Security management
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.GRO - LIN
- Group Policy Object (GPO) - Microsoft’s Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users.
- gummy bear hack - A gummy bear hack is an attempt to fool a biometric fingerprint scanner by using a gelatin-based candy to hold a fingerprint.
- hacker - A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.
- hacktivism - Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.
- hard drive overwriter - In e-cycling, a hard drive overwriter is a program or utility that repeatedly overwrites the data on a computer's hard drive with gibberish.
- hard-drive encryption - Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.
- Hash-based Message Authentication Code (HMAC) - Hash-based Message Authentication Code (HMAC) is a message authentication code that uses a cryptographic key in conjunction with a hash function.
- hashing - Hashing is the transformation of a string of characters into a usually shorter fixed-length value or key that represents the original string.
- HI-MEMS cyborg insects (Hybrid Insect Micro-Electro-Mechanical Systems) - The Hybrid Insect Micro-Electro-Mechanical Systems (HI-MEMS) program, also known as the cybug program, is a proposal from the Defense Advanced Research Projects Agency (DARPA) to encourage the development of cyborg insects that can be controlled by humans.
- hijacking - Hijacking is a type of network security attack in which the attacker takes control of a communication - just as an airplane hijacker takes control of a flight - between two entities and masquerades as one of them.
- holistic security - Holistic security is an approach that seeks to integrate all the elements designed to safeguard an organization, considering them as a complex and interconnected system.
- homomorphic encryption - Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form.
- Honey Encryption - Honey Encryption is a security tool that makes it difficult for an attacker who is carrying out a brute force attack to know if he has correctly guessed a password or encryption key.
- honey monkey - A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet.
- honeynet - A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security.
- Honeynet Project - The Honeynet Project is a non-profit volunteer organization dedicated to computer security research and information sharing.
- honeypot (computing) - A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.
- host intrusion prevention systems (HIPS) - A host intrusion prevention system (HIPS) is a security method that relies on third-party software tools to monitor network traffic and system activities for anomalous code behavior to identify and prevent malicious activities.
- hot site and cold site - A hot site is a commercial disaster recovery service that allows a business to continue computer and network operations in the event of a computer or equipment disaster.
- hotword - Hotword is an audio listening module included with Google Chrome and Chromium, the open source version of the browser.
- htaccess - .htaccess is the default name for a file that is used to indicate who can or cannot access the contents of a specific file directory from the Internet or an intranet.
- HTTPS (HTTP over SSL or HTTP Secure) - HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering.
- hybrid virus (multi-part or multipartite virus) - A hybrid virus (sometimes called a multi-part or multipartite virus) is one that combines characteristics of more than one type to infect both program files and system sectors.
- hypervisor security - Hypervisor security is the process of ensuring the hypervisor, the software that enables virtualization, is secure throughout its life cycle, including during development, implementation, provisioning, management and de-provisioning.
- I-SPY Act -- Internet Spyware Prevention Act of 2005 (H.R. 744) - The I-SPY Act, formally known as the Internet Spyware Prevention Act of 2005 (H.
- identity and access management (IAM) - Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities.
- identity chaos (password chaos) - Identity chaos (sometimes called password chaos) is a situation in which users have multiple identities and passwords across a variety of networks, applications, computers and/or computing devices.
- Identity Ecosystem - Identity Ecosystem, more formally known as the National Strategy for Trusted Identities in Cyberspace, is a proposal from the United States federal government to improve identity authentication on the Internet and make online transactions safer.
- identity governance - Identity governance is the policy-based centralized orchestration of user identity management and access control.
- identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information, such as Social Security or driver's license numbers, in order to impersonate someone else.
- IFrame (Inline Frame) - The IFrame HTML element is often used to insert content from another source, such as an advertisement, into a Web page.
- IISP (Institute of Information Security Professionals) - The IISP (Institute of Information Security Professionals) is a London-based professional membership association who describes its purpose as: "to set the standard for professionalism in information security, and to speak with an independent and authoritative voice on the subject.
- IM worm - An IM worm is self-replicating malicious code that spreads in instant messaging networks.
- in the wild - According to noted computer virus expert Paul Ducklin, in order for a virus to be considered in the wild, "it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users.
- incident - An incident is an occurrence where a service or component fails to provide a feature or service that it was designed to deliver.
- incident response - Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident.
- incident response plan (IRP) - An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or corporate data security.
- incident response team - An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.
- Indicators of Compromise (IOC) - Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.
- Information Assurance Standard 6 (IAS 6) - The Information Assurance Standard 6 (IAS 6) is legislation enacted by the British government in May 2009 as part of its Security Policy Framework (SPF).
- information security (infosec) - Information security (infosec) is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information.
- Information Security Breaches Survey (ISBS) - The Information Security Breaches Survey is an independent security research effort in the U.
- information security management system (ISMS) - An information security management system (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data.
- information signature - To fight terrorism, the Information Awareness Office (IAO) of the U.
- Information Technology Amendment Act 2008 (IT Act 2008) - The Information Technology Amendment Act, 2008 (IT Act 2008) is a substantial addition to India's Information Technology Act (ITA-2000).
- information-centric security - Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rather than the security of networks, applications, or even simply data.
- Infosys Technologies (Infosys Limited) - Infosys Technologies (now known as Infosys Limited) is a global IT consulting firm headquartered in Bangalore, India.
- Infranet Initiative - The Infranet Initiative is a collaborative effort to develop a high-performance universal public network that would serve as a supplement to the Internet for businesses and other high-demand users.
- initialization vector (IV) - An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption.
- insider threat - Insider threat is a category of risk posed by humans who have access to an organization's physical or digital assets.
- integer overflow - Integer overflow is the result of trying to place into computer memory an integer (whole number) that is too large for the integer data type in a given system.
- integrated access management (IAM) - Integrated access management (IAM) is a combination of business processes, policies and technologies that allows organizations to provide secure access to confidential data.
- integrated threat management - Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels.
- intelligence (intel) - According to the FBI, intelligence is both the information itself and the processes used to collect and analyze it.
- intelligent video - Intelligent video is digital video technology integrated with analytical software.
- International Data Encryption Algorithm (IDEA) - IDEA (International Data Encryption Algorithm) is an encryption algorithm developed at ETH in Zurich, Switzerland.
- International Information Systems Security Certification Consortium (ISC)2 - The International Information Systems Security Certification Consortium -- (ISC)2 -- is a non-profit organization that provides security training and certificates.
- Internet Key Exchange (IKE) - The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.
- Internet reboot keys - Internet reboot keys are encrypted DNSSEC keys that can restore the Internet root zone in the event of an attack or natural catastrophe.
- intrusion detection system (IDS) - An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered.
- intrusion prevention - Intrusion prevention is a preemptive approach to network security used to identify potential threats and respond to them swiftly.
- inverse mapping - Inverse mapping is a procedure used to create associations between real or virtual objects that involves some type of reversal of another process or concept.
- IP camera - An IP camera is a networked digital video camera that transmits data over a Fast Ethernet link.
- IP Spoofing - IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.
- IP surveillance - IP surveillance is a digitized and networked version of closed-circuit television (CCTV).
- IPsec (Internet Protocol Security) - IPsec, also known as the Internet Protocol Security or IP Security protocol, defines the architecture for security services for IP network traffic.
- iptables - Iptables is a generic table structure that defines rules and commands as part of the netfilter framework that facilitates Network Address Translation (NAT), packet filtering, and packet mangling in the Linux 2.
- iris recognition - Iris recognition is a method of identifying people based on unique patterns within the ring-shaped region surrounding the pupil of the eye.
- ISA Server (Internet Security and Acceleration Server) - Microsoft's ISA Server (Internet Security and Acceleration Server) is the successor to Microsoft's Proxy Server 2.
- ISO 27001 - ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS).
- ISO 27002 (International Organization for Standardization 27002) - The ISO 27002 standard is a collection of information security guidelines that are intended to help an organization implement, maintain, and improve its information security management.
- ISO/IEC 38500 - ISO/IEC 38500 is an international standard created to guide corporate governance of information technology (IT).
- ISSA (Information Systems Security Association) - The Information Systems Security Association, commonly known as ISSA, is an international, nonprofit organization for information security professionals.
- IT incident report - An IT incident report is documentation of an event that has disrupted the normal operation of some IT system (or that had the potential to do so) and how that situation was handled.
- IT systems management - Systems management is the administration of the information technology systems in an enterprise data center.
- IT-ISAC (Information Technology Information Sharing and Analysis Center) - IT-ISAC (Information Technology Information Sharing and Analysis Center) is a facility founded in January, 2001 by nineteen prominent IT industry companies (including Oracle, IBM, EDS, and Computer Sciences) to serve as a central repository for security-related information.
- IT/OT convergence - IT/OT convergence is the integration of information technology (IT) systems used for data-centric computing with operational technology (OT) systems used to monitor events, processes and devices and make adjustments in enterprise and industrial operations.
- ITIL v3 - ITIL v3 is the third version of the Information Technology Infrastructure Library, a globally recognized collection of best practices for managing information technology (IT).
- JavaScript hijacking - JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML).
- journaling file system - A journaling file system is a fault-resilient file system in which data integrity is ensured because updates to directories and bitmaps are constantly written to a serial log on disk before the original disk log is updated.
- Kerberos - Kerberos is the authentication protocol used by most operating systems.
- key - In cryptography, a key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text, or to decrypt encrypted text.
- key chain - A key chain is a series of keys that can be created to help ensure secure communication between routers in a network.
- key fob - A key fob is a small, programmable hardware device that provides access to a physical object.
- key string - A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network.
- key-value pair (KVP) - A key-value pair (KVP) is a set of two linked data items: a key, which is a unique identifier for some item of data, and the value, which is either the data that is identified or a pointer to the location of that data.
- keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard.
- keystroke dynamics - Keystroke dynamics are the patterns of rhythm and timing created when a person types.
- kiosk mode (Windows assigned access) - Kiosk mode is specialized function that allows Microsoft Windows to provide a single application for users signing on as guests or generic authorized users while preventing access to other files, data and functionality of the operating system and computer.
- knowledge process outsourcing (KPO) - Knowledge process outsourcing (KPO) is the allocation of relatively high-level tasks to an outside organization or a different group within the same organization.
- knowledge-based authentication (KBA) - In a KBA scheme, the user is asked to answer at least one "secret" question before being allowed to change account settings or reset a password.
- known unknown - A known unknown is information whose existence you are aware of but that is not in your possession.
- Kriz virus (W32.Kriz, W32.Kriz.dr, or PE_KRIZ) - Discovered in the fall of 1999, the Kriz virus (known more formally as W32.
- law of unintended consequences - The law of unintended consequences is a frequently-observed phenomenon in which any action has results that are not part of the actor's purpose.
- LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
- Learning Guide: Spyware - Why spyware isn't just a home-user problem.
- Let's Encrypt - Let's Encrypt is designed to simplify the acquisition of SSL/TLS digital certificates proving a site’s authenticity, while also providing encryption.
- lifestyle polygraph - A lifestyle polygraph is a lie-detector (polygraph) test that is administered as a requirement for employment in certain fields.
- link encryption (link level or link layer encryption) - Link encryption (sometimes called link level or link layer encryption) is the data security process of encrypting information at the data link level as it is transmitted between two points within a network.