Browse Definitions :

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

GEO - NET

  • geolocation - Geolocation is the detection of the physical location of an Internet connected computing device.
  • going dark - Going dark describes a scenario in which communication appears to have ceased, but in reality has just moved from a public communication channel to a private, encrypted channel.
  • Google dork query - Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries.
  • Google Hack Honeypot (GHH) - A Google hack honeypot is a system designed to be vulnerable to sophisticated search engine queries for the purpose of attracting hackers and studying their behavior.
  • GPS jamming - GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.
  • GPS tracking - GPS tracking is the surveillance of location through use of the Global Positioning System (GPS ) to track the location of an entity or object remotely.
  • graceful degradation - Graceful degradation is the ability of a computer, machine, electronic system or network to maintain limited functionality even when a large portion of it has been destroyed or rendered inoperative.
  • Group Policy Object (GPO) - Microsoft’s Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users.
  • gummy bear hack - A gummy bear hack is an attempt to fool a biometric fingerprint scanner by using a gelatin-based candy to hold a fingerprint.
  • hacker - A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.
  • hacking as a service (HaaS) - Hacking as a service (HaaS) is the commercialization of hacking skills, in which the hacker serves as a contractor.
  • hacktivism - Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.
  • hard-drive encryption - Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.
  • hardware security - Hardware security is vulnerability protection that comes in the form of a physical device rather than software that is installed on the hardware of a computer system.
  • hashing - Hashing is the process of transforming any given key or a string of characters into another value.
  • holistic security - Holistic security is an approach that seeks to integrate all the elements designed to safeguard an organization, considering them as a complex and interconnected system.
  • honeynet - A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.
  • honeypot (computing) - A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems.
  • hot mic (roving bug) - A hot mic, in a mobile security context, is a smartphone microphone that has been remotely activated for surveillance purposes.
  • HTTPS (HTTP over SSL or HTTP Secure) - HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering.
  • human attack surface - Human attack surface is the totality of all security vulnerabilities within a given system or network that are created through human activities.
  • hypervisor attack - A hypervisor attack can allow hackers to take control of your VMs.
  • icacls - icacls is a command-line utility that can be used to modify NTFS file system permissions in Windows Server 2003 SP2, Windows Server 2008, Windows Vista and Windows 7.
  • ICS security (industrial control system security) - ICS security is the area of concern involving the safeguarding of industrial control systems, the integrated hardware and software designed to monitor and control the operation of machinery and associated devices in industrial environments.
  • identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.
  • image replay attack - An image replay attack is the use of a picture to fool an authentication method.
  • incident response team - An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.
  • industrial espionage - Industrial espionage is the covert, and sometimes illegal, practice of investigating competitors to gain a business advantage.
  • ingress filtering - Ingress filtering is a method used by enterprises and internet service providers (ISPs) to prevent suspicious traffic from entering a network.
  • initialization vector (IV) - An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption.
  • input validation attack - An input validation attack is any malicious action against a computer system that involves manually entering strange information into a normal user input field.
  • insider threat - An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.
  • integer overflow - Integer overflow is the result of trying to place into computer memory an integer (whole number) that is too large for the integer data type in a given system.
  • International Data Encryption Algorithm (IDEA) - IDEA (International Data Encryption Algorithm) is an encryption algorithm developed at ETH in Zurich, Switzerland.
  • international private leased circuit (IPLC) - An international private leased circuit (IPLC) is a point-to-point private line used by an organization to communicate between offices that are dispersed throughout the world.
  • Internet Crime Complaint Center (IC3) - The Internet Crime Complaint Center (IC3) is a website and that offers users a standardized mechanism and interface to report suspected cybercrime or other illegal activity facilitated by the internet.
  • Internet Key Exchange (IKE) - The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.
  • Internet porn - Internet porn is sexually explicit content made available online in various formats including images, video files, video games and streaming video.
  • Internet Storm Center - The Internet Storm Center is a website provided by the SANS Institute that monitors current online security attacks and publishes information about them.
  • intrusion detection system (IDS) - An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.
  • intrusion prevention system (IPS) - An intrusion prevention system (IPS) is a network security and threat prevention tool.
  • IoT attack surface - The IoT attack surface is the sum total of all potential security vulnerabilities in IoT devices and associated software and infrastructure in a given network, be it local or the entire Internet.
  • IoT botnet (Internet of Things botnet) - An IoT botnet (Internet of Things botnet) is a group of hacked computers, smart appliances and Internet-connected devices that have been co-opted for illicit purposes.
  • IoT policy (Internet of Things policy) - An Internet of Things policy is a document that provides a comprehensive guide designed to help an organization deal with the complex issues surrounding the IoT.
  • IoT security (internet of things security) - IoT security is the technology segment focused on safeguarding connected devices and networks in the internet of things (IoT).
  • IP surveillance - IP surveillance is a digitized and networked version of closed-circuit television (CCTV).
  • IPsec (Internet Protocol Security) - IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.
  • iris recognition - Iris recognition is a method of identifying people based on unique patterns within the ring-shaped region surrounding the pupil of the eye.
  • ISA Server (Internet Security and Acceleration Server) - Microsoft's ISA Server (Internet Security and Acceleration Server) is the successor to Microsoft's Proxy Server 2.
  • island hopping attack - In this type of backdoor attack, the threat actor exploits a weakness downstream from the actual target and uses it as a launching point to reach the intended target.
  • ISO 27001 - ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS).
  • IT systems management - Systems management is the administration of the information technology systems in an enterprise data center.
  • JavaScript hijacking - JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML).
  • John the Ripper - John the Ripper is a popular free password cracking tool that combines several different cracking programs and runs in both brute force and dictionary attack modes.
  • Just Enough Administration (JEA) - Just Enough Administration (JEA) is a PowerShell toolkit designed to help an organization reduce risk by restricting IT administrative rights.
  • Kerberos - Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.
  • Kerckhoff's principle - Kerckhoff's principle is the concept that a cryptographic system should be secure, even if all its details are public knowledge except for the key.
  • key fob - A key fob is a small, programmable device that provides access to a physical object.
  • keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger or keyboard capture, is a type of surveillance technology used to monitor and record each keystroke on a specific computer.
  • Layer Two Tunneling Protocol (L2TP) - Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used by an internet service provider (ISP) to enable the operation of a virtual private network (VPN) over the internet.
  • leaky app - A leaky app is a small software program – typically a mobile app – that transmits user data across the Internet.
  • LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
  • local wipe - Local wipe, also known as auto-wipe, is deletion of a device's data which is initiated by software on the device itself, rather than through remote administration.
  • locked down device (LDD) - A locked down device (LDD) is a mobile device, typically a smartphone, that is shipped by a vendor with the ability to accept only the SIM card that originally came with it.
  • log management - Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log data created within an information system.
  • logic bomb - A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.
  • LUHN formula (modulus 10) - The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.
  • LUN masking - LUN masking is a further constraint added to zoning, subdividing access to the port so that only LUNs authorized to access a specific server can access the corresponding port.
  • malware - Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.
  • man-in-the-middle attack (MitM) - A man-in-the-middle attack is one in which the attacker secretly intercepts and relays messages between two parties who think they are communicating directly with each other.
  • managed file transfer (MFT) - Managed file transfer (MFT) is a type of software used to provide secure internal, external and ad-hoc data transfers through a network.
  • Massachusetts data protection law - What is the Massachusetts data protection law?The Massachusetts data protection law is legislation that stipulates security requirements for organizations that handle the private data of residents.
  • MD5 - The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.
  • meet-in-the-middle attack - Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key.
  • Melbourne shuffle algorithm - The Melbourne shuffle algorithm is a sequence of actions intended to obscure the patterns by which cloud-based data is accessed.
  • Melissa virus - Melissa is a fast-spreading macro virus that is distributed as an e-mail attachment that, when opened, disables a number of safeguards in Word 97 or Word 2000, and, if the user has the Microsoft Outlook e-mail program, causes the virus to be resent to the first 50 people in each of the user's address books.
  • memory dump attack - A memory dump attack is the capture and use of RAM content that was written to a storage drive during an unrecoverable error, which was typically triggered by the attacker.
  • Metamorphic virus - A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration.
  • MICR (magnetic ink character recognition) - MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.
  • microsegmentation - Microsegmentation is a technique used to divide a network into logical and secure units through the application of policies that dictate how data and applications are accessed and controlled.
  • Microsoft Antigen - Microsoft Antigen is a set of programs that provides security and e-mail filtering for network servers.
  • Microsoft Network Policy and Access Services (Microsoft NPAS) - Microsoft Network Policy and Access Services (Microsoft NPAS) is a server role in Windows 2008 and Windows Server 2012 that allows administrators to provide local and remote network access.
  • Microsoft Online Services Sign-In Assistant - The Microsoft Online Services Sign-In Assistant is a software application that provides common sign-on capabilities for a suite of Microsoft online services, such as Office 365.
  • Microsoft System Center Mobile Device Manager (MSCMDM) - Microsoft System Center Mobile Device Manager (MSCMDM) is server-based software that allows enterprise IT professionals to manage and automate tasks for Windows Mobile devices.
  • Misfortune Cookie - Misfortune Cookie is a firmware vulnerability in some routers that makes it possible for an attacker to gain administrative privileges and attack the devices and, through them, the network.
  • mobile hotspot - A mobile hotspot is an ad hoc wireless access point that is created by a dedicated hardware device or a smartphone feature that shares the phone's cellular data.
  • mobile security (wireless security) - Mobile security is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they connect to, from threats and vulnerabilities associated with wireless computing.
  • mobile security certification - A mobile security certification is a formalized program that verifies the participant’s competency in tasks related to mobile security and administration.
  • mobile spyware - Mobile spyware is monitoring software that is installed on a mobile device without the end user's knowledge.
  • multifactor authentication (MFA) - Multifactor authentication (MFA) is a security technology that requires more than one method of authentication from independent categories of credentials to verify a user's identity for a login or other transaction.
  • mutual authentication - Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other.
  • national identity card - A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity.
  • NBAR (Network Based Application Recognition) - Network Based Application Recognition (NBAR) is a mechanism that classifies and regulates bandwidth for network applications to ensure that available resources are utilized as efficiently as possible.
  • Near Field Communication (NFC) - Near Field Communication (NFC) is a short-range wireless connectivity standard (Ecma-340, ISO/IEC 18092) that uses magnetic field induction to enable communication between devices when they're touched together, or brought within a few centimeters of each other.
SearchCompliance
  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity
  • encryption key

    In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted ...

  • payload (computing)

    In computing, a payload is the carrying capacity of a packet or other transmission data unit.

  • script kiddie

    Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
Close