Browse Definitions :

Security

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

COM - FAC

  • command injection - Command injection is the insertion of HTML code into dynamically generated output by a malevolent hacker (also known as a cracker) seeking unauthorized access to data or network resources.
  • common access card (CAC) - A common access card (CAC) is a Unites States Department of Defense (DoD) smart card for multifactor authentication.
  • Common Body of Knowledge (CBK) - In security, Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional should be familiar with, including skills, techniques and best practices.
  • Common Criteria (CC) for Information Technology Security Evaluation - Common Criteria (CC) is an international set of guidelines and specifications developed for evaluating information security products, specifically to ensure they meet an agreed-upon security standard for government deployments.
  • Common Weakness Enumeration (CWE) - Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software.
  • CompTIA Security+ - CompTIA Security+ is a certification that demonstrates a person's competency with core security practices and functions that are carried out in IT security roles.
  • computer cracker - A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security.
  • computer exploit - A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • Computer Misuse Act 1990 (CMA) - The Computer Misuse Act 1990 (CMA) is an act of the UK Parliament passed in 1990.
  • computer worm - A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.
  • COMSEC (communications security) - Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic, or to any information that is transmitted or transferred.
  • Conduit browser hijacker - Conduit is a browser hijacker that is usually installed without the user’s knowledge through a drive-by download.
  • Conficker - Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
  • confidentiality - Confidentiality is a set of rules or a promise that limits access or places restrictions on certain types of information.
  • confidentiality, integrity and availability (CIA triad) - Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
  • consumer privacy (customer privacy) - Consumer privacy, also known as customer privacy, involves the handling and protection of the sensitive personal information provided by customers in the course of everyday transactions.
  • consumerization policy - A consumerization policy is a documented set of practices for managing the use of consumer devices and technologies within a given organization.
  • content-based security (asset-based security) - Content-based security, also known as asset-based security, is a gerneral term for security features that are embedded within enterprise content.
  • context-aware security - Context-aware security is the use of situational information (such as identity, location, time of day or type of endpoint device) to improve information security decisions.
  • continuous authentication - Continuous authentication is a method of verification aimed at providing identity confirmation and cybersecurity protection on an ongoing basis.
  • cookie poisoning - On the Web, cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.
  • CRAM (challenge-response authentication mechanism) - CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).
  • crisis management - Crisis management is the application of strategies designed to help an organization deal with a sudden and significant negative event.
  • critical thinking - Critical thinking is the capacity to be objective, rational and analytical about subjects, situations and cognitive problems.
  • cryptanalysis - Cryptanalysis is the study of ciphertext, ciphers and cryptosystems with the aim of understanding how they work and finding and improving techniques for defeating or weakening them.
  • crypto-agility - Crypto-agility, or cryptographic agility, is a data encryption practice used by organizations to ensure a rapid response to a cryptographic threat.
  • cryptographic checksum - A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use.
  • cryptography - Cryptography is a method of protecting information and communications through the use of codes, so that only those for whom the information is intended can read and process it.
  • cryptology - Cryptology is the mathematics, such as number theory and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
  • cryptosystem - A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.
  • CSO (Chief Security Officer) - A Chief Security Officer (CSO) is a C-suite executive responsible for a company's physical and digital security.
  • CSR (Certificate Signing Request) - A Certificate Signing Request or CSR is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA) validating the information required by the CA in order for it to issue a certificate.
  • CTCI (Computer-to-computer interface) - Computer-to-computer interface (CTCI) is a digital communications protocol that allows customers of the NASDAQ (National Association of Securities Dealers Automated Quotations) to conduct business in the options market.
  • CVSS (Common Vulnerability Scoring System) - The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security vulnerabilities in software.
  • cyber attribution - Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.
  • cyber hijacking - Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications.
  • cyber threat hunter (cybersecurity threat analyst) - A cyber threat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that may go undetected by automated security tools such as malware detectors and firewalls.
  • cybercrime - Cybercrime is any criminal activity that involves a computer, networked device or a network.
  • cyberextortion - Cyberextortion is a crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack.
  • Cybersecurity Information Sharing Act (CISA) - Cybersecurity Information Sharing Act (CISA) is proposed legislation that will allow United States government agencies and non-government entities to share information with each other as they investigate cyberattacks.
  • data availability - Data availability is a term used by computer storage manufacturers and storage service providers to describe how data should be available at a required level of performance in situations ranging from normal through disastrous.
  • Data Encryption Standard (DES) - Data Encryption Standard (DES) is an outdated symmetric key method of data encryption.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data loss prevention (DLP) - Data loss prevention (DLP) -- sometimes referred to as data leak prevention, information loss prevention and extrusion prevention -- is a strategy for preventing individuals from accessing sensitive information who do not need it.
  • data masking - Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training.
  • data protection management (DPM) - Data protection management (DPM) comprises the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user who has been granted the right to decrypt data that was encrypted by other users.
  • data shadow - A data shadow is the collective body of data that is automatically generated and recorded as we go about our lives rather than intentionally created.
  • data splitting - Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.
  • database activity monitoring (DAM) - Database activity monitoring (DAM) systems monitor and record activity in a database and then generate alerts for anything unusual.
  • DCPromo (Domain Controller Promoter) - DCPromo (Domain Controller Promoter) is a tool in Active Directory that installs and removes Active Directory Domain Services and promotes domain controllers.
  • defense in depth - Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code breaker mathematically overwhelming.
  • digest authentication - Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller.
  • digital footprint - A digital footprint, sometimes called a digital dossier, is the body of data that exists as a result of actions and communications online that can in some way be traced back to an individual.
  • digital footprint management (DFM) - Digital footprint management (DFM) is an approach to controlling the amount and types of electronic data existing about a particular individual that can in some way be traced back to them.
  • digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.
  • Digital Signature Standard (DSS) - Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.
  • directory traversal - Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory.
  • disaster recovery plan (DRP) - A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume work after an unplanned incident.
  • disposable email - What is a disposable email?Disposable email is a service that allows a registered user to receive email at a temporary address that expires after a certain time period elapses.
  • distributed denial-of-service (DDoS) attack - A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DMZ in networking - In computer networks, a DMZ, or demilitarized zone, is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks -- usually, the public internet.
  • DNS Security Extensions (DNSSEC) - DNS Security Extensions (DNSSEC) are a set of Internet Engineering Task Force (IETF) standards created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats.
  • document sanitization - In addition to making sure the document text doesn’t openly divulge anything it shouldn’t, document sanitization includes removing document metadata that could pose a privacy or security risk.
  • domain fluxing - Domain fluxing is a technique used by botnet operators for their command-and-control infrastructures to avoid detection by security technologies and researchers attempting to shut their botnets down.
  • dongle - A dongle (pronounced DONG-uhl) is a mechanism for ensuring that only authorized users can copy or use specific software applications, especially very expensive programs.
  • due diligence - Due diligence definition: Due diligence is the process of systematically researching and verifying the accuracy of a particular statement.
  • eavesdropping - Eavesdropping is the unauthorized real-time interception of a private communication, such as a phone call, instant message, videoconference or fax transmission.
  • Electronic Code Book (ECB) - Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption.
  • electronic discovery (e-discovery or ediscovery) - Electronic discovery -- also called e-discovery or ediscovery -- refers to any process of obtaining and exchanging evidence in a civil or criminal legal case.
  • Elk Cloner - Elk Cloner was the first computer virus known to have spread in the wild.
  • elliptical curve cryptography (ECC) - Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.
  • email spoofing - Email spoofing is a form of cyber attack in which a hacker sends an email that has been manipulated to seem as if it originated from a trusted source.
  • employee monitoring - Employee monitoring is the use of various methods of workplace surveillance to gather information about the activities and locations of staff members.
  • employee onboarding and offboarding - Employee onboarding and offboarding are two core HR activities that are gaining in importance.
  • encoding and decoding - Encoding and decoding are used in many forms of communications, including computing, data communications, programming, digital electronics and human communications.
  • Encrypting File System (EFS) - The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent.
  • encryption - Encryption is the method by which information is converted into secret code that hides the information's true meaning.
  • end-to-end encryption (E2EE) - End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another.
  • endpoint fingerprinting - Endpoint fingerprinting is a feature of enterprise network access control (NAC) products that enables discovery, classification and monitoring of connected devices, including non-traditional network endpoints such as smartcard readers, HVAC systems, medical equipment and IP-enabled door locks.
  • endpoint security (endpoint security management) - Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted.
  • endpoint security management - Endpoint security management is a policy-based approach to network security that requires endpoint devices to comply with specific criteria before they are granted access to network resources.
  • ENISA (European Network and Information Security Agency) - The European Network and Information Security Agency (ENISA) is a European Union (EU) agency dedicated to preventing and addressing network security and information security problems.
  • enterprise mobility management (EMM) - Enterprise mobility management (EMM) is software that allows organizations to securely enable employee use of mobile devices and applications.
  • enterprise security governance - Enterprise security governance is a company's strategy to reduce risk by protecting systems and information, as well as its execution of that strategy.
  • erasure coding - Erasure coding (EC) is a method of data protection in which data is broken into fragments, expanded and encoded with redundant data pieces and stored across a set of different locations or storage media.
  • ethical hacker - An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit.
  • EU Data Protection Directive (Directive 95/46/EC) - EU Data Protection Directive (also known as Directive 95/46/EC) is a regulation adopted by the European Union to protect the privacy and protection of all personal data collected for or about citizens of the EU, especially as it relates to processing, using or exchanging such data.
  • European Computer Driving License (ECDL) - The European Computer Driving License (ECDL) is a certification for qualified computer operators in the same way that a regular driving license is a certification for qualified vehicle operators - although it differs in that one may lawfully operate a computer without a computer driving license.
  • Evaluation Assurance Level (EAL) - The Evaluation Assurance Level (EAL) is a grade assigned to an IT product or system after completing a Common Criteria security evaluation.
  • event handler - An event handler is a callback routine that operates asynchronously and handles inputs received into a program.
  • event handling - Event handling is the receipt of an event at some event handler from an event producer and subsequent processes.
  • event stream processing (ESP) - Event stream processing (ESP) is a software capacity designed to support implementation of event-driven architectures.
  • evil maid attack - An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended.
  • evil twin - An evil twin, in security, is a rogue wireless access point that masquerades as a legitimate hot spot.
  • facial recognition - Facial recognition is a category of biometric software that maps an individual's facial features mathematically and stores the data as a faceprint.
  • FACTA (Fair and Accurate Credit Transactions Act) - FACTA (Fair and Accurate Credit Transactions Act) is an amendment to FCRA (Fair Credit Reporting Act ) that was added, primarily, to protect consumers from identity theft.
SearchCompliance
  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity
  • encryption key

    In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted ...

  • payload (computing)

    In computing, a payload is the carrying capacity of a packet or other transmission data unit.

  • script kiddie

    Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
Close