Browse Definitions :

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

SEC - VUL

  • secure container - A secure container is a lightweight, executable software package that has been isolated from other software or processes running on the same virtual or physical host.
  • Secure Electronic Transaction (SET) - Secure Electronic Transaction (SET) is a system and electronic protocol to ensure the integrity and security of transactions conducted over the internet.
  • Secure Shell (SSH) - SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.
  • Security as a Service (SaaS) - Security-as-a-service (SaaS) is an outsourcing model for security management.
  • security audit - A security audit is a systematic evaluation of the security of a company's information system by measuring how well it conforms to an established set of criteria.
  • security clearance - A security clearance is an authorization that allows access to information that would otherwise be forbidden.
  • security event - A security event is a change in the everyday operations of a network or IT service, indicating that an security policy may have been violated or a security safeguard may have failed.
  • security identifier (SID) - In Windows NT and 2000 operating systems, the security identifier (SID) is a unique alphanumeric character string that identifies each operating system and each user in a network of NT/2000 systems.
  • security incident - A security incident is an event that may indicate that an organization's systems or data have been compromised or that measures put in place to protect them have failed.
  • security information management (SIM) - Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs.
  • security intelligence (SI) - Security intelligence (SI) is the information relevant to protecting an organization from external and inside threats as well as the processes, policies and tools designed to gather and analyze that information.
  • security policy - A security policy is a document that states in writing how a company plans to protect its physical and information technology (IT) assets.
  • security theater - Security theater includes any measures taken by a company or security team to create an atmosphere of safety that may only achieve the appearance of heightened security.
  • security token - A security token is a physical or digital device that provides two-factor authentication for a user to prove their identity in a login process.
  • Sender Policy Framework (SPF) - Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby discouraging spam mailers, who routinely disguise the origin of their e-mail, a practice known as e-mail spoofing.
  • Serious Organized Crime Agency (SOCA) - The Serious Organized Crime Agency (SOCA) is a policing agency dedicated to the identification of criminal activity related to drug trafficking, money laundering, identity theft and immigration.
  • session hijacking (TCP session hijacking) - Session hijacking, also known as TCP session hijacking, is a method of taking over a Web user session by surreptitiously obtaining the session ID and masquerading as the authorized user.
  • session ID - A session ID is a unique number that a Web site's server assigns to identify a specific user for the duration of that user's visit (session).
  • session key - A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.
  • session prediction (credential/session prediction) - Session prediction, also called credential/session prediction, is a method of surreptitiously obtaining data (called a session ID) about an authorized visitor to a Web site.
  • session replay script - A session replay script is a program that enables the recording of website users’ keystrokes, clicks, mouse movements and scrolling behavior, along with the full contents of the pages they visit, and sends them to third-party servers.
  • shadow app - A shadow app is a software program that is not supported by an employee's information technology (IT) department.
  • shadow password file - A shadow password file, also known as /etc/shadow, is a system file in Linux that stores encrypted user passwords and is accessible only to the root user, preventing unauthorized users or malicious actors from breaking into the system.
  • Shared Key Authentication (SKA) - Shared Key Authentication (SKA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.
  • Shodan - Shodan (Sentient Hyper-Optimised Data Access Network) is a search engine designed to map and gather information about internet-connected devices and systems.
  • shoulder surfing - Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.
  • SIM card - A SIM card, also known as a subscriber identity module, is a smart card that stores identification information that pinpoints a smartphone to a specific mobile network.
  • single sign-on (SSO) - Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications.
  • single-factor authentication (SFA) - Single-factor authentication (SFA) is the traditional security process that requires a user name and password before granting access to the user.
  • SIP trunking (Session Initiation Protocol trunking) - Session Initiation Protocol trunking is a service offered by a communications service provider that uses the protocol to provision voice over IP connectivity between an on-premises phone system and the public switched telephone network.
  • smart card - A smart card is a physical card that has an embedded integrated chip that acts as a security token.
  • smart home or building (home automation or domotics) - A smart home is a residence that uses internet-connected devices to enable the remote monitoring and management of appliances and systems, such as lighting and heating.
  • smart meter hack - A smart meter hack is the unauthorized access of such a device or its data transmissions for the purpose of obtaining or altering communications between it and the responsible utility.
  • SMiShing (SMS phishing) - SMiShing is a mobile phone security attack in which the user is tricked into downloading a Trojan horse, virus or other malware onto his phone.
  • SMS spam (cell phone spam or short messaging service spam) - SMS spam (sometimes called cell phone spam) is any junk message delivered to a mobile phone as text messaging through the Short Message Service (SMS).
  • Smurf Suite - The Smurf Suite is a collection of smartphone hacking and spyware tools that can remotely activate iPhones and Android devices and collect user data through eavesdropping and data access.
  • snooping - Snooping, in a security context, is unauthorized access to another person's or company's data.
  • Snort - Snort is an open source network intrusion detection system (NIDS) created by Sourcefire founder and former CTO Martin Roesch.
  • social engineering - Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into breaking normal security procedures and best practices to gain unauthorized access to systems, networks or physical locations or for financial gain.
  • social engineering attack surface - Social engineering attacks usually take advantage of human psychology: the desire for something free, the susceptibility to distraction, or the desire to be liked or to be helpful.
  • social engineering penetration testing - Social engineering pen testing is designed to test employees' adherence to the security policies and practices defined by management.
  • soft token - A soft token is a software-based security token that generates a single-use login PIN.
  • spear phishing - Spear phishing is a malicious email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information.
  • spim (instant messaging spam) - Spim is spam delivered through instant messaging (IM) instead of through e-mail messaging.
  • SPIT (spam over Internet telephony) - SPIT (spam over Internet telephony), sometimes known as vam (voice or VoIP spam), is unsolicited bulk messages broadcast over VoIP (Voice over Internet Protocol) to phones connected to the Internet.
  • splog (spam blog) - A splog (spam blog) is a fake blog created solely to promote affiliated Web sites, with the intent of skewing search results and artificially boosting traffic.
  • SS7 attack - An SS7 attack is a security exploit that takes advantage of a weakness in the design of SS7 (Signaling System 7) to enable data theft, eavesdropping, text interception and location tracking.
  • SSL (secure sockets layer) - Secure sockets layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet.
  • stack overflow - A stack overflow is an undesirable condition in which a particular computer program tries to use more memory space than the call stack has available.
  • stateful inspection - Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall.
  • stealth virus - In computer security, a stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.
  • stingray (IMSI catcher) - A stingray is a mobile surveillance device also known as an IMSI (International Mobile Subscriber Identity) catcher or a cell site simulator.
  • storage encryption - Storage encryption is the use of encryption/decryption of backed-up and archived data, both in transit and on storage media.
  • storage security - Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks -- and unavailable to other entities.
  • stream cipher - A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time.
  • strong cryptography - Strong cryptography is used by most governments around the world to protect communications.
  • strong password - A strong password is one that is designed to be hard for a person or program to discover.
  • Stuxnet - The Stuxnet worm is a rootkit exploit that targets supervisory control and data acquisition (SCADA) systems.
  • SYN flood (half open attack) - SYN flooding is a method that the user of a hostile client program can use to conduct a denial-of-service (DoS) attack on a computer server.
  • SYN scanning - SYN scanning is a tactic that a malicious hacker can use to determine the state of a communications port without establishing a full connection.
  • TCP Wrapper - TCP Wrapper is a public domain computer program that provides firewall services for UNIX servers.
  • tcpdump - Tcpdump is an open source command-line tool for monitoring (sniffing) network traffic.
  • TDL-4 (TDSS or Alureon) - TDL-4 is sophisticated malware that facilitates the creation and maintenance of a botnet.
  • thingbot - A thingbot is something with an embedded system and an Internet connection that has been coopted by a hacker as a part of a botnet.
  • third-party cookie - A third-party cookie is a cookie that is placed on a user's hard disk by a website from a domain other than the one a user is visiting.
  • threat actor - A threat actor, also called a malicious actor or bad actor, is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- an organization's security.
  • threat intelligence (cyber threat intelligence) - Threat intelligence, also known as cyber threat intelligence (CTI), is information collected from various sources about current or potential attacks that threaten an organization.
  • threat intelligence feed (TI feed) - A threat intelligence feed (TI feed) is an ongoing stream of data related to potential or current threats to an organization's security.
  • threat intelligence service (TI service) - A threat intelligence service (TI service) is a provider of information about current or emerging threats that could negatively impact the security of a customer’s organization.
  • threat modeling - Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent or mitigate the effects of threats to the system.
  • token - In general, a token is an object that represents something else, such as another object (either physical or virtual), or an abstract concept as, for example, a gift is sometimes referred to as a token of the giver's esteem for the recipient.
  • tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
  • Transport Layer Security (TLS) - Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications.
  • Trojan horse (computing) - In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious.
  • trusted computing base (TCB) - The trusted computing base (TCB) is everything in a computing system that provides a secure environment.
  • Trusted Computing Group (TCG) - The Trusted Computing Group (TCG) is a not-for-profit organization that was formed in 2003 to define, develop and promote security specifications for computers and networks.
  • tunneling or port forwarding - Tunneling is the transmission of data intended for use only within a private, usually corporate network through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network.
  • two-factor authentication (2FA) - Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.
  • Twofish - Twofish is an encryption algorithm based on an earlier algorithm, Blowfish, and was a finalist for a NIST Advanced Encryption Standard (AES) algorithm to replace the DES algorithm.
  • unauthenticated security scan (logged-out secuity scan) - An unauthenticated security scan, sometimes called a logged-out scan, is the process of exploring a network or networked system for vulnerabilities that are accessible without logging in as an authorized user.
  • unified threat management (UTM) - Unified threat management (UTM) describes an information security (infosec) system that provides a single point of protection against threats, including viruses, worms, spyware and other malware, and network attacks.
  • unique default password - Unique default passwords can provide more security, although that depends on what type of system is used.
  • universal authentication - Universal authentication is a network identity-verification method that allows users to move from site to site securely without having to enter identifying information multiple times.
  • Uptime Institute, Inc. - The Uptime Institute, Inc.
  • URL manipulation (URL rewriting) - URL manipulation, also called URL rewriting, is the process of altering (often automatically by means of a program written for that purpose) the parameters in a URL (Uniform Resource Locator).
  • user account provisioning - User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system.
  • virtual honeypot - A virtual honeypot is software that emulates a vulnerable system or network to attract intruders and study their behavior.
  • virtual machine escape - Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor.
  • virtual private cloud (VPC) - A virtual private cloud (VPC) is the logical division of a service provider's public cloud multi-tenant architecture to support private cloud computing.
  • virus hoax - A virus hoax is a false warning about a computer virus.
  • virus signature (virus definition) - A virus signature (also known as a virus definition) is a file or multiple files that are downloaded by a security program to identify a computer virus.
  • VLAN hopping (virtual local area network hopping) - VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.
  • voice logger - A voice logger is a device or program used to record audio information from telephones, radios, microphones and other sources for storage on a computer's hard drive or removable media.
  • voice squatting (skill squatting) - Voice squatting is an attack vector for voice user interfaces (VUIs) that exploits homonyms (words that sound the same but are spelled differently) and input errors (words that are mispronounced).
  • Vouch by Reference (VBR) - Vouch By Reference (VBR) is a protocol for adding third-party certification to email.
  • VPN appliance - A VPN (virtual private network) appliance is a network device equipped with enhanced security features.
  • VPN Reconnect - VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network (VPN) connection to remain open during a brief interruption of Internet service.
SearchCompliance
  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity
  • encryption key

    In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted ...

  • payload (computing)

    In computing, a payload is the carrying capacity of a packet or other transmission data unit.

  • script kiddie

    Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
Close