Browse Definitions :

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

802 - CLI

  • 802.11x - 802.11x refers to a group of evolving wireless local area network (WLAN) standards that are under development as elements of the IEEE 802.
  • AAA server (authentication, authorization, and accounting) - An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization, and accounting (AAA) services.
  • AccessChk - AccessChk is a free Sysinternals command-line utility that shows what access a user or group of users has to a particular service, file, folder or registry key.
  • AccessEnum - AccessEnum is a free Sysinternals tool that offers administrators a view of the full file system and registry security settings to ensure that users have appropriate permissions to access files and directories.
  • ACF2 or CA-ACF2 (Access Control Facility) - ACF2 (more formally, CA-ACF2; the ACF stands for Access Control Facility) is a set of programs from Computer Associates that enable security on mainframes.
  • acoustical infection - Acoustic infection is a type of malware that uses a compromised computer’s sound card and speakers to send data using a covert ultrasonic acoustical mesh network.
  • acoustical mesh network - An acoustical mesh network is a decentralized communication system that transmits data by using sound to connect computers.
  • active attack - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target.
  • Active Directory domain (AD domain) - An Active Directory domain is a collection of objects within a Microsoft Active Directory network.
  • Active Directory forest (AD forest) - An Active Directory forest is the highest level of organization within Active Directory.
  • Active Directory tree (AD tree) - An Active Directory tree is a collection of domains within a Microsoft Active Directory network.
  • active man-in-the-middle attack (MitM) - Active man-in-the-middle (MitM) is an attack method that allows an intruder to access sensitive information by intercepting and altering communications between the user of a public network and a requested website.
  • active reconnaissance - Active reconnaissance is a type of computer attack in which an intruder engages with the targeted system to gather information about vulnerabilities.
  • adaptive security - Adaptive security is an approach to safeguarding systems and data by recognizing threat-related behaviors rather than the files and code used by virus definitions.
  • air gapping (air gap attack) - Air gapping is a security measure that involves isolating a computer or network and preventing it from establishing an external connection.
  • Alice and Bob - Alice and Bob are commonly-used names for participants in security scenarios that involve cryptography.
  • Anna Kournikova virus VBS.SST - The Anna Kournikova VBS.
  • Antigen - Sybari's Antigen is antivirus software for Lotus Domino and Microsoft Exchange.
  • antivirus software (antivirus program) - Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.
  • application blacklisting - Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.
  • application whitelisting - Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all other applications from running.
  • asymmetric cryptography (public key cryptography) - Asymmetric cryptography, also called public key cryptography, uses a pair of numerical keys that are mathematically related to encrypt and decrypt data.
  • asymmetric cyber attack - An asymmetric cyber attack refers to cyberwarfare that bypasses or sabotages a victim’s strengths while targeting their vulnerabilities.
  • attack surface - An attack surface is the total sum of the vulnerabilities that can be used to carry out a security exploit.
  • attack surface analysis - An organization's attack surface includes all the exploitable vulnerabilities in its hardware, software, connections and even its employees, in the form of social engineering.
  • attack vector - An attack vector is a path or means by which a hacker (or cracker) can gain access to a computer or network server in order to deliver a payload or malicious outcome.
  • Audiobook: Intrusion Prevention Fundamentals - Intrusion Prevention Fundamentals: An introduction to network attack mitigation with IPS.
  • audit trail - In accounting, an audit trail is the sequence of paperwork that validates or invalidates accounting entries.
  • authenticated security scan - An authenticated security scan is vulnerability testing performed as a logged in (authenticated) user.
  • authentication - Authentication is the process of determining whether someone or something is, in fact, who or what it declares itself to be.
  • authentication server - An authentication server is an application that facilitates authentication of an entity that attempts to access a network.
  • authentication ticket or ticket-granting ticket (TGT) - An authentication ticket, also known as a ticket-granting ticket (TGT), is a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process.
  • authentication, authorization, and accounting (AAA) - Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
  • authorization - Authorization is the process of giving someone permission to do or have something.
  • Automated Fingerprint Identification System (AFIS) - The Automated Fingerprint Identification System (AFIS) is a biometric identification (ID) methodology that uses digital imaging technology to obtain, store, and analyze fingerprint data.
  • Automatic Identification and Data Capture (AIDC) - Automatic Identification and Data Capture (AIDC) is a broad set of technologies used to collect information from an object, image or sound without manual data entry.
  • Back Orifice - Back Orifice is a rootkit program designed to expose the security deficiencies of Microsoft's Windows operating systems.
  • backdoor (computing) - A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.
  • backscatter body scanning - Backscatter body scanning is an X-ray-based technology that yields a high-resolution image of a person's body beneath their clothing and reveals concealed objects.
  • backscatter spam - Backscatter spam, also called misdirected bounce spam or NDR spam, is a strategy for sending unsolicited email messages that takes advantage of the fact that certain types of mail transfer agent (MTA) programs return the entire message to the sender when a recipient's email address is invalid.
  • banner grabbing - Banner grabbing is the act of capturing the information provided by banners, configurable text-based welcome screens from network hosts that generally display system information.
  • banner screen - A banner screen is a configurable text “welcome” display from a network host system.
  • barnacle - In a computer, a barnacle is unwanted programming, such as adware or spyware, that is downloaded and installed along with a user-requested program.
  • bastion host - On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to screen the rest of its network from security exposure.
  • Bayesian filter - A Bayesian filter is a program that uses Bayesian logic, also called Bayesian analysis, to evaluate the header and content of an incoming e-mail message and determine the probability that it constitutes spam.
  • beaming - In infrared transmission, beaming is the communication of data between wireless devices using a beam of infrared light.
  • behavior blacklisting - Behavior blacklisting is a security method based on detecting specified suspicious actions on the part of software or human agents and blocking access accordingly.
  • behavior whitelisting - Behavior whitelisting is a security method in which permissable actions within a given system are specified and all others are blocked.
  • bifurcation - In the biometric process of fingerscanning, a bifurcation is a point in a finger image at which two ridges meet.
  • BinHex - BinHex is a utility for converting (encoding) Macintosh files into files that will travel well on networks either as files or e-mail attachments.
  • biometric verification - Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.
  • biometrics - Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.
  • BIOS attack - A BIOS attack is an exploit that infects the BIOS with malicious code and is persistent through reboots and attempts to reflash the firmware.
  • BIOS rootkit - A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration.
  • BIOS rootkit attack - A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code.
  • black hat - Black hat refers to a hacker who breaks into a computer system or network with malicious intent.
  • blacklist - A blacklist, in IT, is a collection of entities that are blocked from communicating with or logging into a computer, site or network.
  • blended threat - A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion.
  • block cipher - A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.
  • Blowfish - Blowfish is an encryption algorithm that can be used as a replacement for the DES or IDEA algorithms.
  • blue bomb (WinNuke) - A "blue bomb" (also known as "WinNuke") is a technique for causing the Windows operating system of someone you're communicating with to crash or suddenly terminate.
  • blue pill rootkit - The blue pill rootkit is malware that executes as a hypervisor to gain control of computer resources.
  • bluesnarfing - Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.
  • botnet - A botnet is a collection of internet-connected devices, which may include PCs, servers, mobile devices and internet of things devices, that are infected and controlled by a common type of malware, although users are often unaware of it.
  • botnet sinkhole - A botnet sinkhole is a target machine used by researchers to gather information about a particular botnet.
  • botnet topology - A botnet topology is the network structure by which botnet interconnections are organized.
  • brain fingerprinting - Brain fingerprinting is a controversial technique that is advocated as a way to identify a terrorist or other dangerous person by measuring the "brainprint" of that person when shown a particular body of writing or an image that was previously familiar (such as of a training camp or manual).
  • breach detection system (BDS) - Breach detection systems (BDS) are a category of applications and security devices designed to detect the activity of malware inside a network after a breach has occurred.
  • browser hijacker (browser hijacking) - A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.
  • browser isolation - Browser isolation is a cybersecurity model for web browsing that can be used to physically separate an internet user’s browsing activity from their local machine, network and infrastructure.
  • brute force attack - Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
  • buffer overflow - A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold.
  • Bugbear - Bugbear is a computer virus that spread in early October, 2002, infecting thousands of home and business computers.
  • business email compromise (BEC, man-in-the-email attack) - A business email compromise (BEC) is an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity to defraud the company or its employees, customers or partners of money.
  • bypass - Bypass, in general, means either to go around something by an external route rather than going through it, or the means of accomplishing that feat.
  • CA Privileged Access Manager - CA Privileged Access Manager is a product, available as a rack-mounted hardware appliance or a virtual appliance, that tracks and secures the usage of logins involving access to administrative control or sensitive information.
  • cache cramming - Cache cramming is a method of tricking a computer into running Java code it would not ordinarily run.
  • cache poisoning (DNS poisoning, web cache poisoning) - Cache poisoning is an attack vector that exploits the way domain name system (DNS) clients and web servers improve performance by saving old responses for a specified period of time in a temporary storage area called cache.
  • caller ID spoofing - Caller ID spoofing is a service that allows a caller to masquerade as someone else by falsifying the number that appears on the recipient's caller ID display.
  • capture - Capture is the process or means of obtaining and storing external data, particularly images or sounds, for use at a later time.
  • Carnivore - Carnivore was an Internet surveillance system developed for the U.
  • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) - Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol that forms part of the 802.
  • CERT-In (the Indian Computer Emergency Response Team) - CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology (IT) security organization.
  • certificate authority (CA) - A certificate authority (CA) is a trusted entity that issues digital certificates, which are data files used to cryptographically link an entity with a public key.
  • Certificate Revocation List (CRL) - A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted.
  • certification - In information technology as in other fields such as teaching, accounting, and acupuncture, certification is a formal process of making certain that an individual is qualified in terms of particular knowledge or skills.
  • Certified Information Systems Security Professional (CISSP) - Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².
  • Certified Wireless Networking Professional (CWNP) - Certified Wireless Networking Professional (CWNP)is the name for the family of wireless certifications from Planet3Wireless.
  • chaffing and winnowing - Chaffing and winnowing are dual components of a privacy-enhancement scheme that does not require encryption.
  • Chernobyl virus - The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.
  • chief risk officer (CRO) - The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings.
  • cipher - In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.
  • cipher block chaining (CBC) - Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block).
  • ciphertext - Ciphertext is encrypted text.
  • ciphertext feedback (CFB) - Ciphertext feedback (CFB) is a mode of operation for a block cipher.
  • Cisco Information Security Specialist (CISS) - Cisco Information Security Specialist (CISS) is an entry-level certification attesting that the holder has demonstrated the foundational knowledge and skills required to install and support a Cisco Self-Defending Network.
  • Class C2 - Class C2 is a security rating established by the U.
  • clickjacking (user-interface or UI redressing and IFRAME overlay) - Clickjacking (also known as user-interface or UI redressing and IFRAME overlay) is an exploit in which malicious coding is hidden beneath apparently legitimate buttons or other clickable content on a website.
  • client-side extension (CSE) - A client-side extension (CSE) is an integral component of enterprise group policy administration that applies Group Policy to users or endpoint systems.
  • clipboard hijack attack - A clipboard hijacking is an exploit in which the attacker gains control of the victim's clipboard and replaces its contents with their own data, such as a link to a malicious Web site.

-ADS BY GOOGLE

SearchCompliance

SearchSecurity

  • cybersecurity

    Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from cyberattacks.

  • asymmetric cryptography (public key cryptography)

    Asymmetric cryptography, also called public key cryptography, uses a pair of numerical keys that are mathematically related to ...

  • digital signature

    A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

  • hard disk drive (HDD)

    A computer hard disk drive (HDD) is a non-volatile memory hardware device that controls the positioning, reading and writing of ...

  • byte

    In most computer systems, a byte is a unit of data that is eight binary digits long. Bytes are often used to represent a ...

  • network-attached storage (NAS)

    Network-attached storage (NAS) is dedicated file storage that enables multiple users and heterogeneous client devices to retrieve...

Close