital Signature Algorithm.| |
| - | | Eavesdropping | Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| | + | |:::|An asymmetric cryptographic algorithm that produces a digital signature in the form of a pair of large numbers. |
| - | | e-Commerce | + | |DSS|Digital Signature Standard.| |
| - | | Echo Reply | An echo reply is the response a machine that has received an echo request sends over ICMP.| | + | |:::|The US Government standard that specifies the Digital Signature Algorithm (DSA), which involves asymmetric cryptography.| |
| - | | Echo Request | An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| | + | |DTU|Data Transfer Utility.| |
| - | | EDS | European Data Store.| | + | |Due Care|Due care ensures that a minimal level of protection is in place in accordance with the best practice in the industry.| |
| - | | EFT (Electronic Funds Transfer) | + | |Due Diligence|Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additionally deploy a means to detect them if they occur.| |
| - | | Egress Filtering | Filtering outbound traffic.| | + | |Dump|Generally used to mean the data from a database, in reference to online fraud the term usually refers to debit or credit card’s dumps, which were skimmed or hacked and may include credit card track data, PINs and CCV numbers.| |
| - | | EGP (Exterior Gateway Protocol) | A protocol which distributes routing information to the routers which connect autonomous systems.| | + | |DumpSec|DumpSec is a security tool that dumps a variety of information about a system' |
| - | | EGW | Engagement Gateway.| | + | |Dumpster Diving|Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.| |
| - | | EIN | Employee Identification Number. | + | |DWB|Dispensation, |
| - | | Electronic Commerce | + | |DX|Developer Experience.| |
| - | | Electronic Funds Transfer | + | |Dynamic Link Library|DLL.| |
| - | | Emanations Analysis | Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| | + | |:::|A collection of small programs, any of which can be called when needed by a larger program that is running in the computer. |
| - | | Encapsulation | The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| | + | |Dynamic Routing Protocol|Allows network devices to learn routes. Ex. RIP, EIGRP Dynamic routing occurs when routers talk to adjacent routers, informing each other of what networks each router is currently connected to. The routers must communicate using a routing protocol, of which there are many to choose from. The process on the router that is running the routing protocol, communicating with its neighbour routers, is usually called a routing daemon. |
| - | | Encryption | Cryptographic transformation of data (called " | + | |E2E|End-to-End. |
| - | | EOD | End-of-Day.| | + | |EAD|Exposure at Default.| |
| - | | Ephemeral Port | Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. | + | |EAP|Extensible Authentication Protocol.| |
| - | | Escrow Passwords | Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |Eavesdropping|Eavesdropping is simply listening to a private conversation which may reveal information which can provide access to a facility or network.| |
| - | | Ethernet | The most widely-installed LAN technology. | + | |e-Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | ETL | Extract, Transform, Load.| | + | |Echo Reply| An echo reply is the response a machine that has received an echo request sends over ICMP.| |
| - | | EUDA | End User Developed Application.| | + | |Echo Request|An echo request is an ICMP message sent to a machine to determine if it is online and how long traffic takes to get to it.| |
| - | | Event | An event is an observable occurrence in a system or network.| | + | |EDS|European Data Store.| |
| - | | EXCO | Executive Committee, Executive Council.| | + | |EFT|Electronic Funds Transfer is the transfer of cash or credit from one account to another using computers and telecommunications.| |
| - | | Exploit | A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| | + | |Egress Filtering | Filtering outbound traffic.| |
| - | | Exponential Backoff Algorithm | An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| | + | |EGP|Exterior Gateway Protocol). |
| - | | Exposure | A threat action whereby sensitive data is directly released to an unauthorized entity.| | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | Extended ACLS | Cisco. | + | |EGW|Engagement Gateway.| |
| - | | Extensible Authentication Protocol | + | |EIN|Employee Identification Number.| |
| - | | Exterior Gateway Protocol | + | |Electronic Commerce|Electronic Commerce, also known as e-Commerce, covers a range of activities under which businesses and their customers can carry out transactions electronically between computer systems. |
| - | | Extranet | Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, | + | |Electronic Funds Transfer|Electronic Funds Transfer |
| - | | False Rejects | False Rejects are when an authentication system fails to recognize a valid user.| | + | |Emanations Analysis|Gaining direct knowledge of communicated data by monitoring and resolving a signal that is emitted by a system and that contains the data but is not intended to communicate the data.| |
| - | | Fast File System | The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| | + | |Encapsulation|The inclusion of one data structure within another structure so that the first data structure is hidden for the time being.| |
| - | | Fast Flux | Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| | + | |Encryption|Cryptographic transformation of data (called " |
| - | | FAT | Functional Acceptance Testing. | + | |EOD|End-of-Day.| |
| - | | Fault Line Attacks | Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| | + | |Ephemeral Port|Also called a transient port or a temporary port. Usually is on the client side. It is set up when a client application wants to connect to a server and is destroyed when the client application terminates. |
| - | | FCT | Functional Confidence Testing. | + | |Escrow Passwords|Escrow Passwords are passwords that are written down and stored in a secure location (like a safe) that are used by emergency personnel when privileged personnel are unavailable.| |
| - | | File Transfer Protocol | + | |Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | Filter | + | |Ethernet|The most widely-installed LAN technology. |
| - | | Filtering Router | An inter-network router that selectively prevents the passage of data packets according to a security policy. | + | |ETL|Extract, |
| - | | Finger | A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. | + | |EUDA|End User Developed Application.| |
| - | | Fingerprinting | Sending strange packets to a system in order to gauge how it responds to determine the operating system.| | + | |Event|An event is an observable occurrence in a system or network.| |
| - | | Firewall | A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| | + | |EXCO|Executive Committee, Executive Council.| |
| - | | Flooding | An attack that attempts to cause a failure in (especially, | + | |Exploit|A sequence of actions or a program that enables an individual to take advantage of, or exploit, a vulnerability or security weakness in a program or system.| |
| - | | Forest | A forest is a set of Active Directory domains that replicate their databases with each other.| | + | |Exponential Backoff Algorithm|An exponential backoff algorithm is used to adjust TCP timeout values on the fly so that network devices don't continue to timeout sending data over saturated links.| |
| - | | Fork Bomb | A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. | + | |Exposure|A threat action whereby sensitive data is directly released to an unauthorized entity.| |
| - | | Form-based Authentication | Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| | + | |Extended ACLS|Cisco. |
| - | | Forward Lookup | Forward lookup uses an Internet domain name to find an IP address.| | + | |Extensible Authentication Protocol|EAP.| |
| - | | Forward Proxy | Forward Proxies are designed to be the server through which all requests are made.| | + | |:::|A framework that supports multiple, optional authentication mechanisms for PPP, including clear-text passwords, challenge-response, |
| - | | FQDN | Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| | + | |Exterior Gateway Protocol|EGP.| |
| - | | Fragment Offset | The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| | + | |:::|A protocol which distributes routing information to the routers which connect autonomous systems.| |
| - | | Fragment Overlap Attack | A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. | + | |Extranet|Extranet is that portion of an organization’s Intranet that is accessible by selected individuals (for example, collaborators, |
| - | | Fragmentation | The process of storing a data file in several " | + | |False Rejects|False Rejects are when an authentication system fails to recognize a valid user.| |
| - | | Frames | Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. | + | |Fast File System|The first major revision to the Unix file system, providing faster read access and faster (delayed, asynchronous) write access through a disk cache and better file system layout on disk. It uses inodes (pointers) and data blocks.| |
| - | | FTP (File Transfer Protocol) | A TCP/IP protocol specifying the transfer of text or binary files across the network.| | + | |Fast Flux|Protection method used by botnets consisting of a continuous and fast change of the DNS records for a domain name through different IP addresses.| |
| - | | Full Duplex | A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. | + | |FAT|Functional Acceptance Testing.| |
| - | | Fully-Qualified Domain Name | A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| | + | |:::|See FCT.| |
| - | | Fuzzing | The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " | + | |Fault Line Attacks|Fault Line Attacks use weaknesses between interfaces of systems to exploit gaps in coverage.| |
| - | | Gateway | A network point that acts as an entrance to another network.| | + | |FCT|Functional Confidence Testing.| |
| - | | GETHOSTBYADDR | The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| | + | |:::|Functional testing covers Unit Testing, Smoke Testing, Sanity Testing, Intergration Testing (Top Down, Bottom Up), Interface and Useability Testing, System Testing, Regression Testing, Per User Acceptance Testing (Alpha and Beta), User Acceptance Testing, White Box and Black Box Testing, Globalization and Location Testing.| |
| - | | GETHOSTBYNAME | The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| | + | |File Transfer Protocol|FTP. |
| - | | GIS | Global Information Security.| | + | |Filter A filter is used to specify which packets will or will not be used. It can be used in sniffers to determine which packets get displayed, or by firewalls to determine which packets get blocked.| |
| - | | GNU | GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. | + | |Filtering Router|An inter-network router that selectively prevents the passage of data packets according to a security policy. |
| - | | GNUTELLA | An Internet file sharing utility. | + | |Finger|A protocol to lookup user information on a given host. A Unix program that takes an e-mail address as input and returns information about the user who owns that e-mail address. |
| - | | GTIS | Global Technology Infrastructure Group.| | + | |Fingerprinting|Sending strange packets to a system in order to gauge how it responds to determine the operating system.| |
| - | | GW | Gateway.| | + | |Firewall|A logical or physical discontinuity in a network to prevent unauthorized access to data or resources.| |
| - | | Hactivist | An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, | + | |Flooding|An attack that attempts to cause a failure in (especially, |
| - | | HAM | Hardware Asset Management.| | + | |Forest|A forest is a set of Active Directory domains that replicate their databases with each other.| |
| - | | Hardening | Hardening is the process of identifying and fixing vulnerabilities on a system.| | + | |Fork Bomb|A Fork Bomb works by using the fork() call to create a new process which is a copy of the original. |
| - | | Hash Function | An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| | + | |Form-based Authentication|Form-Based Authentication uses forms on a webpage to ask a user to input username and password information.| |
| - | | Hash Functions | (cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. | + | |Forward Lookup|Forward lookup uses an Internet domain name to find an IP address.| |
| - | | Header | A header is the extra information in a packet that is needed for the protocol stack to process the packet.| | + | |Forward Proxy|Forward Proxies are designed to be the server through which all requests are made.| |
| - | | Hijack Attack | A form of active wiretapping in which the attacker seizes control of a previously established communication association.| | + | |FQDN|Fully Qualified Domain Name. The name of the physical host including the domain name; and where necessary the name of the DNS alias or availability group listener the application uses to connect.| |
| - | | Honey Client | See Honeymonkey.| | + | |Fragment Offset|The fragment offset field tells the sender where a particular fragment falls in relation to other fragments in the original larger packet.| |
| - | | Honey Pot | Programs that simulate one or more network services that you designate on your computer' | + | |Fragment Overlap Attack|A TCP/IP Fragmentation Attack that is possible because IP allows packets to be broken down into fragments for more efficient transport across various media. |
| - | | Honeymonkey | Automated system simulating a user browsing websites. | + | |Fragmentation|The process of storing a data file in several " |
| - | | Hops | A hop is each exchange with a gateway a packet takes on its way to the destination.| | + | |Frames|Data that is transmitted between network points as a unit complete with addressing and necessary protocol control information. |
| - | | Host | Any computer that has full two-way access to other computers on the Internet. | + | |FTP|File Transfer Protocol).| |
| - | | Host-based ID | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |:::|A TCP/IP protocol specifying the transfer of text or binary files across the network.| |
| - | | Host-Based Intrusion Detection | Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. | + | |Full Duplex|A type of duplex communications channel which carries data in both directions at once. Refers to the transmission of data in two directions simultaneously. |
| - | | Hot Disaster Recovery Site | It contains fully redundant hardware and software, with telecommunications, | + | |Fully-Qualified Domain Name|A Fully-Qualified Domain Name is a server name with a hostname followed by the full domain name.| |
| - | | Hot Fix | A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. | + | |Fuzzing|The use of special regression testing tools to generate out-of-spec input for an application in order to find security vulnerabilities. Also see " |
| - | | HPA | Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| | + | |Gateway|A network point that acts as an entrance to another network.| |
| - | | HTML (Hypertext Markup Language) | The set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page.| | + | |GETHOSTBYADDR|The gethostbyaddr DNS query is when the address of a machine is known and the name is needed.| |
| - | | HTTP (Hypertext Transfer Protocol) | The protocol in the Internet Protocol (IP) family used to transport hypertext documents across an internet.| | + | |GETHOSTBYNAME|The gethostbyname DNS quest is when the name of a machine is known and the address is needed.| |
| - | | HTTP Proxy | An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| | + | |GIS|Global Information Security.| |
| - | | HTTPS | When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | | + | |GNU|GNU is a Unix-like operating system that comes with source code that can be copied, modified, and redistributed. |
| - | | HUB | A hub is a network device that operates by repeating data that it receives on one port to all the other ports. | + | |GNUTELLA|An Internet file sharing utility. |
| - | | Humint | + | |GTIS|Global Technology Infrastructure Group.| |
| - | | Hybrid Attack | A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| | + | |GW|Gateway.| |
| - | | Hybrid Encryption | An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| | + | |Hactivist|An activist who uses illegal or legally ambiguous digital tools or methods in pursuit of political ends; methods employed include web site defacements, |
| - | | Hyperlink | In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| | + | |HAM|Hardware Asset Management.| |
| - | | Hypertext Markup Language | + | |Hardening|Hardening is the process of identifying and fixing vulnerabilities on a system.| |
| - | | Hypertext Transfer Protocol | + | |Hash Function|An algorithm that computes a value based on a data object thereby mapping the data object to a smaller data object.| |
| - | | ICMP (Internet Control Message Protocol) | An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| | + | |Hash Functions|(cryptographic) hash functions are used to generate a one way "check sum" for a larger text, which is not trivially reversed. |
| - | | Identity | Identity is whom someone or what something is, for example, the name by which something is known.| | + | |Header|A header is the extra information in a packet that is needed for the protocol stack to process the packet.| |
| - | | IETF (Internet Engineering Task Force) | The body that defines standard Internet operating protocols such as TCP/ | + | |Hijack Attack|A form of active wiretapping in which the attacker seizes control of a previously established communication association.| |
| - | | IMAP (Internet Message Access Protocol) | A protocol that defines how a client should fetch mail from and return mail to a mail server. | + | |Honey Client|See Honeymonkey.| |
| - | | Incident | An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| | + | |Honey Pot|Programs that simulate one or more network services that you designate on your computer' |
| - | | Incident Handling | Incident Handling is an action plan for dealing with intrusions, cyber-theft, | + | |Honeymonkey|Automated system simulating a user browsing websites. |
| - | | Incremental Backups | Incremental backups only backup the files that have been modified since the last backup. | + | |Hops|A hop is each exchange with a gateway a packet takes on its way to the destination.| |
| - | | Industrial Espionage | Espionage is the use of illegal means (spying) to collect Information, | + | |Host|Any computer that has full two-way access to other computers on the Internet. |
| - | | INETD | Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| | + | |Host-based ID|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Inference Attack | Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| | + | |Host-Based Intrusion Detection|Host-based intrusion detection systems use information from the operating system audit records to watch all operations occurring on the host that the intrusion detection software has been installed upon. These operations are then compared with a pre-defined security policy. |
| - | | Information Warfare | Information Warfare is the competition between offensive and defensive players over information resources.| | + | |Hot Disaster Recovery Site|It contains fully redundant hardware and software, with telecommunications, |
| - | | Ingress Filtering | Ingress Filtering is filtering inbound traffic.| | + | |Hot Fix|A hot fix is a single, cumulative package that includes one or more files that are used to address a problem in a software product (i.e. a software bug). Typically, hot fixes are made to address a specific customer situation and are not rolled out across the organisation. |
| - | | Input Validations Attack | Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| | + | |HPA|Host Protected Area. Sometimes called the Hidden Protected Area is a section of a hard drive that is hidden or not normally visible to the operating system, and is often used by software or personal computer manufactorers for system recovery and the backup of system configuration data.| |
| - | | Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, | + | |HTML|Hypertext Markup Language. |
| - | | Integrity Star Property | In Integrity Star Property a user cannot read data of a lower integrity level then their own.| | + | |HTTP|Hypertext Transfer Protocol. |
| - | | Intellectual Property | Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. | + | |HTTP Proxy|An HTTP Proxy is a server that acts as a middleman in the communication between HTTP clients and servers.| |
| - | | Intelligence | Intelligence is high-level, processed, exploitable Information.| | + | |HTTPS|When used in the first part of a URL (the part that precedes the colon and specifies an access scheme or protocol), this term specifies the use of HTTP enhanced by a security mechanism, which is usually SSL. | |
| - | | International Organization for Standardization (ISO) | A voluntary, non-treaty, non-government organization, | + | |HUB|A hub is a network device that operates by repeating data that it receives on one port to all the other ports. |
| - | | International Telecommunications Union (ITU-T) | Telecommunication Standardization Sector (formerly " | + | |Humint|Humint is an abbreviation for Human Intelligence; |
| - | | Internet | A term to describe connecting multiple separate networks together.| | + | |Hybrid Attack|A Hybrid Attack builds on the dictionary attack method by adding numerals and symbols to dictionary words.| |
| - | | Internet Control Message Protocol | + | |Hybrid Encryption|An application of cryptography that combines two or more encryption algorithms, particularly a combination of symmetric and asymmetric encryption.| |
| - | | Internet Engineering Task Force (IETF) | The body that defines standard Internet operating protocols such as TCP/ | + | |Hyperlink|In hypertext or hypermedia, an information object (such as a word, a phrase, or an image; usually highlighted by color or underscoring) that points (indicates how to connect) to related information that is located elsewhere and can be retrieved by activating the link.| |
| - | | Internet Message Access Protocol | + | |Hypertext Markup Language|HTML. |
| - | | Internet Protocol | + | |Hypertext Transfer Protocol|HTTP. |
| - | | Internet Protocol Security | + | |ICMP|Internet Control Message Protocol.| |
| - | | Internet Relay Chat (IRC) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | Internet Service Provider | + | |Identity | Identity is whom someone or what something is, for example, the name by which something is known.| |
| - | | Internet Standard | A specification, | + | |IETF|Internet Engineering Task Force.| |
| - | | Interrupt | An Interrupt is a signal that informs the OS that something has occurred.| | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | Intranet | A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| | + | |IMAP|Internet Message Access Protocol.| |
| - | | Intrusion Detection | A security management system for computers and networks. | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | Invisible Web | Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. | + | |Incident|An incident as an adverse network event in an information system or network or the threat of the occurrence of such an event.| |
| - | | IP (Internet Protocol) | The method or protocol by which data is sent from one computer to another on the Internet.| | + | |Incident Handling|Incident Handling is an action plan for dealing with intrusions, cyber-theft, |
| - | | IP Address | A computer' | + | |Incremental Backups|Incremental backups only backup the files that have been modified since the last backup. |
| - | | IP Flood | A denial of service attack that sends a host more echo request (" | + | |Industrial Espionage|Espionage is the use of illegal means (spying) to collect Information, |
| - | | IP Forwarding | IP forwarding is an Operating System option that allows a host to act as a router. | + | |INETD|Inetd (or Internet Daemon) is an application that controls smaller internet services like telnet, ftp, and POP.| |
| - | | IPSEC (Internet Protocol Security) | A developing standard for security at the network or packet processing layer of network communication.| | + | |Inference Attack|Inference Attacks rely on the user to make logical connections between seemingly unrelated pieces of information.| |
| - | | IP Spoofing | The technique of supplying a false IP address.| | + | |Information Warfare|Information Warfare is the competition between offensive and defensive players over information resources.| |
| - | | IRC (Internet Relay Chat) | Internet Relay Chat (IRC) is a huge, multi-user live chat facility. | + | |Ingress Filtering|Ingress Filtering is filtering inbound traffic.| |
| - | | IRM | Information Risk Management.| | + | |Input Validations Attack|Input Validations Attacks are where an attacker intentionally sends unusual input in the hopes of confusing an application.| |
| - | | ISO (International Organization for Standardization) | A voluntary, non-treaty, non-government organization, | + | |Integrity | Integrity is the need to ensure that information has not been changed accidentally or deliberately, |
| - | | ISP (Internet Service Provider) | An Internet Service Provider (ISP) is a company selling access to the Internet.| | + | |Integrity Star Property|In Integrity Star Property a user cannot read data of a lower integrity level then their own.| |
| - | | Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, | + | |Intellectual Property|Intellectual Property refers to the definition and recording of a novel device, product, process or technique so that it may be bought, sold or legally protected. |
| - | | ITU-T (International Telecommunications Union) | Telecommunication Standardization Sector (formerly " | + | |Intelligence|Intelligence is high-level, processed, exploitable Information.| |
| - | | Jitter | Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| | + | |International Organization for Standardization (ISO)|A voluntary, non-treaty, non-government organization, |
| - | | Jump Bag | A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| | + | |International Telecommunications Union|ITU-T.| |
| - | | Kerberos | A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | Kernel | The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. | + | |Internet|A term to describe connecting multiple separate networks together.| |
| - | | KYC | Know Your Customer.| | + | |Internet Control Message Protocol|ICMP.| |
| - | | L2F (Layer 2 Forwarding Protocol) | An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| | + | |:::|An Internet Standard protocol that is used to report error conditions during IP datagram processing and to exchange other information concerning the state of the IP network.| |
| - | | L2FP (Layer 2 Tunnelling | + | |Internet Engineering Task Force|IETF.| |
| - | | Lattice Techniques | Lattice Techniques use security designations to determine access to information.| | + | |:::|The body that defines standard Internet operating protocols such as TCP/ |
| - | | Layer 2 Forwarding Protocol | + | |Internet Message Access Protocol|IMAP.| |
| - | | Layer 2 Tunnelling | + | |:::|A protocol that defines how a client should fetch mail from and return mail to a mail server. |
| - | | Least Privilege | Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| | + | |Internet Protocol|IP.| |
| - | | Legion | Software to detect unprotected shares.| | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | Lightweight Directory Access Protocol | + | |Internet Protocol Security|IPSEC.| |
| - | | Link State | With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| | + | |Internet Relay Chat|IRC.| |
| - | | LKM (Loadable Kernel Modules) | Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| | + | |:::|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | Loadable Kernel Modules | + | |Internet Service Provider|ISP.| |
| - | | Log Clipping | Log clipping is the selective removal of log entries from a system log to hide a compromise.| | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | Logic Bombs | Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. | + | |Internet Standard|A specification, |
| - | | Logic Gate | A logic gate is an elementary building block of a digital circuit. | + | |Interrupt|An Interrupt is a signal that informs the OS that something has occurred.| |
| - | | Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| | + | |Intranet|A computer network, especially one based on Internet technology, that an organization uses for its own internal, and usually private, purposes and that is closed to outsiders.| |
| - | | LTR | Large Transaction Report.| | + | |Intrusion Detection|A security management system for computers and networks. |
| - | | MAC (Mandatory Access Control) | Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. | + | |Invisible Web|Invisible Web is that portion (estimated to be between 60 and 80 per cent) of total Web content that consists of material that is not accessible by standard Search engines. |
| - | | MAC Address | A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| | + | |IP|Internet Protocol).| |
| - | | Malicious Code | Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| | + | |:::|The method or protocol by which data is sent from one computer to another on the Internet.| |
| - | | Malware | A generic term for a number of different types of malicious code.| | + | |IP Address|A computer' |
| - | | Mandatory Access Control | + | |IP Flood|A denial of service attack that sends a host more echo request (" |
| - | | Man in the Middle | + | |IP Forwarding|IP forwarding is an Operating System option that allows a host to act as a router. |
| - | | Masquerade Attack | A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| | + | |IPSEC|Internet Protocol Security).| |
| - | | MD5 | A one way cryptographic hash function. | + | |:::|A developing standard for security at the network or packet processing layer of network communication.| |
| - | | Measures of Effectiveness | + | |IP Spoofing|The technique of supplying a false IP address.| |
| - | | MFT | Managed File Transfer.| | + | |IRC|Internet Relay Chat (IRC) is a huge, multi-user live chat facility. |
| - | | MI | Management Information.| | + | |IRM|Information Risk Management.| |
| - | | MITM (Man in the Middle) Attack | + | |ISO|International Organization for Standardization).| |
| - | | MOE (Measures of Effectiveness) | Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| | + | |:::|A voluntary, non-treaty, non-government organization, |
| - | | Monoculture | Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| | + | |ISP|Internet Service Provider).| |
| - | | Morris Worm | A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| | + | |:::|An Internet Service Provider (ISP) is a company selling access to the Internet.| |
| - | | MoSCoW | Must, Should, Could, Would.| | + | |Issue-specific Policy | An Issue-Specific Policy is intended to address specific needs within an organization, |
| - | | Mule | Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. | + | |ITU-T|International Telecommunications Union).| |
| - | | Multi-Cast | Broadcasting from one host to a given set of hosts.| | + | |:::|Telecommunication Standardization Sector (formerly " |
| - | | Multi-Homed | You are " | + | |Jitter|Jitter or Noise is the modification of fields in a database while preserving the aggregate characteristics of that make the database useful in the first place.| |
| - | | Multiplexing | To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| | + | |Jump Bag|A Jump Bag is a container that has all the items necessary to respond to an incident inside to help mitigate the effects of delayed reactions.| |
| - | | NAT (Network Address Translation) | It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. | + | |Kerberos|A system developed at the Massachusetts Institute of Technology that depends on passwords and symmetric cryptography (DES) to implement ticket-based, |
| - | | National Institute of Standards and Technology | + | |Kernel|The essential centre of a computer operating system, the core that provides basic services for all other parts of the operating system. |
| - | | Natural Disaster | Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| | + | |KYC|Know Your Customer.| |
| - | | Netmask | 32-bit number indicating the range of IP addresses residing on a single IP network/ | + | |L2F|Layer 2 Forwarding Protocol).| |
| - | | Network Address Translation | + | |:::|An Internet protocol (originally developed by Cisco Corporation) that uses tunnelling of PPP over IP to create a virtual extension of a dial-up link across a network, initiated by the dial-up server and transparent to the dial-up user.| |
| - | | Network-based IDS | A network-based IDS system monitors the traffic on its network segment as a data source. | + | |L2FP|Layer 2 Tunneling |
| - | | Network Mapping | To compile an electronic inventory of the systems and the services on your network.| | + | |:::|An extension of the Point-to-Point |
| - | | Network Taps | Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| | + | |Lattice Techniques|Lattice Techniques use security designations to determine access to information.| |
| - | | Newsgroup | Newsgroup is the name for a discussion group or chat room.| | + | |Layer 2 Forwarding Protocol|L2F. |
| - | | Nginx | Nginx Web Server. | + | |Layer 2 Tunneling |
| - | | Node | Node is any single device connected to a Network.| | + | |Least Privilege|Least Privilege is the principle of allowing users or applications the least amount of permissions necessary to perform their intended function.| |
| - | | Non FCT | Non Functional Testing. | + | |Legion|Software to detect unprotected shares.| |
| - | | Non-printable character | A character that doesn' | + | |Lightweight Directory Access Protocol|LDAP. |
| - | | Non-repudiation | Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| | + | |Link State|With link state, routes maintain information about all routers and router-to-router links within a geographic area, and creates a table of best routes with that information.| |
| - | | Null Session | Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| | + | |List-based Access Control | List Based Access Control associates a list of users and their privileges with each object.| |
| - | | OAT | Operational Acceptance Testing. | + | |LKM|Loadable Kernel Modules.| |
| - | | Octet | A sequence of eight bits. An octet is an eight-bit byte.| | + | |:::|Loadable Kernel Modules allow for the adding of additional functionality directly into the kernel while the system is running.| |
| - | | One-way Encryption | Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| | + | |Loadable Kernel Modules|LKM. |
| - | | One-way Function | A (mathematical) function, f, which is easy to compute the output based on a given input. | + | |Log Clipping|Log clipping is the selective removal of log entries from a system log to hide a compromise.| |
| - | | Open Shortest Path First (OSPF) | + | |Logic Bombs|Logic bombs are programs or snippets of code that execute when a certain predefined event occurs. |
| - | | Open Source Information | Open source information is unclassified published information. | + | |Logic Gate|A logic gate is an elementary building block of a digital circuit. |
| - | | Open Systems Interconnection | + | |Loopback Address | The loopback address (127.0.0.1) is a pseudo IP address that always refer back to the local host and are never sent out onto a network.| |
| - | | OR | Operational Risk.| | + | |LTR|Large Transaction Report.| |
| - | | ORF | Operational Risk Framework.| | + | |MAC|Mandatory Access Control).| |
| - | | ORIA | Operational Risk Impact Assessment. | + | |:::|Mandatory Access Control controls is where the system controls access to resources based on classification levels assigned to both the objects and the users. |
| - | | OSI (Open Systems Interconnection) | OSI is a standard description or " | + | |MAC Address|A physical address; a numeric value that uniquely identifies that network device from every other device on the planet.| |
| - | | OSI Layers | The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. | + | |Malicious Code|Software (e.g., Trojan horse) that appears to perform a useful or desirable function, but actually gains unauthorized access to system resources or tricks a user into executing other malicious logic.| |
| - | | OSPF (Open Shortest Path First) | + | |Malware|A generic term for a number of different types of malicious code.| |
| - | | Overload | Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| | + | |Mandatory Access Control|MAC. |
| - | | Packet | A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| | + | |Man in the Middle Attack|MITM.| |
| - | | Packet Switched Network | A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| | + | |:::|In cryptography, |
| - | | PAN | Primary Account Number.| | + | |Masquerade Attack|A type of attack in which one system entity illegitimately poses as (assumes the identity of) another entity.| |
| - | | Partitions | Major divisions of the total physical hard disk space.| | + | |MD5|A one way cryptographic hash function. |
| - | | Password Authentication Protocol | + | |Measures of Effectiveness|MOE.| |
| - | | Password Cracking | Password cracking is the process of attempting to guess passwords, given the password file information.| | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | Password Sniffing | Passive wiretapping, | + | |MFT|Managed File Transfer.| |
| - | | PATS | Per Application Test Strategy.| | + | |MI|Management Information.| |
| - | | Patch | A patch is a small update released by a software manufacturer to fix bugs in existing programs.| | + | |MITM Attack|Man in the Middle.| |
| - | | Patching | Patching is the process of updating software to a different version.| | + | |:::|In cryptography, |
| - | | Payload | Payload is the actual application data a packet contains.| | + | |MOE|Measures of Effectiveness).| |
| - | | Penetration | Gaining unauthorized logical access to sensitive data by circumventing a system' | + | |:::|Measures of Effectiveness is a probability model based on engineering concepts that allows one to approximate the impact a give action will have on an environment. In Information warfare it is the ability to attack or defend within an Internet environment.| |
| - | | Penetration Testing | Penetration testing is used to test the external perimeter security of a network or facility.| | + | |Monoculture|Monoculture is the case where a large number of users run the same software, and are vulnerable to the same attacks.| |
| - | | PERL (Practical Extraction and Reporting Language) | A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | + | |Morris Worm|A worm program written by Robert T. Morris, Jr. that flooded the ARPANET in November, 1988, causing problems for thousands of hosts.| |
| - | | Permutation | Permutation keeps the same letters but changes the position within a text to scramble the message.| | + | |MoSCoW | Must, Should, Could, Would.| |
| - | | Personal Firewalls | Personal firewalls are those firewalls that are installed and run on individual PCs.| | + | |Mule|Also known as a money mule, a mule is an individual who transfers stolen money or merchandise either in person, through a courier service or electronically to help obscure a scammer’s identity and/or location. |
| - | | PFS (Public Key Forward Secrecy) | For a key agreement protocol based on asymmetric cryptography, | + | |Multi-Cast|Broadcasting from one host to a given set of hosts.| |
| - | | Pharming | This is a more sophisticated form of MITM attack. | + | |Multi-Homed|You are " |
| - | | Phishing | The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. | + | |Multiplexing|To combine multiple signals from possibly disparate sources, in order to transmit them over a single path.| |
| - | | PII | Personal Identifiable Information.| | + | |NAT|Network Address Translation).| |
| - | | Ping of Death | An attack that sends an improperly large ICMP echo request packet (a " | + | |:::|It is used to share one or a small number of publicly routable IP addresses among a larger number of hosts. |
| - | | Ping Scan | A ping scan looks for machines that are responding to ICMP Echo Requests.| | + | |National Institute of Standards and Technology|NIST. |
| - | | Ping Sweep | An attack that sends ICMP echo requests (" | + | |Natural Disaster|Any "act of God" (e.g., fire, flood, earthquake, lightning, or wind) that disables a system component.| |
| - | | PIR | Post Incident Review.| | + | |Netmask|32-bit number indicating the range of IP addresses residing on a single IP network/ |
| - | | PGP (Pretty Good Privacy) | Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| | + | |Network Address Translation|NAT. |
| - | | PKI (Public Key Infrastructure) | + | |Network-based IDS|A network-based IDS system monitors the traffic on its network segment as a data source. |
| - | | Plaintext | Ordinary readable text before being encrypted into ciphertext or after being decrypted.| | + | |Network Mapping|To compile an electronic inventory of the systems and the services on your network.| |
| - | | PMI | Potential Major Incident.| | + | |Network Taps|Network taps are hardware devices that hook directly onto the network cable and send a copy of the traffic that passes through it to one or more other networked devices.| |
| - | | PoC (Proof of Concept) | A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, | + | |Newsgroup|Newsgroup is the name for a discussion group or chat room.| |
| - | | POC | Point of Contact.| | + | |Nginx|Nginx Web Server. |
| - | | Point-to-Point | + | |Node|Node is any single device connected to a Network.| |
| - | | Point-to-Point | + | |Non FCT|Non Functional Testing. |
| - | | Poison Reverse | Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| | + | |Non-printable character|A character that doesn' |
| - | | Polyinstantiation | Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| | + | |Non-repudiation|Non-repudiation is the ability for a system to prove that a specific user and only that specific user sent a message and that it hasn't been modified.| |
| - | | Polymorphism | Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| | + | |Null Session|Known as Anonymous Logon, it is a way of letting an anonymous user retrieve information such as user names and shares over the network or connect without authentication. It is used by applications such as explorer.exe to enumerate shares on remote servers.| |
| - | | POP3 (Post Office Protocol Version 3) | An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | + | |OAT|Operational Acceptance Testing. |
| + | |Octet|A sequence of eight bits. An octet is an eight-bit byte.| | ||
| + | |One-way Encryption|Irreversible transformation of plain-text to cipher text, such that the plain-text cannot be recovered from the cipher text by other than exhaustive procedures even if the cryptographic key is known.| | ||
| + | |One-way Function |A (mathematical) function, f, which is easy to compute the output based on a given input. | ||
| + | |Open Shortest Path First|(OSPF) Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| | ||
| + | |Open Source Information |Open source information is unclassified published information. | ||
| + | |Open Systems Interconnection|OSI is a standard description or " | ||
| + | |OR|Operational Risk.| | ||
| + | |ORF|Operational Risk Framework.| | ||
| + | |ORIA|Operational Risk Impact Assessment. | ||
| + | |OSI|Open Systems Interconnection.| | ||
| + | |:::|OSI is a standard description or " | ||
| + | |OSI Layers|The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, with each layer adding its own set of special, related functions. | ||
| + | |OSPF| Open Shortest Path First is a link state routing algorithm used in interior gateway routing. Routers maintain a database of all routers in the autonomous system with links between the routers, link costs, and link states (up and down).| | ||
| + | |Overload|Hindrance of system operation by placing excess burden on the performance capabilities of a system component.| | ||
| + | |Packet|A piece of a message transmitted over a packet-switching network. One of the key features of a packet is that it contains the destination address in addition to the data. In IP networks, packets are often called datagrams.| | ||
| + | |Packet Switched Network|A packet switched network is where individual packets each follow their own paths through the network from one endpoint to another.| | ||
| + | |PAN|Primary Account Number.| | ||
| + | |Partitions|Major divisions of the total physical hard disk space.| | ||
| + | |Password Authentication Protocol|PAP. | ||
| + | |Password Cracking|Password cracking is the process of attempting to guess passwords, given the password file information.| | ||
| + | |Password Sniffing|Passive wiretapping, | ||
| + | |PATS|Per Application Test Strategy.| | ||
| + | |Patch|A patch is a small update released by a software manufacturer to fix bugs in existing programs.| | ||
| + | |Patching|Patching is the process of updating software to a different version.| | ||
| + | |Payload|Payload is the actual application data a packet contains.| | ||
| + | |Penetration|Gaining unauthorized logical access to sensitive data by circumventing a system' | ||
| + | |Penetration Testing|Penetration testing is used to test the external perimeter security of a network or facility.| | ||
| + | |PERL|Practical Extraction and Reporting Language).| | ||
| + | |:::|A script programming language that is similar in syntax to the C language and that includes a number of popular Unix facilities such as sed, awk, and tr.| | ||
| + | |Permutation|Permutation keeps the same letters but changes the position within a text to scramble the message.| | ||
| + | |Personal Firewalls|Personal firewalls are those firewalls that are installed and run on individual PCs.| | ||
| + | |PFS|Public Key Forward Secrecy.| | ||
| + | |:::|For a key agreement protocol based on asymmetric cryptography, | ||
| + | |Pharming|This is a more sophisticated form of MITM attack. | ||
| + | |Phishing|The use of e-mails that appear to originate from a trusted source to trick a user into entering valid credentials at a fake website. | ||
| + | |PII|Personal Identifiable Information.| | ||
| + | |Ping of Death|An attack that sends an improperly large ICMP echo request packet (a " | ||
| + | |Ping Scan|A ping scan looks for machines that are responding to ICMP Echo Requests.| | ||
| + | |Ping Sweep|An attack that sends ICMP echo requests (" | ||
| + | |PIR|Post Incident Review.| | ||
| + | |PGP|Pretty Good Privacy).| | ||
| + | |:::|Trademark of Network Associates, Inc., referring to a computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet.| | ||
| + | |PKI|A PKI (public key infrastructure) enables users of a basically unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. | ||
| + | |Plaintext|Ordinary readable text before being encrypted into ciphertext or after being decrypted.| | ||
| + | |PMI|Potential Major Incident.| | ||
| + | |PoC|Proof of Concept).| | ||
| + | |:::|A proof of concept is realisation of a certain method or idea to demonstrate its feasibility, | ||
| + | |POC|Point of Contact.| | ||
| + | |Point-to-Point|PPP.| | ||
| + | |:::|A protocol for communication between two computers using a serial interface, typically a personal computer connected by phone line to a server. | ||
| + | |Point-to-Point | ||
| + | |Poison Reverse|Split horizon with poisoned reverse (more simply, poison reverse) does include such routes in updates, but sets their metrics to infinity. In effect, advertising the fact that there routes are not reachable.| | ||
| + | |Polyinstantiation|Polyinstantiation is the ability of a database to maintain multiple records with the same key. It is used to prevent inference attacks.| | ||
| + | |Polymorphism|Polymorphism is the process by which malicious software changes its underlying code to avoid detection.| | ||
| + | |POP3|Post Office Protocol Version 3).| | ||
| + | |:::|An Internet Standard protocol by which a client workstation can dynamically access a mailbox on a server host to retrieve mail messages that the server has received and is holding for the client.| | ||
| |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. | |Port|A port is nothing more than an integer that uniquely identifies an endpoint of a communication stream. | ||
| |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " | |Port Scan|A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a " | ||
| Line 573: | Line 643: | ||
| |RPC Scans|RPC scans determine which RPC services are running on a machine.| | |RPC Scans|RPC scans determine which RPC services are running on a machine.| | ||
| |RSS|Really Simple Syndication.| | |RSS|Really Simple Syndication.| | ||
| - | |:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. | + | |:::|RSS is a family of web feed formats used to publish frequently updated works such as blog entries, news headlines, audio, and video in a standardised format. |
| |RTM|Requirements Traceability Matrix. | |RTM|Requirements Traceability Matrix. | ||
| - | |RTQ|Risk | + | |RTQ|Risk |
| |Rule Set Based Access Control|RSBAC.| | |Rule Set Based Access Control|RSBAC.| | ||
| |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.| | |:::|Rule Set Based Access Control targets actions based on rules for entities operating on objects.| | ||
| Line 722: | Line 792: | ||
| |UAT|User Acceptance Testing.| | |UAT|User Acceptance Testing.| | ||
| |UDF|User Defined Field.| | |UDF|User Defined Field.| | ||
| - | |UDP|User Datagram Protocol)| | + | |UDP|User Datagram Protocol| |
| |:::|A communications protocol that, like TCP, runs on top of IP networks. | |:::|A communications protocol that, like TCP, runs on top of IP networks. | ||
| |UDP Scan|UDP scans perform scans to determine which UDP ports are open.| | |UDP Scan|UDP scans perform scans to determine which UDP ports are open.| | ||
| Line 769: | Line 839: | ||
| |Windowing|A windowing system is a system for sharing a computer' | |Windowing|A windowing system is a system for sharing a computer' | ||
| |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | |Windump|Windump is a freeware tool for Windows that is a protocol analyzer that can monitor network traffic on a wire.| | ||
| - | |Wired Equivalent Privacy|WEP. | + | |Wired Equivalent Privacy|WEP.| |
| + | |:::|A security protocol for wireless local area networks defined in the standard IEEE 802.11b.| | ||
| |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | |Wireless Application Protocol|A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, | ||
| |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.| | |Wiretapping|Monitoring and recording data that is flowing between two points in a communication system.| | ||
| - | |World Wide Web Consortium|W3C. The W3C is an international organization that develops Web standards.| | + | |World Wide Web Consortium|W3C.| |
| - | |World Wide Web|WWW. | + | |:::|The W3C is an international organization that develops Web standards.| |
| + | |World Wide Web|WWW.| | ||
| + | |:::|Also known as "THE WEB" or W3.| | ||
| |Worm|A computer program that can run independently, | |Worm|A computer program that can run independently, | ||
| |WWW|World Wide Web.| | |WWW|World Wide Web.| | ||
glossary/start.1689606328.txt.gz · Last modified: 2023/07/17 15:05 by peter