Browse Definitions :

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

CRY - HAS

  • cryptographic checksum - Generated by a cryptographic algorithm, a cryptographic checksum is a mathematical value assigned to a file sent through a network for verifying that the data contained in that file is unchanged.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use.
  • cryptography - Cryptography is a method of protecting information and communications through the use of codes, so that only those for whom the information is intended can read and process it.
  • cryptology - Cryptology is the mathematics, such as number theory and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
  • cryptosystem - A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.
  • cyber hijacking - Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications.
  • cyber resilience - Cyber resilience is a concept that refers to the security that goes beyond defense and prevention to focus on response and resilience in moments of crisis.
  • cyber vigilantism - Cyber vigilantism is a rough approximation of law enforcement or an attempt at achieving justice or accomplishing something online through unauthorized channels.
  • cybercrime - Cybercrime is any criminal activity that involves a computer, networked device or a network.
  • Cybersecurity and Infrastructure Security Agency (CISA) - Cybersecurity and Infrastructure Security Agency (CISA) is the division of the Department of Homeland Security (DHS) that is tasked with defending the infrastructure of the internet and improving its resilience and security.
  • cyberwarfare - The generally accepted definition of cyberwarfare is the use of cyber attacks against a nation-state, causing it significant harm, up to and including physical warfare, disruption of vital computer systems and loss of life.
  • data availability - Data availability is a term used by computer storage manufacturers and storage service providers to describe how data should be available at a required level of performance in situations ranging from normal through disastrous.
  • Data Encryption Standard (DES) - Data Encryption Standard (DES) is an outdated symmetric key method of data encryption.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data protection management (DPM) - Data protection management (DPM) comprises the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user account with the ability to decrypt data that was encrypted by other users.
  • data splitting - Data splitting is when data is divided into two or more subsets.
  • database activity monitoring (DAM) - Database activity monitoring (DAM) systems monitor and record activity in a database and then generate alerts for anything unusual.
  • deception technology - Deception technology is a class of security tools and techniques designed to prevent an attacker who has already entered the network from doing damage.
  • deep packet inspection (DPI) - Deep packet inspection (DPI) is an advanced method of examining and managing network traffic.
  • default password - Default passwords are commonly used for routers, access points, switches and firewalls.
  • denial-of-service attack - A denial-of-service (DoS) attack is a security event that occurs when an attacker makes it impossible for legitimate users to access computer systems, devices, services or other IT resources.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming.
  • digital certificate - A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it.
  • digital identity - A digital identity is the body of information about an individual, organization or electronic device that exists online.
  • digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
  • Digital Signature Standard (DSS) - The Digital Signature Standard (DSS) is a digital signature algorithm (DSA) developed by the U.
  • DirectAccess - DirectAccess is a feature introduced in Windows Server 2008 R2 and Windows 7 that uses automated IPv6 and IPSec tunnels to allow remote users to access private network resources whenever they are connected to the Internet.
  • directory traversal - Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory.
  • disaster recovery plan (DRP) - A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume work after an unplanned incident.
  • distributed denial-of-service (DDoS) attack - A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DMZ in networking - In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet.
  • DNS amplification attack - A DNS amplification attack is a reflection-based distributed denial of service (DDos) attack.
  • DNS rebinding attack - DNS rebinding is an exploit in which the attacker uses JavaScript in a malicious Web page to gain control of the victim's router.
  • DNS redirection - DNS redirection is the controversial practice of serving a Web page to a user that is different from either the one requested or one that might reasonably be expected, such as an error page.
  • DNS Security Extensions (DNSSEC) - DNS Security Extensions (DNSSEC) are a set of Internet Engineering Task Force (IETF) standards created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats.
  • due diligence - Due diligence definition: Due diligence is the process of systematically researching and verifying the accuracy of a particular statement.
  • Dynamic ARP Inspection (DAI) - Dynamic ARP Inspection (DAI) is a security feature that verifies address resolution protocol (ARP) requests and responses in a network.
  • early warning system - An early warning system is technology and associated policies and procedures designed to predict and mitigate the harm of natural and human-initiated disasters.
  • eavesdropping - Eavesdropping is the unauthorized real-time interception of a private communication, such as a phone call, instant message, videoconference or fax transmission.
  • egress filtering - Egress filtering is a process in which outbound data is monitored or restricted, usually by means of a firewall that blocks packets that fail to meet certain security requirements.
  • Electronic Code Book (ECB) - Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption.
  • elliptical curve cryptography (ECC) - Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller and more efficient cryptographic keys.
  • EM shielding (electromagnetic shielding) - EM shielding (electromagnetic shielding) is the practice of surrounding electronics and cables with conductive or magnetic materials to guard against incoming or outgoing emissions of electromagnetic frequencies (EMF).
  • email security gateway - An email security gateway is a product or service that is designed to prevent the transmission of emails that break company policy, send malware or transfer information with malicious intent.
  • email spoofing - Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.
  • embedded device hacking - Embedded device hacking is the exploiting of vulnerabilities in embedded software to gain control of the device.
  • embedded system security - Embedded system security is a strategic approach to protecting software running on embedded systems from attack.
  • encoding and decoding - Encoding and decoding are used in many forms of communications, including computing, data communications, programming, digital electronics and human communications.
  • encryption - Encryption is the method by which information is converted into secret code that hides the information's true meaning.
  • encryption key - In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text or to decrypt encrypted text.
  • encryption key management - Encryption key management is the administration of tasks involved with protecting, storing, backing up and organizing encryption keys.
  • end-to-end encryption (E2EE) - End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another.
  • endpoint authentication (device authentication) - Endpoint authentication is a security mechanism designed to ensure that only authorized devices can connect to a given network, site or service.
  • endpoint security (endpoint security management) - Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted.
  • endpoint security management - Endpoint security management is a policy-based approach to network security that requires endpoint devices to comply with specific criteria before they are granted access to network resources.
  • enterprise risk management (ERM) - Enterprise risk management is the process of planning, organizing, directing and controlling the activities of an organization to minimize the deleterious effects of risk on its capital and earnings.
  • enterprise wipe - Enterprise wipe is a security feature offered by many Mobile Device Management (MDM) products which selectively erases only those device settings, user data, applications, and application data that were previously installed by that MDM.
  • ethical hacker - An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit.
  • event - An event, in a computing context, is an action or occurrence that can be identified by a program and has significance for system hardware or software.
  • event handling - Event handling is the receipt of an event at some event handler from an event producer and subsequent processes.
  • event stream processing (ESP) - Event stream processing (ESP) is a software capacity designed to support implementation of event-driven architectures.
  • evil twin attack - An evil twin attack is a rogue Wi-Fi access point (AP) that masquerades as a legitimate one, enabling an attacker to gain access to sensitive information without the end user's knowledge.
  • Extensible Authentication Protocol (EAP) - The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.
  • Facebook scam - A Facebook scam is a post or page on the popular social networking site designed to deceive users and spread rapidly through their personal networks.
  • facial recognition - Facial recognition is a category of biometric software that maps an individual's facial features mathematically and stores the data as a faceprint.
  • Faraday cage - A Faraday cage is a metallic enclosure that prevents the entry or escape of an electromagnetic field (EM field).
  • fast flux DNS - Fast flux DNS is a technique that a cybercriminal can use to prevent identification of his key host server's IP address.
  • FCAPS (fault, configuration, accounting, performance and security) - FCAPS (fault, configuration, accounting, performance and security) is a network management framework created by the International Organization for Standardization (ISO).
  • FFIEC compliance (Federal Financial Institutions Examination Council) - FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC).
  • FIDO (Fast Identity Online) - FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication.
  • finger vein ID - Finger vein ID is a biometric authentication system that matches the vascular pattern in an individual's finger to previously obtained data.
  • firefighting - Firefighting is an emergency allocation of resources, required to deal with an unforeseen problem.
  • Firesheep - Firesheep is a Firefox plug-in that automates session hijacking attacks over unsecured Wi-Fi networks.
  • firewall - A firewall is software or firmware that prevents unauthorized access to a network.
  • firewall as a service (FWaaS) - Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic inspection capabilities to customers seeking to decommission or augment their existing network firewall appliances.
  • Five Eyes Alliance - The Five Eyes Alliance (abbreviated as FVEY in government documents) is a cooperative intelligence network that monitors the electronic communications of citizens and foreign governments.
  • flow routing - Flow routing is a network routing technology that takes variations in the flow of data into account to increase routing efficiency.
  • footprinting - Footprinting is an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, an infrastructure and networks to identify opportunities to penetrate them.
  • frequency-hopping spread spectrum (FHSS) - Frequency-hopping spread spectrum (FHSS) transmission is the repeated switching of the carrier frequency during radio transmission to reduce interference and avoid interception.
  • friendly virus - A friendly virus is malware that is designed to be helpful in some way rather than destructive or annoying, as is typically the case with conventional viruses.
  • full-disk encryption (FDE) - What is full-disk encryption (FDE)?Full-disk encryption (FDE) is encryption at the hardware level.
  • geolocation - Geolocation is the detection of the physical location of an Internet connected computing device.
  • globbing - Globbing is the process of expanding a non-specific file name containing a wildcard character into a set of specific file names that exist in storage on a computer, server, or network.
  • going dark - Going dark describes a scenario in which communication appears to have ceased, but in reality has just moved from a public communication channel to a private, encrypted channel.
  • Google dork query - Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries.
  • Google Hack Honeypot (GHH) - A Google hack honeypot is a system designed to be vulnerable to sophisticated search engine queries for the purpose of attracting hackers and studying their behavior.
  • GPS jamming - GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.
  • GPS tracking - GPS tracking is the surveillance of location through use of the Global Positioning System (GPS ) to track the location of an entity or object remotely.
  • graceful degradation - Graceful degradation is the ability of a computer, machine, electronic system or network to maintain limited functionality even when a large portion of it has been destroyed or rendered inoperative.
  • Group Policy Object (GPO) - Microsoft’s Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users.
  • gummy bear hack - A gummy bear hack is an attempt to fool a biometric fingerprint scanner by using a gelatin-based candy to hold a fingerprint.
  • hacker - A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.
  • hacking as a service (HaaS) - Hacking as a service (HaaS) is the commercialization of hacking skills, in which the hacker serves as a contractor.
  • hacktivism - Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.
  • hard-drive encryption - Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.
  • hardware security - Hardware security is vulnerability protection that comes in the form of a physical device rather than software that's installed on the hardware of a computer system.
  • hashing - Hashing is the process of transforming any given key or a string of characters into another value.
SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an...

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • data compliance

    Data compliance is a process that identifies the applicable governance for data protection, security, storage and other ...

SearchCIO
  • data privacy (information privacy)

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • leadership skills

    Leadership skills are the strengths and abilities individuals demonstrate that help to oversee processes, guide initiatives and ...

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

SearchHRSoftware
SearchCustomerExperience
  • recommerce

    Recommerce is the selling of previously owned items through online marketplaces to buyers who reuse, recycle or resell them.

  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

Close