Browse Definitions :

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

HOL - PAS

  • holistic security - Holistic security is an approach that seeks to integrate all the elements designed to safeguard an organization, considering them as a complex and interconnected system.
  • honeynet - A honeynet is a network set up with intentional vulnerabilities hosted on a decoy server to attract hackers.
  • honeypot (computing) - A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems.
  • hot mic (roving bug) - A hot mic, in a mobile security context, is a smartphone microphone that has been remotely activated for surveillance purposes.
  • Hypertext Transfer Protocol Secure (HTTPS) - Hypertext Transfer Protocol Secure (HTTPS) is a protocol that secures communication and data transfer between a user's web browser and a website.
  • hypervisor attack - A hypervisor attack can allow hackers to take control of your VMs.
  • icacls - icacls is a command-line utility that can be used to modify NTFS file system permissions in Windows Server 2003 SP2, Windows Server 2008, Windows Vista and Windows 7.
  • ICS security (industrial control system security) - ICS security is the area of concern involving the safeguarding of industrial control systems, the integrated hardware and software designed to monitor and control the operation of machinery and associated devices in industrial environments.
  • identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.
  • incident response team - An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.
  • industrial espionage - Industrial espionage is the covert, and sometimes illegal, practice of investigating competitors to gain a business advantage.
  • ingress filtering - Ingress filtering is a method used by enterprises and internet service providers (ISPs) to prevent suspicious traffic from entering a network.
  • initialization vector (IV) - An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption.
  • input validation attack - An input validation attack is any malicious action against a computer system that involves manually entering strange information into a normal user input field.
  • insider threat - An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.
  • integer overflow - Integer overflow is the result of trying to place into computer memory an integer (whole number) that is too large for the integer data type in a given system.
  • International Data Encryption Algorithm (IDEA) - The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet.
  • international private leased circuit (IPLC) - An international private leased circuit (IPLC) is a point-to-point private line used by an organization to communicate between offices that are dispersed throughout the world.
  • Internet Crime Complaint Center (IC3) - The Internet Crime Complaint Center (IC3) is a website and that offers users a standardized mechanism and interface to report suspected cybercrime or other illegal activity facilitated by the internet.
  • Internet Key Exchange (IKE) - Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).
  • Internet porn - Internet porn is sexually explicit content made available online in various formats including images, video files, video games and streaming video.
  • Internet Storm Center - The Internet Storm Center is a website provided by the SANS Institute that monitors current online security attacks and publishes information about them.
  • intrusion detection system (IDS) - An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.
  • intrusion prevention system (IPS) - An intrusion prevention system (IPS) is a network security and threat prevention tool.
  • IoT attack surface - The IoT attack surface is the sum total of all potential security vulnerabilities in IoT devices and associated software and infrastructure in a given network, be it local or the entire Internet.
  • IoT botnet (Internet of Things botnet) - An IoT botnet (Internet of Things botnet) is a group of hacked computers, smart appliances and Internet-connected devices that have been co-opted for illicit purposes.
  • IoT policy (Internet of Things policy) - An Internet of Things policy is a document that provides a comprehensive guide designed to help an organization deal with the complex issues surrounding the IoT.
  • IoT security (internet of things security) - IoT security is the technology segment focused on safeguarding connected devices and networks in the internet of things (IoT).
  • IP surveillance - IP surveillance is a digitized and networked version of closed-circuit television (CCTV).
  • IPsec (Internet Protocol Security) - IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.
  • iris recognition - Iris recognition is a method of identifying people based on unique patterns within the ring-shaped region surrounding the pupil of the eye.
  • ISA Server - Microsoft's ISA Server (Internet Security and Acceleration Server) was the successor to Microsoft's Proxy Server 2.
  • island hopping attack - In this type of backdoor attack, the threat actor exploits a weakness downstream from the actual target and uses it as a launching point to reach the intended target.
  • ISO 27001 - ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS).
  • ISO/IEC 38500 - ISO/IEC 38500 is an international standard created to guide corporate governance of information technology (IT).
  • JavaScript hijacking - JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML).
  • John the Ripper - John the Ripper is a popular free password cracking tool that combines several different cracking programs and runs in both brute force and dictionary attack modes.
  • Just Enough Administration (JEA) - Just Enough Administration (JEA) is a PowerShell toolkit designed to help an organization reduce risk by restricting IT administrative rights.
  • Kerberos - Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.
  • Kerckhoff's principle - Kerckhoff's principle is the concept that a cryptographic system should be secure, even if all its details are public knowledge except for the key.
  • key fob - A key fob is a small, programmable device that provides access to a physical object.
  • keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger or keyboard capture, is a type of surveillance technology used to monitor and record each keystroke on a specific computer.
  • Layer Two Tunneling Protocol (L2TP) - Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used by an internet service provider (ISP) to enable the operation of a virtual private network (VPN) over the internet.
  • LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
  • log management - Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log data created within an information system.
  • logic bomb - A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.
  • Luhn algorithm (modulus 10) - The Luhn algorithm, also called modulus 10 or modulus 10 algorithm, is a simple mathematical formula used to validate a user's identification numbers.
  • LUN masking - LUN masking is an authorization mechanism used in storage area networks (SANs) to make LUNs available to some hosts but unavailable to other hosts.
  • malware - Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.
  • man in the browser (MitB) - Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions.
  • managed file transfer (MFT) - Managed file transfer (MFT) is a type of software used to provide secure internal, external and ad-hoc data transfers through a network.
  • Massachusetts data protection law - What is the Massachusetts data protection law?The Massachusetts data protection law is legislation that stipulates security requirements for organizations that handle the private data of residents.
  • MD5 - The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.
  • meet-in-the-middle attack - Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key.
  • Melissa virus - Melissa was a type of email virus that initially become an issue in early 1999.
  • memory dump attack - A memory dump attack is the capture and use of RAM content that was written to a storage drive during an unrecoverable error, which was typically triggered by the attacker.
  • Metamorphic virus - A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration.
  • MICR (magnetic ink character recognition) - MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.
  • microsegmentation - Microsegmentation is a technique used to divide a network into logical and secure units through the application of policies that dictate how data and applications are accessed and controlled.
  • Microsoft Antigen - Microsoft Antigen is a set of programs that provides security and e-mail filtering for network servers.
  • Microsoft Network Policy and Access Services (Microsoft NPAS) - Microsoft Network Policy and Access Services (Microsoft NPAS) is a server role in Windows 2008 and Windows Server 2012 that allows administrators to provide local and remote network access.
  • Microsoft Online Services Sign-In Assistant - The Microsoft Online Services Sign-In Assistant is a software application that provides common sign-on capabilities for a suite of Microsoft online services, such as Office 365.
  • mobile hotspot - A mobile hotspot is an ad hoc wireless access point that is created by a dedicated hardware device or a smartphone feature that shares the phone's cellular data.
  • mobile security (wireless security) - Mobile security is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they connect to, from threats and vulnerabilities associated with wireless computing.
  • mobile security certification - A mobile security certification is a formalized program that verifies the participant’s competency in tasks related to mobile security and administration.
  • mobile spyware - Mobile spyware is monitoring software that is installed on a mobile device without the end user's knowledge.
  • mutual authentication - Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other.
  • national identity card - A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity.
  • NBAR (Network Based Application Recognition) - Network Based Application Recognition (NBAR) is a mechanism that classifies and regulates bandwidth for network applications to ensure that available resources are utilized as efficiently as possible.
  • near-field communication (NFC) - Near-field communication (NFC) is a short-range wireless connectivity technology that uses magnetic field induction to enable communication between devices when they're touched together or brought within a few centimeters of each other.
  • network access control (NAC) - Network access control (NAC), also called network admission control, is a method to bolster the security, visibility and access management of a proprietary network.
  • network analyzer (protocol analyzer or packet analyzer) - A network analyzer -- also called a network protocol analyzer or packet analyzer -- is a software application, dedicated appliance or feature set within a network component used in network performance troubleshooting or to enhance protection against malicious activity within a corporate network.
  • network attack surface - Every point of network interaction is a part of the network attack surface.
  • network behavior anomaly detection (NBAD) - Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.
  • network operations center (NOC) - A network operations center (NOC) is a centralized place from which enterprise information technology (IT) administrators -- either internal or third party -- supervise, monitor and maintain a telecommunications network.
  • network scanning - Network scanning is a procedure for identifying active devices on a network by employing a feature or features in the network protocol to signal devices and await a response.
  • network vulnerability scanning - A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures.
  • next-generation firewall (NGFW) - A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software.
  • NICE Framework - The National Initiative for Cybersecurity Education Cybersecurity Workforce Framework (NICE Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.
  • nonrepudiation - Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information.
  • object ID (OID) - An object identifier (OID) is an unambiguous, long-term name for any type of object or entity.
  • OCSP (Online Certificate Status Protocol) - OCSP (Online Certificate Status Protocol) is one of two common schemes used to maintain the security of a server and other network resources.
  • OCTAVE - OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) is a security framework for determining risk level and planning defenses against cyber assaults.
  • offensive security - Offensive security is a proactive and antagonistic approach to protecting computer systems, networks and individuals from attacks.
  • one-time pad - In cryptography, a one-time pad is a system in which a randomly generated private key is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.
  • one-time password (OTP) - A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session.
  • OneID - OneID is a digital identity management service that provides a repository for usernames and passwords, eliminating the need for people to remember numerous arcane character sequences.
  • open security - Open security is an approach to safeguarding software, hardware and other information system components with methods whose design and details are publicly available.
  • Open Source Hardening Project - The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code.
  • Open System Authentication (OSA) - Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.
  • OpenAppID - OpenAppID is an application-layer network security plugin for the open source intrusion detection system Snort.
  • OpenPGP - OpenPGP is an open and free version of the Pretty Good Privacy (PGP) standard that defines encryption formats to enable private messaging abilities for email and other message encryption.
  • organizational unit (OU) - An organizational unit (OU) is a container within a Microsoft Active Directory domain which can hold users, groups and computers.
  • owned - Owned, in common slang, means decisively defeated, with the implication of domination and possession.
  • palm vein recognition - Palm vein recognition is a biometric authentication method based on the unique patterns of veins in the palms of people’s hands.
SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an...

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • data compliance

    Data compliance is a process that identifies the applicable governance for data protection, security, storage and other ...

SearchCIO
  • data privacy (information privacy)

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • leadership skills

    Leadership skills are the strengths and abilities individuals demonstrate that help to oversee processes, guide initiatives and ...

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

SearchHRSoftware
SearchCustomerExperience
  • recommerce

    Recommerce is the selling of previously owned items through online marketplaces to buyers who reuse, recycle or resell them.

  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

Close