Browse Definitions :

Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

LOC - PA-

  • local wipe - Local wipe, also known as auto-wipe, is deletion of a device's data which is initiated by software on the device itself, rather than through remote administration.
  • locked down device (LDD) - A locked down device (LDD) is a mobile device, typically a smartphone, that is shipped by a vendor with the ability to accept only the SIM card that originally came with it.
  • log management - Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log data created within an information system.
  • logic bomb - A logic bomb, sometimes referred to as slag code, is a string of malicious code used to cause harm to a network when the programmed conditions are met.
  • Lookout Mobile Security - Lookout Mobile Security is an antimalware, data backup and remote management app for smartphones and tablets.
  • LUN masking - LUN masking is a further constraint added to zoning, subdividing access to the port so that only LUNs authorized to access a specific server can access the corresponding port.
  • Mahindra Special Services Group (MSSG) - Mahindra Special Services Group (MSSG) is a corporate security consultancy firm.
  • malvertizement - A malvertizement is malicious coding served through an ad on a Web site or in an email message.
  • malware (malicious software) - Malware, or malicious software, is any program or file that is harmful to a computer user.
  • man-in-the-middle attack (MitM) - A man-in-the-middle attack is one in which the attacker secretly intercepts and relays messages between two parties who think they are communicating directly with each other.
  • managed file transfer (MFT) - Managed file transfer (MFT) is a type of software used to provide secure internal, external and ad-hoc data transfers through a network.
  • Managed security service provider (MSSP) - A managed security service provider (MSSP) is an IT service provider that provides an organization with some amount of cybersecurity monitoring and management, which may include virus and spam blocking, intrusion detection, firewalls and virtual private network (VPN) management.
  • mandatory access control (MAC) - Mandatory access control (MAC) is a system-controlled policy restricting access to resource objects (such as data files, devices, systems, etc.
  • mantrap (interlocking door controller) - A mantrap is a small room with an entry door on one wall and an exit door on the opposite wall.
  • masquerade - In general, a masquerade is a disguise.
  • Massachusetts data protection law - What is the Massachusetts data protection law?The Massachusetts data protection law is legislation that stipulates security requirements for organizations that handle the private data of residents.
  • MD2 - MD2 is an earlier, 8-bit version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a fingerprint is to the specific individual.
  • MD4 - MD4 is an earlier version of MD5, an algorithm used to verify data integrity through the creation of a 128-bit message digest from data input (which may be a message of any length) that is claimed to be as unique to that specific data as a fingerprint is to the specific individual.
  • MD5 - The MD5 hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.
  • Melissa virus - Melissa is a fast-spreading macro virus that is distributed as an e-mail attachment that, when opened, disables a number of safeguards in Word 97 or Word 2000, and, if the user has the Microsoft Outlook e-mail program, causes the virus to be resent to the first 50 people in each of the user's address books.
  • message authentication code (MAC) - A message authentication code (MAC) is a cryptographic checksum on data that uses a session key to detect both accidental and intentional modifications of the data.
  • metadata security - Metadata is defined as “data about data.
  • Metasploit Project - Metasploit Framework - The Metasploit Project is an open source computer security project that provides a public resource for researching and developing exploit code.
  • MICR (magnetic ink character recognition) - MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.
  • micro VM (micro virtual machine) - A micro VM (micro virtual machine) is a virtual machine program that serves to isolate an untrusted computing operation from a computer's host operating system.
  • micro-virtualization - Micro-virtualization is technology that abstracts applications and sub-processes from hardware and runs them in isolated environments.
  • micropayment - A micropayment is an e-commerce transaction involving a very small sum of money in exchange for something made available online, such as an application download, a service or Web-based content.
  • Microsoft Active Directory Rights Management Services (AD Rights Management Services) - Active Directory Rights Management Services (AD RMS) is a security tool that provides a safeguard to prevent unauthorized access to data.
  • Microsoft Antigen - Microsoft Antigen is a set of programs that provides security and e-mail filtering for network servers.
  • Microsoft AzMan (Microsoft Authorization Manager) - Microsoft AzMan (Authorization Manager) is a role-based access and security framework for .
  • Microsoft Dynamic Access Control (DAC) - Microsoft Dynamic Access Control (DAC) is a data governance tool in Windows Server 2012 that lets admins control the permission of access settings in an organization.
  • Microsoft Management Console (MMC) - The Microsoft Management Console (MMC) is an application that provides a graphical-user interface (GUI) and a programming framework in which consoles (collections of administrative tools) can be created, saved, and opened.
  • Microsoft Network Access Protection (NAP) - Network access protection (NAP), introduced with Windows Server 2008, is Microsoft’s approach to controlling access to a network based on a determination of each device’s health.
  • Microsoft Network Device Enrollment Service (NDES) - Microsoft Network Device Enrollment Service (NDES) is a security feature in Windows Server 2008 R2 and later Windows Server operating versions.
  • Microsoft Online Services Sign-In Assistant - The Microsoft Online Services Sign-In Assistant is a software application that provides common sign-on capabilities for a suite of Microsoft online services, such as Office 365.
  • Microsoft Security Configuration Wizard (SCW) - Microsoft Security Configuration Wizard (SCW) is an administrative tool used to change the default security settings on a server and to apply a security policy on multiple servers.
  • Microsoft System Center Mobile Device Manager (MSCMDM) - Microsoft System Center Mobile Device Manager (MSCMDM) is server-based software that allows enterprise IT professionals to manage and automate tasks for Windows Mobile devices.
  • Microsoft Windows Server 2012 Remote Access - Remote Access is a Windows Server 2012 and Windows Server 2012 R2 feature that combines DirectAccess, Routing and Remote Access Service features.
  • Microsoft Windows Update Agent - Microsoft Windows Update Agent is a tool that can work in conjunction with Windows Server Update Services on each client computer in an enterprise that checks for available updates.
  • MIEL e-Security - MIEL e-Security is a Mumbai-based organization that provides information security services and solutions to organizations worldwide.
  • minutiae - In the biometric process of fingerscanning, minutiae are specific points in a finger image.
  • Mobile Active Defense (MAD) - Mobile Active Defense’s main product is the Mobile Enterprise Compliance and Security Server (MECS).
  • mobile application management (MAM) - Mobile application management (MAM) is software that secures and enables IT control over enterprise applications on end users' corporate and personal smartphones and tablets.
  • mobile malware - Mobile malware is malicious software specifically written to attack mobile devices such as smartphones, tablets, and smartwatches.
  • mobile security certification - A mobile security certification is a formalized program that verifies the participant’s competency in tasks related to mobile security and administration.
  • MPPE (Microsoft Point-to-Point Encryption) - MPPE (Microsoft Point-to-Point Encryption) is a method of encrypting data transferred across Point-to-Point Protocol (PPP)-based dial-up connections or Point-to-Point Tunneling Protocol (PPTP) virtual private network (VPN) connections.
  • multifactor authentication (MFA) - Multifactor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.
  • mutual authentication - Mutual authentication, also called two-way authentication, is a process or technology in which both entities in a communications link authenticate each other.
  • Mytob - Mytob is a worm used by hackers to gather personal and financial information by phishing, a form of e-mail fraud where the perpetrator sends out legitimate-looking messages that appear to come from well-known and trustworthy Web sites.
  • National Automated Clearing House Association (NACHA) - The National Automated Clearing House Association (NACHA) is a not-for-profit trade association that develops operating rules and business practices for the nationwide network of automated clearing houses (ACHs) and for other areas of electronic payments.
  • National Computer Security Center (NCSC) - The National Computer Security Center (NCSC) is a U.
  • national identity card - A national identity card is a portable document, typically a plasticized card with digitally-embedded information, that someone is required or encouraged to carry as a means of confirming their identity.
  • National Information Assurance Partnership (NIAP) - The National Information Assurance Partnership (NIAP) is a U.
  • National Vulnerability Database (NVD) - NVD (National Vulnerability Database) is a product of the National Institute of Standards and Technology (NIST) Computer Security Division and is used by the U.
  • NBAR (Network Based Application Recognition) - Network Based Application Recognition (NBAR) is a mechanism that classifies and regulates bandwidth for network applications to ensure that available resources are utilized as efficiently as possible.
  • Near Field Communication (NFC) - Near Field Communication (NFC) is a short-range wireless connectivity standard (Ecma-340, ISO/IEC 18092) that uses magnetic field induction to enable communication between devices when they're touched together, or brought within a few centimeters of each other.
  • NEOSSat (Near Earth Object Surveillance Satellite) - NEOSSat (Near Earth Object Surveillance Satellite) is a satellite designed to identify and track objects in space, such as asteroids, comets and other satellites.
  • Nessus - Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools.
  • netfilter - Netfilter is a utility in Linux 2.
  • netmask - In administering Internet sites, a netmask is a string of 0's and 1's that mask or screen out the network part of an IP address(IP) so that only the host computer part of the address remains.
  • Network Access Quarantine Control (NAQC) - Network Access Quarantine Control (NAQC) is a Resource Kit tool in Windows Server 2003 and  Windows Server 2008 that allows administrators to prevent remote client computers from connecting to their network with machines that aren't secure.
  • network attack surface - Every point of network interaction is a part of the network attack surface.
  • network behavior analysis (NBA) - Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation.
  • network behavior anomaly detection (NBAD) - Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends.
  • network encryption (network layer or network level encryption) - Network encryption (sometimes called network layer, or network level encryption) is a network security process that applies crypto services at the network transfer layer - above the data link level, but below the application level.
  • network forensics - Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.
  • Network Intelligence India Pvt. Ltd. (NII Consulting) - Network Intelligence India Pvt.
  • network intrusion protection system (NIPS) - A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity.
  • network perimeter - A network perimeter is the boundary between the private and locally managed-and-owned side of a network and the public and usually provider-managed side of a network.
  • network scanning - Network scanning is a procedure for identifying active devices on a network by employing a feature or features in the network protocol to signal devices and await a response.
  • Next Generation Secure Computing Base (NGSCB) - The Next Generation Secure Computing Base (NGSCB) is a part of the Microsoft Vista operating system (OS) that employs a trusted platform module (TPM), a specialized chip that can be installed on the motherboard of a personal computer (PC) or server for the purpose of hardware authentication.
  • Nimda - First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the Internet, spreading through four different methods, infecting computers containing Microsoft's Web server, Internet Information Server (IIS), and computer users who opened an e-mail attachment.
  • NIST 800 Series - The NIST 800 Series is a set of documents that describe United States federal government computer security policies, procedures and guidelines.
  • NO2ID (NO to a national ID) - NO2ID is a grass-roots campaign in the UK that developed in opposition to the government's proposed National Identity Scheme.
  • non-disclosure agreement (NDA) - A non-disclosure agreement (NDA), also known as a confidentiality agreement (CA), is a signed legally binding contract in which one party agrees to give a second party confidential information about its business or products and the second party agrees not to share this information with anyone else for a specified period of time.
  • nonrepudiation - Nonrepudiation is the assurance that someone cannot deny something, such as the receipt of a message or the authenticity of a statement or contract.
  • nuclear option - The nuclear option, in a colloquial sense, is the most extreme solution to a given problem.
  • OAuth - OAuth (Open Authorization) is an open protocol for token-based authentication and authorization on the Internet.
  • OCR (optical character recognition) - OCR (optical character recognition) is the use of technology to distinguish printed or handwritten text characters inside digital images of physical documents, such as a scanned paper document.
  • OCSP (Online Certificate Status Protocol) - OCSP (Online Certificate Status Protocol) is one of two common schemes for maintaining the security of a server and other network resources.
  • OCTAVE - OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) is a security framework for determining risk level and planning defenses against cyber assaults.
  • Office of Personnel Management (OPM) - The Office of Personnel Management (OPM) is an independent agency of the United States government that is tasked with the oversight of civil service hirings.
  • one-time pad - In cryptography, a one-time pad is a system in which a private key generated randomly is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key.
  • OneID - OneID is a digital identity management service that provides a repository for usernames and passwords, eliminating the need for people to remember numerous arcane character sequences.
  • online data backup (remote data backup) - Online data backup (remote data backup) is a method of off-site storage in which data is regularly backed up over a network on a remote server, typically hosted by a provider.
  • OODA loop - The OODA loop (Observe, Orient, Decide, Act) is a four-step approach to decision-making that focuses on filtering available information, putting it in context and quickly making the most appropriate decision while also understanding that changes can be made as more data becomes available.
  • Open Source Hardening Project - The Open Source Hardening Project is an initiative of the United States Department of Homeland Security, created to improve the security of open source code.
  • Open System Authentication (OSA) - Open System Authentication (OSA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol.
  • OpenBSD - OpenBSD is a free open source operating system based upon the Berkeley Software Distribution (BSD) for UNIX.
  • OpenID (OpenID Connect) - OpenID is an open specification for authentication and single sign-on.
  • OpenSSL - OpenSSL is a general purpose cryptography library that provides an open source implementation of the SSL and TLS protocols.
  • operational costs - Definition - In information technology, operational costs document the price of running of IT services on a day-to-day basis.
  • OPSEC (operational security) - OPSEC (operational security) is an analytical process that identifies assets such as sensitive corporate information or trade secrets, and determines the controls required to protect these assets.
  • Oracle Mobile Security Suite (OMSS) - Oracle Mobile Security Suite (OMSS) is a mobile security system intended to allow organizations to provide secure application access from mobile devices to enterprise applications.
  • organizational unit (OU) - An organizational unit (OU) is a container within a Microsoft Active Directory domain which can hold users, groups and computers.
  • output feedback (OFB) - In cryptography, output feedback (OFB) is a mode of operation for a block cipher.
  • ownership tag - An ownership tag is a security feature on Compaq computers, consisting of an encrypt ed text string that displays at startup to uniquely identify a computer.
  • P versus NP (polynomial versus nondeterministic polynomial) - P versus NP (polynomial versus nondeterministic polynomial) refers to a theoretical question presented in 1971 by Leonid Levin and Stephen Cook, concerning mathematical problems that are easy to solve (P type) as opposed to problems that are difficult to solve (NP type).
  • PA-DSS (Payment Application Data Security Standard) - Payment Application Data Security Standard (PA-DSS) is a set of requirements that are intended to help software vendors develop secure payment applications that support PCI DSS compliance.

-ADS BY GOOGLE

SearchCompliance

SearchSecurity

  • GPS jamming

    GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.

  • time-based one-time password (TOTP)

    A time-based one-time password (TOTP) is a temporary code, generated by an algorithm, for use in authenticating access to ...

  • Security Operations Center (SOC)

    A security operations center (SOC) is a command center facility for a team of IT professionals with expertise in information ...

SearchHealthIT

SearchDisasterRecovery

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

SearchStorage

  • network-attached storage (NAS)

    Network-attached storage (NAS) is dedicated file storage that enables multiple users and heterogeneous client devices to retrieve...

  • SSD (solid-state drive)

    An SSD (solid-state drive) is a type of nonvolatile storage media that stores persistent data on solid-state flash memory.

  • NAND flash memory

    NAND flash memory is a type of nonvolatile storage technology that does not require power to retain data.

Close