Browse Definitions :

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

CLO - EMA

  • cloud computing security - Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use.
  • cloud encryption (cloud storage encryption) - Cloud encryption is a service offered by cloud storage providers whereby data, or text, is transformed using encryption algorithms and is then placed on a storage cloud.
  • CloudAudit - CloudAudit is a specification for the presentation of information about how a cloud computing service provider addresses control frameworks.
  • CloudAV - CloudAV is a program that combines multiple antivirus applications and scans user files over a network of servers.
  • cluster name object (CNO) - A cluster name object (CNO) is an Active Directory computer object linked with the network resource Cluster Name.
  • CMDSP (Certified Mobile Device Security Professional) - CMDSP (Certified Mobile Device Security Professional) is a certification program offered by the Mobile Resource Group that provides a standardized assurance of competency in the field of mobile security and administration.
  • cocooning - Cocooning is the act of insulating or hiding oneself from the normal social environment, which may be perceived as distracting, unfriendly, dangerous, or otherwise unwelcome, at least for the present.
  • command-and-control server (C&C server) - A command and control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware.
  • Common Vulnerabilities and Exposures (CVE) - Common Vulnerabilities and Exposures (CVE) provides unique identifiers for publicly known security threats.
  • computer exploit - A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • Computer Fraud and Abuse Act (CFAA) - The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that made it a federal crime to access a protected computer without proper authorization.
  • Computer Security Incident Response Team (CSIRT) - A Computer Security Incident Response Team (CSIRT) is a group of IT professionals that provides an organization with services and support surrounding the prevention, management and coordination of potential cybersecurity-related emergencies.
  • computer worm - A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining active on infected systems.
  • Conduit browser hijacker - Conduit is a browser hijacker that is usually installed without the user’s knowledge through a drive-by download.
  • Conficker - Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
  • confidentiality, integrity, and availability (CIA triad) - Confidentiality, integrity, and availability, known as the CIA triad, is a model designed to guide information security practices and policies within an organization.
  • Content Protection for Removable Media (CPRM) - Content Protection for Removable Media (CPRM) is a hardware-based technology designed to enforce copy protection restrictions through built-in mechanisms in storage media that would prevent unauthorized file copying.
  • context-aware network access control - Context-aware network access control (CANAC) is an approach to managing the security of a proprietary network by granting access to network resources according to contextual-based security policies.
  • cookie poisoning - On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.
  • corporate area network (CAN) - A corporate area network (CAN) is a separate, protected portion of a corporation's intranet.
  • countermeasure - A countermeasure is an action, process, device, or system that can prevent, or mitigate the effects of, threats to a computer, server or network.
  • cracker - A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security.
  • CRAM (challenge-response authentication mechanism) - CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).
  • critical infrastructure and key resources (CIKR) - Critical infrastructure and key resources (CIKR) is the collective of natural and man-made resources, along with the systems for their processing and delivery, upon which a nation depends on for functioning.
  • critical infrastructure security - Critical infrastructure security is the area of concern surrounding the protection of systems, networks and assets whose continuous operation is deemed necessary to ensure the security of a given nation, its economy, and the public’s health and/or safety.
  • cryptographic checksum - A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use, typically related to cryptographic communication or information technology.
  • cryptography - Cryptography is a method of protecting information and communications through the use of codes so that only those for whom the information is intended can read and process it.
  • cryptology - Cryptology is the mathematics, such as number theory, and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
  • cryptoperiod (key lifetime or a validity period) - A cryptoperiod (sometimes called a key lifetime or a validity period) is a specific time span during which a cryptographic key setting remains in effect.
  • cryptosystem - A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.
  • cyber resilience - Cyber resilience is a concept that refers to the security that goes beyond defense and prevention to focus on response and resilience in moments of crisis.
  • cyber vigilantism - Cyber vigilantism is a rough approximation of law enforcement or an attempt at achieving justice or accomplishing something online through unauthorized channels.
  • cybercrime - Cybercrime is any criminal activity that involves a computer, networked device or a network.
  • cybersecurity - Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.
  • Cybersecurity and Infrastructure Security Agency (CISA) - Cybersecurity and Infrastructure Security Agency (CISA) is a division of the Department of Homeland Security (DHS) that is tasked with the defense of the infrastructure of the internet and the charge to design measures to improve the infrastructure’s resilience and security.
  • Cybersecurity Enhancement Act of 2009 (S.773) - The Cybersecurity Enhancement Act of 2009 (S.
  • cyberwarfare - Cyberwarfare is computer- or network-based conflict involving politically motivated attacks by a nation-state on another nation-state.
  • daisy chain - A daisy chain is an interconnection of computer devices, peripherals, or network nodes in series, one after another.
  • darknet - A darknet is a routed allocation of IP address space that is not discoverable by any usual means.
  • DAT USB drive - A DAT USB drive is a tape drive with digital audio tape (DAT) that can be plugged into a Universal Serial Bus (USB) connection as a simple and relatively low-cost way to back up data routinely, especially on servers.
  • data availability - Data availability is a term used by some computer storage manufacturers and storage service providers (SSPs) to describe products and services that ensure that data continues to be available at a required level of performance in situations ranging from normal through "disastrous.
  • Data Encryption Standard (DES) - The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data key - In cryptography, a data key is a key (a variable value that is applied to a string or block of text to encrypt or decrypt it) that is used to encrypt or decrypt data only and is not used to encrypt or decrypt other keys, as some encryption formulas call for.
  • data protection management (DPM) - Data protection management (DPM) is the administration of backup processes to ensure that tasks run on schedule, and that data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user who has been granted the right to decrypt data that was encrypted by other users.
  • Data Security Council of India (DSCI) - The Data Security Council of India (DSCI) is a not-for-profit organization created to promote the country as a secure destination for information technology (IT) outsourcing.
  • data splitting - Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.
  • database activity monitoring (DAM) - Database activity monitoring (DAM) systems monitor and record activity in a database and then generate alerts for anything unusual.
  • deception technology - Deception technology is a class of security tools and techniques designed to prevent an attacker who has already entered the network from doing damage.
  • decipher - All three terms - decipher, decrypt, and decode - mean to convert ciphertext into the original, unencrypted plaintext.
  • deep packet inspection (DPI) - Deep packet inspection (DPI) is an advanced method of examining and managing network traffic.
  • default password - Default passwords are commonly used for routers, access points, switches and firewalls.
  • Defense Message System (DMS) - The Defense Message System (DMS) is a secure X.
  • deniable encryption - Deniable encryption is a type of cryptography that allows an encrypted text to be decrypted in two or more ways, depending on which decryption key is used.
  • denial-of-service attack - A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.
  • deperimeterization - In network security, deperimeterization is a strategy for protecting a company's data on multiple levels by using encryption and dynamic data-level authentication.
  • depository - A depository is a file or set of files in which data is stored for the purpose of safekeeping or identity authentication.
  • device attack - A device attack is an exploit in which the attacker takes advantage of a vulnerable device to gain network access.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming.
  • digital certificate - A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it.
  • digital identity - A digital identity is the body of information about an individual, organization or electronic device that exists online.
  • digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
  • Digital Signature Standard (DSS) - Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.
  • Digital Silhouettes - Digital Silhouettes is the trademarked name that Predictive Networks has given to user profiles that are established through gathered click stream data and artificial intelligence (AI) processes.
  • DirectAccess - DirectAccess is a feature introduced in Windows Server 2008 R2 and Windows 7 that uses automated IPv6 and IPSec tunnels to allow remote users to access private network resources whenever they are connected to the Internet.
  • directory harvest attack (DHA) - A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database.
  • directory traversal - Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory.
  • disaster recovery plan (DRP) - A company's disaster recovery policy is enhanced with a documented DR plan that formulates strategies, and outlines preparation work and testing.
  • discoverability - Discoverability is the capacity of something to be found.
  • disruption-tolerant network (DTN) - A disruption-tolerant network (DTN) is a network designed so that temporary or intermittent communications problems, limitations and anomalies have the least possible adverse impact.
  • distributed denial of service (DDoS) attack - A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DMZ (networking) - In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks, usually the internet.
  • DNS amplification attack - A DNS amplification attack is a reflection-based distributed denial of service (DDos) attack.
  • DNS rebinding attack - DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router.
  • DNS redirection - DNS redirection is the controversial practice of serving a Web page to a user that is different from either the one requested or one that might reasonably be expected, such as an error page.
  • DNS Security Extensions (DNSSEC) - DNS Security Extensions (DNSSEC) are a set of Internet Engineering Task Force (IETF) standards created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats.
  • domain rotation - Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor.
  • DomainKeys - DomainKeys is an anti-spam software application in development at Yahoo that uses a form of public key cryptography to authenticate the sender's domain.
  • dongle - A dongle (pronounced DONG-uhl) is a mechanism for ensuring that only authorized users can copy or use specific software applications, especially very expensive programs.
  • drive-by pharming - Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data.
  • drive-by spamming - Drive-by spamming is a variation of drive-by hacking in which the perpetrators gain access to a vulnerable wireless local area network (WLAN) and use that access to send huge volumes of spam.
  • DSO exploit (data source object exploit) - A data source object (DSO) exploit is a form of spyware that takes advantage of data binding to gain access to the hard drive of a computer connected to the Internet.
  • due diligence - Due diligence definition: Due diligence is the process of systematically researching and verifying the accuracy of a particular statement.
  • dumb network - A dumb network is one that provides the physical interconnection between nodes but not much processing to support signaling.
  • Dynamic ARP Inspection (DAI) - Dynamic ARP Inspection (DAI) is a security feature that verifies address resolution protocol (ARP) requests and responses in a network.
  • dynamic packet filter - A dynamic packet filter is a firewall facility that can monitor the state of active connections and use this information to determine which network packets to allow through the firewall.
  • early warning system - An early warning system is technology and associated policies and procedures designed to predict and mitigate the harm of natural and human-initiated disasters.
  • eavesdropping - Eavesdropping is the unauthorized real-time interception of a private communication, such as a phone call, instant message, videoconference or fax transmission.
  • Echelon - Echelon is an officially unacknowledged U.
  • egress filtering - Egress filtering is a process in which outbound data is monitored or restricted, usually by means of a firewall that blocks packets that fail to meet certain security requirements.
  • Electrohippies Collective - The Electrohippies Collective is an international group of hacktivists based in Oxfordshire, England, whose purpose is to express its displeasure with the use of the Internet "as a tool for corporate communications and propaganda.
  • Electronic Code Book (ECB) - Electronic Code Book (ECB) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa.
  • Elk Cloner - Elk Cloner was the first computer virus known to have spread in the wild.
  • elliptical curve cryptography (ECC) - Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.
  • EM shielding (electromagnetic shielding) - EM shielding (electromagnetic shielding) is the practice of surrounding electronics and cables with conductive or magnetic materials to guard against incoming or outgoing emissions of electromagnetic frequencies (EMF).
  • email security gateway - An email security gateway is a product or service that is designed to prevent the transmission of emails that break company policy, send malware or transfer information with malicious intent.
  • email spoofing - Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source.

-ADS BY GOOGLE

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are ...

  • botnet

    A botnet is a collection of internet-connected devices, which may include PCs, servers, mobile devices and internet of things ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

  • DRAM (dynamic random access memory)

    Dynamic random access memory (DRAM) is a type of semiconductor memory that is typically used for the data or program code needed ...

  • RAID 10 (RAID 1+0)

    RAID 10, also known as RAID 1+0, is a RAID configuration that combines disk mirroring and disk striping to protect data.

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

Close