Browse Definitions :

Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

KEY - PAY

  • key fob - A key fob is a small, programmable device that provides access to a physical object.
  • key-value pair (KVP) - A key-value pair (KVP) is a set of two linked data items: a key, which is a unique identifier for some item of data, and the value, which is either the data that is identified or a pointer to the location of that data.
  • keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger or keyboard capture, is a type of surveillance technology used to monitor and record each keystroke on a specific computer.
  • keystroke dynamics - Keystroke dynamics are the patterns of rhythm and timing created when a person types.
  • keyword stuffing - Keyword stuffing is the practice of inserting a large number of keywords into Web page content and meta tags in the attempt to artificially increase the page's ranking in search results.
  • kill switch - A kill switch in an IT context is a mechanism used to shut down or disable a device or program.
  • kiosk mode (Windows assigned access) - Kiosk mode is specialized function that allows Microsoft Windows to provide a single application for users signing on as guests or generic authorized users while preventing access to other files, data and functionality of the operating system and computer.
  • knowledge process outsourcing (KPO) - Knowledge process outsourcing (KPO) is the allocation of relatively high-level tasks to an outside organization or a different group within the same organization.
  • knowledge-based authentication (KBA) - In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.
  • known unknown - A known unknown is information whose existence you are aware of but that is not in your possession.
  • law of unintended consequences - The law of unintended consequences is a frequently-observed phenomenon in which any action has results that are not part of the actor's purpose.
  • LDAP injection - LDAP (Lightweight Directory Access Protocol) injection is a type of security exploit that is used to compromise the authentication process used by some websites.
  • LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
  • Let's Encrypt - Let's Encrypt is designed to simplify the acquisition of SSL/TLS digital certificates proving a site’s authenticity, while also providing encryption.
  • load testing - Load testing is the process of subjecting a computer, peripheral, server, network or application to a work level approaching the limits of its specifications.
  • log analytics - Log analytics is the assessment of a recorded set of information from one or more events, captured from a computer, network, application operating system (OS) or other IT ecosystem component.
  • log management - Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log data created within an information system.
  • logic bomb - A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.
  • Lookout Mobile Security - Lookout Mobile Security is an antimalware, data backup and remote management app for smartphones and tablets.
  • LUN masking - LUN masking is an authorization mechanism used in storage area networks (SANs) to make LUNs available to some hosts but unavailable to other hosts.
  • malware - Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.
  • Malware Analysis Report (MAR) - Malware Analysis Report (MAR) is a document that relates the functionality and effects of a given piece of malware.
  • man in the browser (MitB) - Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is capable of modifying that user's web transactions.
  • man-in-the-disk (MITD) attack - Man-in-the-disk (MITD) is an attack vector that allows an intruder to intercept and potentially alter data as it moves between Android external storage and an installed app.
  • managed file transfer (MFT) - Managed file transfer (MFT) is a type of software used to provide secure internal, external and ad-hoc data transfers through a network.
  • mandatory access control (MAC) - Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.
  • mantrap (interlocking door controller) - A mantrap is a small room with an entry door on one wall and an exit door on the opposite wall.
  • Massachusetts data protection law - What is the Massachusetts data protection law?The Massachusetts data protection law is legislation that stipulates security requirements for organizations that handle the private data of residents.
  • MD5 - The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.
  • meet-in-the-middle attack - Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key.
  • Melissa virus - Melissa was a type of email virus that initially become an issue in early 1999.
  • message authentication code (MAC) - A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.
  • metadata security - Metadata is defined as “data about data.
  • Metamorphic virus - A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration.
  • MICR (magnetic ink character recognition) - MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.
  • micro VM (micro virtual machine) - A micro VM (micro virtual machine) is a virtual machine program that serves to isolate an untrusted computing operation from a computer's host operating system.
  • micropayment - A micropayment is an e-commerce transaction involving a very small sum of money in exchange for something made available online, such as an application download, a service or Web-based content.
  • Microsoft Active Directory Rights Management Services (AD Rights Management Services) - Active Directory Rights Management Services (AD RMS) is a security tool that provides a safeguard to prevent unauthorized access to data.
  • Microsoft Antigen - Microsoft Antigen is a set of programs that provides security and e-mail filtering for network servers.
  • Microsoft AzMan (Microsoft Authorization Manager) - Microsoft AzMan (Authorization Manager) is a role-based access and security framework for .
  • Microsoft Dynamic Access Control (DAC) - Microsoft Dynamic Access Control (DAC) is a data governance tool in Windows Server 2012 that lets admins control the permission of access settings in an organization.
  • Microsoft Network Access Protection (NAP) - Network access protection (NAP), introduced with Windows Server 2008, is Microsoft’s approach to controlling access to a network based on a determination of each device’s health.
  • Microsoft Network Device Enrollment Service (NDES) - Microsoft Network Device Enrollment Service (NDES) is a security feature in Windows Server 2008 R2 and later Windows Server operating versions.
  • Microsoft Online Services Sign-In Assistant - The Microsoft Online Services Sign-In Assistant is a software application that provides common sign-on capabilities for a suite of Microsoft online services, such as Office 365.
  • Microsoft Security Configuration Wizard (SCW) - Microsoft Security Configuration Wizard (SCW) is an administrative tool used to change the default security settings on a server and to apply a security policy on multiple servers.
  • Microsoft Windows Update Agent - Microsoft Windows Update Agent is a tool that can work in conjunction with Windows Server Update Services on each client computer in an enterprise that checks for available updates.
  • MITRE ATT&CK framework - The MITRE ATT&CK (pronounced 'miter attack') framework is a free, globally accessible service that provides comprehensive and up-to-date cyberthreat information to organizations looking to strengthen their cybersecurity strategies.
  • Mobile Application Management (MAM) - Mobile application management (MAM) is software that secures and enables IT control over enterprise applications on end users' corporate and personal smartphones and tablets.
  • mobile application vetting - Mobile application vetting is a process that app developers take to verify the compliance of mobile applications with a specified security requirement or standard.
  • mobile malware - Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches.
  • mobile security certification - A mobile security certification is a formalized program that verifies the participant’s competency in tasks related to mobile security and administration.
  • mutual authentication - Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other.
  • national identity card - A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity.
  • National Vulnerability Database (NVD) - NVD (National Vulnerability Database) is a product of the National Institute of Standards and Technology (NIST) Computer Security Division and is used by the U.
  • NBAR (Network Based Application Recognition) - Network Based Application Recognition (NBAR) is a mechanism that classifies and regulates bandwidth for network applications to ensure that available resources are utilized as efficiently as possible.
  • near-field communication (NFC) - Near-field communication (NFC) is a short-range wireless connectivity technology that uses magnetic field induction to enable communication between devices when they're touched together or brought within a few centimeters of each other.
  • Nessus - Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools.
  • Network Access Quarantine Control (NAQC) - Network Access Quarantine Control (NAQC) is a Resource Kit tool in Windows Server 2003 and  Windows Server 2008 that allows administrators to prevent remote client computers from connecting to their network with machines that aren't secure.
  • network attack surface - Every point of network interaction is a part of the network attack surface.
  • network behavior anomaly detection (NBAD) - Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.
  • network intrusion protection system (NIPS) - A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity.
  • network scanning - Network scanning is a procedure for identifying active devices on a network by employing a feature or features in the network protocol to signal devices and await a response.
  • Next Generation Secure Computing Base (NGSCB) - The Next Generation Secure Computing Base (NGSCB) is a part of the Microsoft Vista operating system (OS) that employs a trusted platform module (TPM), a specialized chip that can be installed on the motherboard of a personal computer (PC) or server for the purpose of hardware authentication.
  • next-generation firewall (NGFW) - A next-generation firewall (NGFW) is part of the third generation of firewall technology that can be implemented in hardware or software.
  • NIST 800 Series - The NIST 800 Series is a set of documents that describe United States federal government computer security policies, procedures and guidelines.
  • NIST Cybersecurity Framework - The NIST Cybersecurity Framework (NIST CSF) is a policy framework surrounding IT infrastructure security.
  • non-disclosure agreement (NDA) - A non-disclosure agreement (NDA), also known as a confidentiality agreement (CA), is a signed legally binding contract in which one party agrees to give a second party confidential information about its business or products and the second party agrees not to share this information with anyone else for a specified period of time.
  • nonrepudiation - Nonrepudiation ensures that no party can deny that it sent or received a message via encryption and/or digital signatures or approved some information.
  • OAuth - OAuth (Open Authorization) is an open standard authorization framework for token-based authorization on the internet.
  • obfuscation - Obfuscation means to make something difficult to understand.
  • OCR (optical character recognition) - OCR (optical character recognition) is the use of technology to distinguish printed or handwritten text characters inside digital images of physical documents, such as a scanned paper document.
  • OCSP (Online Certificate Status Protocol) - OCSP (Online Certificate Status Protocol) is one of two common schemes used to maintain the security of a server and other network resources.
  • OCTAVE - OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) is a security framework for determining risk level and planning defenses against cyber assaults.
  • Office of Personnel Management (OPM) - The Office of Personnel Management (OPM) is an independent agency of the United States government that is tasked with the oversight of civil service hirings.
  • one-time pad - In cryptography, a one-time pad is a system in which a randomly generated private key is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.
  • one-time password (OTP) - A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session.
  • OneID - OneID is a digital identity management service that provides a repository for usernames and passwords, eliminating the need for people to remember numerous arcane character sequences.
  • OODA loop - The OODA loop (Observe, Orient, Decide, Act) is a four-step approach to decision-making that focuses on filtering available information, putting it in context and quickly making the most appropriate decision while also understanding that changes can be made as more data becomes available.
  • open redirect - Open redirect is a security flaw in an app or a web page that causes it to fail to properly authenticate URLs.
  • open security - Open security is an approach to safeguarding software, hardware and other information system components with methods whose design and details are publicly available.
  • Open Source Hardening Project - The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code.
  • Open System Authentication (OSA) - Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.
  • Open Web Application Security Project (OWASP) - The Open Web Application Security Project (OWASP) is a nonprofit foundation that provides guidance on how to develop, purchase and maintain trustworthy and secure software applications.
  • OpenID (OpenID Connect) - OpenID is an open specification for authentication and single sign-on.
  • OpenSSL - OpenSSL is a general purpose cryptography library that provides an open source implementation of the SSL and TLS protocols.
  • operational costs - Definition - In information technology, operational costs document the price of running of IT services on a day-to-day basis.
  • OPSEC (operations security) - OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines what is required to protect sensitive information and prevent it from getting into the wrong hands.
  • organizational unit (OU) - An organizational unit (OU) is a container within a Microsoft Active Directory domain which can hold users, groups and computers.
  • out-of-band patch - An out-of-band patch is a patch released at some time other than the normal release time.
  • PA-DSS (Payment Application Data Security Standard) - Payment Application Data Security Standard (PA-DSS) is a set of requirements intended to help software vendors develop secure payment applications for credit card transactions.
  • PAN truncation (primary account number) - PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card, debit card or bank account number from appearing on printed receipts issued to customers.
  • parameter tampering - Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's authorization.
  • passenger name record (PNR) - A passenger name record (PNR) is a collection of data pertaining to an individual air traveler or a group of individuals travelling together.
  • passphrase - A passphrase is a sentencelike string of words used for authentication that is longer than a traditional password, easy to remember and difficult to crack.
  • password - A password is a string of characters used to verify the identity of a user during the authentication process.
  • password cracking - Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.
  • password hardening - Password hardening is any one of a variety of measures taken to make it more difficult for an intruder to circumvent the authentication process.
  • password salting - Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them.
  • password strength meter - A password strength meter is an indicator, either in graphical or text form, of the strength of a password as entered by a user.
  • passwordless authentication - Passwordless authentication is a verification process that determines whether someone is, in fact, who they say they are without requiring the person to manually enter a string of characters.
SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an...

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

  • data compliance

    Data compliance is a process that identifies the applicable governance for data protection, security, storage and other ...

SearchCIO
  • data privacy (information privacy)

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • leadership skills

    Leadership skills are the strengths and abilities individuals demonstrate that help to oversee processes, guide initiatives and ...

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

SearchHRSoftware
SearchCustomerExperience
  • recommerce

    Recommerce is the selling of previously owned items through online marketplaces to buyers who reuse, recycle or resell them.

  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

Close