Browse Definitions :

Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

CLO - END

  • Clonezilla - Clonezilla is a free open source disk cloning application based on Debian.
  • closed circuit television (CCTV) - CCTV (closed-circuit television) is a TV system in which signals are not publicly distributed but are monitored, primarily for surveillance and security purposes.
  • cloud access security broker (CASB) - A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure.
  • cloud audit - A cloud audit is a periodic examination an organization does to assess and document its cloud vendor's performance.
  • cloud encryption (cloud storage encryption) - Cloud encryption is a service offered by cloud storage providers whereby a customer's data is transformed using encryption algorithms into ciphertext and stored in the cloud.
  • cloud security - Cloud security, also known as cloud computing security, is the practice of protecting cloud-based data, applications and infrastructure from cyberthreats and cyber attacks.
  • Cloud Security Alliance (CSA) - The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing.
  • cloud security architecture - Cloud security architecture is a security strategy designed around securing an organization's data and applications in the cloud.
  • COBIT - COBIT is an IT governance framework for businesses wanting to implement, monitor and improve IT management best practices.
  • column-level encryption - Column-level encryption is a method of database encryption in which the information in every cell (or data field) in a particular column has the same password for access, reading, and writing purposes.
  • common access card (CAC) - A common access card (CAC) is a Unites States Department of Defense (DoD) smart card for multifactor authentication.
  • Common Body of Knowledge (CBK) - In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.
  • Common Criteria (CC) for Information Technology Security Evaluation - Common Criteria (CC) is an international set of guidelines and specifications developed for evaluating information security products, specifically to ensure they meet an agreed-upon security standard for government deployments.
  • Common Weakness Enumeration (CWE) - Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software.
  • CompTIA Security+ - CompTIA Security+ is a certification that demonstrates a person's competency with core security practices and functions that are carried out in IT security roles.
  • computer cracker - A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security.
  • computer exploit - A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • computer worm - A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.
  • COMSEC (communications security) - Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic, or to any information that is transmitted or transferred.
  • Conduit browser hijacker - Conduit is a browser hijacker that is usually installed without the user’s knowledge through a drive-by download.
  • Conficker - Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
  • confidentiality - Confidentiality is a set of rules or a promise that limits access or places restrictions on certain types of information.
  • confidentiality, integrity and availability (CIA triad) - Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
  • consumer privacy (customer privacy) - Consumer privacy, also known as customer privacy, involves the handling and protection of the sensitive personal information provided by customers in the course of everyday transactions.
  • content filtering - Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items.
  • content spoofing - Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate.
  • content-based security (asset-based security) - Content-based security, also known as asset-based security, is a gerneral term for security features that are embedded within enterprise content.
  • context-aware security - Context-aware security is the use of situational information (such as identity, location, time of day or type of endpoint device) to improve information security decisions.
  • continuous authentication - Continuous authentication is a method of verification aimed at providing identity confirmation and cybersecurity protection on an ongoing basis.
  • control framework - A control framework is a data structure that organizes and categorizes an organization’s internal controls, which are practices and procedures established to create business value and minimize risk.
  • cookie poisoning - Cookie poisoning is a type of cyber attack in which a bad actor hijacks, forges, alters or manipulates a cookie to gain unauthorized access to a user's account, open a new account in the user's name or steal the user's information for purposes such as identity theft.
  • counterfeit app (fake app) - A counterfeit app is an app that claims to fill a purpose while actually being fake, ineffective, useless or even harmful to a user's device.
  • CRAM (challenge-response authentication mechanism) - CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).
  • crisis management - Crisis management is the application of strategies designed to help an organization deal with a sudden and significant negative event.
  • critical thinking - Critical thinking is the capacity to be objective, rational and analytical about subjects, situations and cognitive problems.
  • cross-site request forgery (XSRF or CSRF) - Cross-site request forgery (XSRF or CSRF) is a method of attacking a Web site in which an intruder masquerades as a legitimate and trusted user.
  • cross-site scripting (XSS) - Cross-site scripting (XSS) is a type of injection attack in which a threat actor inserts data, such as a malicious script, into content from otherwise trusted websites.
  • cross-site tracing (XST) - Cross-site tracing (XST) is a sophisticated form of cross-site scripting (XSS) that can bypass security countermeasures already put in place to protect against XSS.
  • cryptanalysis - Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and improving techniques for defeating or weakening them.
  • crypto wallet (cryptocurrency wallet) - A crypto wallet (cryptocurrency wallet) is software or hardware that enables users to store and use cryptocurrency.
  • crypto-agility - Crypto-agility, or cryptographic agility, is a data encryption practice used by organizations to ensure a rapid response to a cryptographic threat.
  • cryptographic checksum - Generated by a cryptographic algorithm, a cryptographic checksum is a mathematical value assigned to a file sent through a network for verifying that the data contained in that file is unchanged.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use.
  • cryptography - Cryptography is a method of protecting information and communications through the use of codes, so that only those for whom the information is intended can read and process it.
  • cryptology - Cryptology is the mathematics, such as number theory and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
  • cryptosystem - A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.
  • CSO (Chief Security Officer) - A Chief Security Officer (CSO) is a C-suite executive responsible for a company's physical and digital security.
  • CSR (Certificate Signing Request) - A Certificate Signing Request or CSR is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA) validating the information required by the CA in order for it to issue a certificate.
  • CVSS (Common Vulnerability Scoring System) - The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security vulnerabilities in software.
  • cyber attribution - Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.
  • cyber hijacking - Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications.
  • cyber threat hunter (cybersecurity threat analyst) - A cyber threat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that may go undetected by automated security tools such as malware detectors and firewalls.
  • cybercrime - Cybercrime is any criminal activity that involves a computer, networked device or a network.
  • cyberextortion - Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.
  • Cybersecurity Information Sharing Act (CISA) - Cybersecurity Information Sharing Act (CISA) is proposed legislation that will allow United States government agencies and non-government entities to share information with each other as they investigate cyberattacks.
  • cyberwarfare - The generally accepted definition of cyberwarfare is the use of cyber attacks against a nation-state, causing it significant harm, up to and including physical warfare, disruption of vital computer systems and loss of life.
  • data availability - Data availability is a term used by computer storage manufacturers and storage service providers to describe how data should be available at a required level of performance in situations ranging from normal through disastrous.
  • data breach - A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an unauthorized fashion.
  • Data Encryption Standard (DES) - Data Encryption Standard (DES) is an outdated symmetric key method of data encryption.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data loss prevention (DLP) - Data loss prevention (DLP) -- sometimes referred to as data leak prevention, information loss prevention and extrusion prevention -- is a strategy to mitigate threats to critical data.
  • data masking - Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.
  • data privacy (information privacy) - Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, retention, immutability and security of sensitive data.
  • data protection management (DPM) - Data protection management (DPM) comprises the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user account with the ability to decrypt data that was encrypted by other users.
  • data shadow - A data shadow is the collective body of data that is automatically generated and recorded as we go about our lives rather than intentionally created.
  • data splitting - Data splitting is when data is divided into two or more subsets.
  • database activity monitoring (DAM) - Database activity monitoring (DAM) systems monitor and record activity in a database and then generate alerts for anything unusual.
  • DCPromo (Domain Controller Promoter) - DCPromo (Domain Controller Promoter) is a tool in Active Directory that installs and removes Active Directory Domain Services and promotes domain controllers.
  • defense in depth - Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming.
  • digest authentication - Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller.
  • digital footprint - A digital footprint, sometimes called a digital dossier, is the body of data that exists as a result of actions and communications online that can in some way be traced back to an individual.
  • digital footprint management (DFM) - Digital footprint management (DFM) is an approach to controlling the amount and types of electronic data existing about a particular individual that can in some way be traced back to them.
  • digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
  • Digital Signature Standard (DSS) - The Digital Signature Standard (DSS) is a digital signature algorithm (DSA) developed by the U.
  • digital wallet security - Digital wallets are used for transactions involving both conventional and digital currencies, but because the latter work differently, they require different safeguards – or at least variations on traditional security measures.
  • directory traversal - Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory.
  • disaster recovery plan (DRP) - A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume work after an unplanned incident.
  • disposable email - What is a disposable email?Disposable email is a service that allows a registered user to receive email at a temporary address that expires after a certain time period elapses.
  • distributed denial-of-service (DDoS) attack - A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DMZ in networking - In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet.
  • DNS over HTTPS (DoH) - DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.
  • DNS Security Extensions (DNSSEC) - DNS Security Extensions (DNSSEC) are a set of Internet Engineering Task Force (IETF) standards created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats.
  • document sanitization - In addition to making sure the document text doesn’t openly divulge anything it shouldn’t, document sanitization includes removing document metadata that could pose a privacy or security risk.
  • domain fluxing - Domain fluxing is a technique used by botnet operators for their command-and-control infrastructures to avoid detection by security technologies and researchers attempting to shut their botnets down.
  • due diligence - Due diligence definition: Due diligence is the process of systematically researching and verifying the accuracy of a particular statement.
  • dynamic application security testing (DAST) - A dynamic application security test (DAST) is a program used by developers to analyze a web application (web app), while in runtime, and identify any security vulnerabilities or weaknesses.
  • eavesdropping - Eavesdropping is the unauthorized real-time interception of a private communication, such as a phone call, instant message, videoconference or fax transmission.
  • Electronic Code Book (ECB) - Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption.
  • electronic discovery (e-discovery or ediscovery) - Electronic discovery -- also called e-discovery or ediscovery -- refers to any process of obtaining and exchanging evidence in a civil or criminal legal case.
  • elliptical curve cryptography (ECC) - Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller and more efficient cryptographic keys.
  • email spoofing - Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.
  • employee monitoring - Employee monitoring is the use of various methods of workplace surveillance to gather information about the activities and locations of staff members.
  • employee onboarding and offboarding - Employee onboarding and offboarding are two core HR activities that are gaining in importance.
  • encoding and decoding - Encoding and decoding are used in many forms of communications, including computing, data communications, programming, digital electronics and human communications.
  • encryption - Encryption is the method by which information is converted into secret code that hides the information's true meaning.
  • encryption key - In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text or to decrypt encrypted text.
  • encryption key management - Encryption key management is the administration of tasks involved with protecting, storing, backing up and organizing encryption keys.
SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an...

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • data compliance

    Data compliance is a process that identifies the applicable governance for data protection, security, storage and other ...

SearchCIO
  • data privacy (information privacy)

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • leadership skills

    Leadership skills are the strengths and abilities individuals demonstrate that help to oversee processes, guide initiatives and ...

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

SearchHRSoftware
SearchCustomerExperience
  • recommerce

    Recommerce is the selling of previously owned items through online marketplaces to buyers who reuse, recycle or resell them.

  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

Close