Browse Definitions :

Security

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

CLO - END

  • cloak of invisibility - A cloak of invisibility is a method of rendering physical objects undetectable or invisible.
  • closed circuit television (CCTV) - CCTV (closed-circuit television) is a TV system in which signals are not publicly distributed but are monitored, primarily for surveillance and security purposes.
  • cloud access security broker (CASB) - A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure.
  • cloud encryption (cloud storage encryption) - Cloud encryption is a service offered by cloud storage providers whereby a customer's data is transformed using encryption algorithms into ciphertext and stored in the cloud.
  • Cloud Security Alliance (CSA) - The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing.
  • cloud security architecture - Cloud security architecture is a security strategy designed around securing an organization's data and applications in the cloud.
  • CloudAudit - CloudAudit is a specification for the presentation of information about how a cloud computing service provider addresses control frameworks.
  • CMDSP (Certified Mobile Device Security Professional) - CMDSP (Certified Mobile Device Security Professional) is a certification program offered by the Mobile Resource Group that provides a standardized assurance of competency in the field of mobile security and administration.
  • COBIT - COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices.
  • Code of Connection (CoCo) - In the U.K.
  • command injection - Command injection is the insertion of HTML code into dynamically generated output by a malevolent hacker (also known as a cracker) seeking unauthorized access to data or network resources.
  • common access card (CAC) - A common access card (CAC) is a Unites States Department of Defense (DoD) smart card for multifactor authentication.
  • Common Body of Knowledge (CBK) - In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.
  • Common Criteria (CC) for Information Technology Security Evaluation - Common Criteria (CC) is an international set of guidelines and specifications developed for evaluating information security products, specifically to ensure they meet an agreed-upon security standard for government deployments.
  • Common Weakness Enumeration (CWE) - Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software.
  • CompTIA Security+ - CompTIA Security+ is a certification that demonstrates a person's competency with core security practices and functions that are carried out in IT security roles.
  • computer cracker - A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security.
  • computer exploit - A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • Computer Misuse Act 1990 (CMA) - The Computer Misuse Act 1990 (CMA) is an act of the UK Parliament passed in 1990.
  • computer worm - A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining active on infected systems.
  • COMSEC (communications security) - Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic, or to any information that is transmitted or transferred.
  • Conduit browser hijacker - Conduit is a browser hijacker that is usually installed without the user’s knowledge through a drive-by download.
  • Conficker - Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
  • confidentiality - Confidentiality is a set of rules or a promise that limits access or places restrictions on certain types of information.
  • confidentiality, integrity and availability (CIA triad) - Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
  • consumer privacy (customer privacy) - Consumer privacy, also known as customer privacy, involves the handling and protection of the sensitive personal information provided by customers in the course of everyday transactions.
  • consumerization policy - A consumerization policy is a documented set of practices for managing the use of consumer devices and technologies within a given organization.
  • content-based security (asset-based security) - Content-based security, also known as asset-based security, is a gerneral term for security features that are embedded within enterprise content.
  • context-aware network access control - Context-aware network access control (CANAC) is an approach to managing the security of a proprietary network by granting access to network resources according to contextual-based security policies.
  • context-aware security - Context-aware security is the use of situational information (such as identity, location, time of day or type of endpoint device) to improve information security decisions.
  • continuous authentication - Continuous authentication is a method of verification aimed at providing identity confirmation and cybersecurity protection on an ongoing basis.
  • cookie poisoning - On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.
  • CRAM (challenge-response authentication mechanism) - CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).
  • crisis management - Crisis management is the application of strategies designed to help an organization deal with a sudden and significant negative event.
  • critical thinking - Critical thinking is the capacity to be objective, rational and analytical about subjects, situations and cognitive problems.
  • cryptanalysis - Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and improving techniques for defeating or weakening them.
  • crypto-agility - Crypto-agility, or cryptographic agility, is a data encryption practice used by organizations to ensure a rapid response to a cryptographic threat.
  • cryptographic checksum - A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use, typically related to cryptographic communication or information technology.
  • cryptography - Cryptography is a method of protecting information and communications through the use of codes so that only those for whom the information is intended can read and process it.
  • cryptology - Cryptology is the mathematics, such as number theory, and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
  • cryptosystem - A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.
  • CSO (Chief Security Officer) - A Chief Security Officer (CSO) is the employee responsible for the physical security of a company, including its communication and business systems.
  • CSR (Certificate Signing Request) - A Certificate Signing Request or CSR is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA) validating the information required by the CA in order for it to issue a certificate.
  • CTCI (Computer-to-computer interface) - Computer-to-computer interface (CTCI) is a digital communications protocol that allows customers of the NASDAQ (National Association of Securities Dealers Automated Quotations) to conduct business in the options market.
  • CVSS (Common Vulnerability Scoring System) - The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security vulnerabilities in software.
  • cyber attribution - Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.
  • cyber hijacking - Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications.
  • cyber threat hunter (cybersecurity threat analyst) - A cyber threat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that may go undetected by automated security tools such as malware detectors and firewalls.
  • cybercrime - Cybercrime is any criminal activity that involves a computer, networked device or a network.
  • cyberextortion - Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.
  • Cyberoam - Cyberoam is a vendor for information security products and services.
  • cybersecurity - Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.
  • Cybersecurity Information Sharing Act (CISA) - Cybersecurity Information Sharing Act (CISA) is proposed legislation that will allow United States government agencies and non-government entities to share information with each other as they investigate cyberattacks.
  • DAT USB drive - A DAT USB drive is a tape drive with digital audio tape (DAT) that can be plugged into a Universal Serial Bus (USB) connection as a simple and relatively low-cost way to back up data routinely, especially on servers.
  • data availability - Data availability is a term used by some computer storage manufacturers and storage service providers (SSPs) to describe products and services that ensure that data continues to be available at a required level of performance in situations ranging from normal through "disastrous.
  • Data Encryption Standard (DES) - The Data Encryption Standard (DES) is an outdated symmetric-key method of data encryption.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data loss prevention (DLP) - Data loss prevention (DLP) -- sometimes referred to as data leak prevention, information loss prevention and extrusion prevention -- is a strategy for preventing individuals from accessing sensitive information who do not need it.
  • data masking - Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.
  • data protection management (DPM) - Data protection management (DPM) comprises the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user who has been granted the right to decrypt data that was encrypted by other users.
  • Data Security Council of India (DSCI) - The Data Security Council of India (DSCI) is a not-for-profit organization created to promote the country as a secure destination for information technology (IT) outsourcing.
  • data shadow - A data shadow is the collective body of data that is automatically generated and recorded as we go about our lives rather than intentionally created.
  • data splitting - Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.
  • database activity monitoring (DAM) - Database activity monitoring (DAM) systems monitor and record activity in a database and then generate alerts for anything unusual.
  • DCPromo (Domain Controller Promoter) - DCPromo (Domain Controller Promoter) is a tool in Active Directory that installs and removes Active Directory Domain Services and promotes domain controllers.
  • defense in depth - Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise.
  • depository - A depository is a file or set of files in which data is stored for the purpose of safekeeping or identity authentication.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming.
  • digest authentication - Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller.
  • digital footprint - A digital footprint, sometimes called a digital dossier, is the body of data that exists as a result of actions and communications online that can in some way be traced back to an individual.
  • digital footprint management (DFM) - Digital footprint management (DFM) is an approach to controlling the amount and types of electronic data existing about a particular individual that can in some way be traced back to them.
  • digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
  • Digital Signature Standard (DSS) - Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.
  • directory traversal - Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory.
  • disaster recovery plan (DRP) - A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume work after an unplanned incident.
  • disposable email - What is a disposable email?Disposable email is a service that allows a registered user to receive email at a temporary address that expires after a certain time period elapses.
  • distributed denial-of-service (DDoS) attack - A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DMZ (networking) - In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks -- usually the public internet.
  • DNS Security Extensions (DNSSEC) - DNS Security Extensions (DNSSEC) are a set of Internet Engineering Task Force (IETF) standards created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats.
  • document sanitization - In addition to making sure the document text doesn’t openly divulge anything it shouldn’t, document sanitization includes removing document metadata that could pose a privacy or security risk.
  • domain fluxing - Domain fluxing is a technique used by botnet operators for their command-and-control infrastructures to avoid detection by security technologies and researchers attempting to shut their botnets down.
  • dongle - A dongle (pronounced DONG-uhl) is a mechanism for ensuring that only authorized users can copy or use specific software applications, especially very expensive programs.
  • drive-by pharming - Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data.
  • drive-by spamming - Drive-by spamming is a variation of drive-by hacking in which the perpetrators gain access to a vulnerable wireless local area network (WLAN) and use that access to send huge volumes of spam.
  • due diligence - Due diligence definition: Due diligence is the process of systematically researching and verifying the accuracy of a particular statement.
  • dynamic packet filter - A dynamic packet filter is a firewall facility that can monitor the state of active connections and use this information to determine which network packets to allow through the firewall.
  • eavesdropping - Eavesdropping is the unauthorized real-time interception of a private communication, such as a phone call, instant message, videoconference or fax transmission.
  • Electronic Code Book (ECB) - Electronic Code Book (ECB) is a mode of operation for a block cipher, with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa.
  • electronic discovery (e-discovery or ediscovery) - Electronic discovery (also called e-discovery or ediscovery) refers to any process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a civil or criminal legal case.
  • Elk Cloner - Elk Cloner was the first computer virus known to have spread in the wild.
  • elliptical curve cryptography (ECC) - Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.
  • email spoofing - Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.
  • employee monitoring - Employee monitoring is the use of various methods of workplace surveillance to gather information about the activities and locations of staff members.
  • employee onboarding and offboarding - Employee onboarding and offboarding are two core HR activities that are gaining in importance.
  • encoding and decoding - Encoding is the process of putting a sequence of characters (letters, numbers, punctuation, and certain symbols) into a specialized digital format for efficient transmission or transfer.
  • Encrypting File System (EFS) - The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent.
  • encryption - Encryption is the method by which information is converted into secret code that hides the information's true meaning.
SearchCompliance
  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

SearchSecurity
  • threat modeling

    Threat modeling is a procedure for optimizing application, system or business process security by identifying objectives and ...

  • social engineering

    Social engineering is an attack vector that relies heavily on human interaction and often involves manipulating people into ...

  • distributed denial-of-service (DDoS) attack

    A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a ...

SearchHealthIT
SearchDisasterRecovery
  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

SearchStorage
  • storage security

    Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted ...

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud data management

    Cloud data management is a way to manage data across cloud platforms, either with or instead of on-premises storage.

Close