Term
|
Definition
| Reliable and timely access to data and resources is provided to authorized individuals. |
|
|
Term
|
Definition
| Accuracy and reliability of the information and systems are provided and any unauthorized modification is prevented. |
|
|
Term
|
Definition
| Necessary level of secrecy is enforced and unauthorized disclosure is prevented. |
|
|
Term
|
Definition
| Viewing information in an unauthorized manner by looking over the shoulder of someone else. |
|
|
Term
|
Definition
| Gaining unauthorized access by tricking someone into divulging sensitive information. |
|
|
Term
|
Definition
| Weakness or a lack of a countermeasure. |
|
|
Term
|
Definition
| Entity that can exploit a vulnerability. |
|
|
Term
|
Definition
| The danger of a threat agent exploiting a vulnerability. |
|
|
Term
|
Definition
| The probability of a threat agent exploiting a vulnerability and the associated impact. |
|
|
Term
|
Definition
| Safeguard that is put in place to reduce a risk, also called a countermeasure. |
|
|
Term
|
Definition
| Presence of a vulnerability, which exposes the organization to a threat. |
|
|
Term
|
Definition
| Administrative, technical (logical), and physical |
|
|
Term
|
Definition
| Discourage a potential attacker |
|
|
Term
|
Definition
| Stop an incident from occurring |
|
|
Term
|
Definition
| Fix items after an incident has occurred |
|
|
Term
|
Definition
| Restore necessary components to return to normal operations |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Alternative control that provides similar protection as the original control |
|
|
Term
|
Definition
| Implementation of multiple controls so that successful penetration and compromise is more difficult to attain. |
|
|
Term
| Security through obscurity |
|
Definition
| Relying upon the secrecy or complexity of an item as its security, instead of practicing solid security practices. |
|
|
Term
|
Definition
| Industry-recognized best practices for the development and management of an information security management system. |
|
|
Term
|
Definition
| Enterprise architecture framework used to define and understand a business environment developed by John Zachman. |
|
|
Term
|
Definition
| Enterprise architecture framework used to define and understand a business environment developed by The Open Group. |
|
|
Term
|
Definition
| framework Risk-driven enterprise security architecture that maps to business initiatives, similar to the Zachman framework. |
|
|
Term
|
Definition
| U.S. Department of Defense architecture framework that ensures interoperability of systems to meet military mission goals. |
|
|
Term
|
Definition
| Architecture framework used mainly in military support missions developed by the British Ministry of Defence. |
|
|
Term
|
Definition
| Set of control objectives used as a framework for IT governance developed by Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI). |
|
|
Term
|
Definition
| Set of controls that are used to secure U.S. federal systems developed by NIST. |
|
|
Term
|
Definition
| Internal control model used for corporate governance to help prevent fraud developed by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission. |
|
|
Term
|
Definition
| Best practices for information technology services management processes developed by the United Kingdom |
|
|
Term
|
Definition
| Business management strategy developed by Motorola with the goal of improving business processes. |
|
|
Term
| Capability Maturity Model Integration (CMMI) |
|
Definition
| Process improvement model developed by Carnegie Mellon. |
|
|
Term
|
Definition
| Risk Management Guide for Information Technology Systems A U.S. federal standard that is focused on IT risks. |
|
|
Term
| Facilitated Risk Analysis Process (FRAP) |
|
Definition
| A focused, qualitative approach that carries out pre-screening to save time and money. |
|
|
Term
| Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) |
|
Definition
| Team-oriented approach that assesses organizational and IT risks through facilitated workshops. |
|
|
Term
|
Definition
| Australia and New Zealand business risk management assessment approach. |
|
|
Term
|
Definition
| International standard for the implementation of a risk management program that integrates into an information security management system (ISMS). |
|
|
Term
| Failure Modes and Effect Analysis (FMEA) |
|
Definition
| Approach that dissects a component into its basic functions to identify flaws and those flaw's effects. |
|
|
Term
|
Definition
| Approach to map specific flaws to root causes in complex systems. |
|
|
Term
|
Definition
| Central Computing and Telecommunications Agency Risk Analysis and Management Method. |
|
|
Term
| Quantitative risk analysis |
|
Definition
| Assigning monetary and numeric values to all the data elements of a risk assessment. |
|
|
Term
| Qualitative risk analysis |
|
Definition
| Opinion-based method of analyzing risk with the use of scenarios and ratings. |
|
|
Term
| Single loss expectancy (SLE) |
|
Definition
| One instance of an expected loss if a specific vulnerability is exploited and how it affects a single asset. Asset Value |
|
|
Term
| Annualized loss expectancy (ALE) |
|
Definition
| Annual expected loss if a specific vulnerability is exploited and how it affects a single asset. SLE |
|
|
Term
|
Definition
| Assigning confidence level values to data elements. |
|
|
Term
|
Definition
| Data collection method that happens in an anonymous fashion. |
|
|
Term
|
Definition
| Calculating the value of a control. (ALE before implementing a control) |
|
|
Term
| Functionality versus effectiveness of control |
|
Definition
| Functionality is what a control does, and its effectiveness is how well the control does it. |
|
|
Term
|
Definition
| Full risk amount before a control is put into place. Threats |
|
|
Term
|
Definition
| Risk that remains after implementing a control. Threats |
|
|
Term
| Accepted ways for handling risk |
|
Definition
| Accept, transfer, mitigate, avoid. |
|
|
Term
|
Definition
| High-level document that outlines senior management |
|
|
Term
|
Definition
| Compulsory rules that support the security policies. |
|
|
Term
|
Definition
| Suggestions and best practices. |
|
|
Term
|
Definition
| Step-by-step implementation instructions. |
|
|
Term
|
Definition
| Individual responsible for the protection and classification of a specific data set. |
|
|
Term
|
Definition
| Individual responsible for implementing and maintaining security controls to meet security requirements outlined by data owner. |
|
|
Term
|
Definition
| Preventive administrative control used to ensure one person cannot carry out a critical task alone. |
|
|
Term
|
Definition
| Two or more people working together to carry out fraudulent activities. |
|
|
Term
|
Definition
| Detective administrative control used to uncover potential fraudulent activities. |
|
|
Term
|
Definition
| Detective administrative control used to uncover potential fraudulent activities by requiring a person to be away from the organization for a period of time. |
|
|
Term
|
Definition
| Security features that control how users and systems communicate and interact with other systems and resources. |
|
|
Term
|
Definition
| The flow of information between a subject and an object. |
|
|
Term
|
Definition
| An active entity that requests access to an object or the data within an object. |
|
|
Term
|
Definition
| Can be a computer, database, file, computer program, directory, or field contained in a table within a database. |
|
|
Term
|
Definition
| When processes carry out their tasks on a shared resource in an incorrect order. |
|
|
Term
|
Definition
| The creation, maintenance, and deactivation of user objects and attributes as they exist in one or more systems, directories, or applications, in response to business processes. |
|
|
Term
|
Definition
| A portable identity, and its associated entitlements, that can be used across business boundaries. |
|
|
Term
| Security Assertion Markup Language (SAML) |
|
Definition
| An XML standard that allows the exchange of authentication and authorization data to be shared between security domains. |
|
|
Term
| Service Provisioning Markup Language (SPML) |
|
Definition
| Allows for the automation of user management (account creation, amendments, revocation) and access entitlement configuration related to electronically published services across multiple provisioning systems. |
|
|
Term
| Simple Object Access Protocol (SOAP) |
|
Definition
| SOAP is a specification that outlines how information pertaining to web services is exchanged in a structured manner. |
|
|
Term
|
Definition
| When a biometric system rejects an authorized individual (false rejection rate). |
|
|
Term
|
Definition
| When the system accepts impostors who should be rejected(false acceptance rate). |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Fact or opinion based information used to verify an individual |
|
|
Term
|
Definition
| Employs a challenge/response scheme to authenticate the user. |
|
|
Term
|
Definition
| Synchronizes with the authentication service by using time or a counter as the core piece of the authentication process. If the synchronization is time-based, the token device and the authentication service must hold the same time within their internal clocks. |
|
|
Term
|
Definition
| Holds information but cannot process information. |
|
|
Term
|
Definition
| Holds information and has the necessary hardware and software to actually process that information. |
|
|
Term
|
Definition
| Non-intrusive and are used to uncover sensitive information about how a component works, without trying to compromise any type of flaw or weakness. |
|
|
Term
|
Definition
| Resources within this logical structure (domain) are working under the same security policy and managed by the same group. |
|
|
Term
|
Definition
| An access control model is a framework that dictates how subjects access objects. |
|
|
Term
|
Definition
| A table of subjects and objects indicating what actions individual subjects can take upon individual objects. |
|
|
Term
|
Definition
| A capability table specifies the access rights a certain subject possesses pertaining to specific objects. A capability table is different from an ACL because the subject is bound to the capability table, whereas the object is bound to the ACL. |
|
|
Term
|
Definition
| Bases access decisions on the sensitivity of the data, not solely on subject identity. |
|
|
Term
|
Definition
| Bases access decisions on the state of the situation, not solely on identity or content sensitivity. |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Restricts subject's access attempts by predefined rules. |
|
|
Term
| Remote Authentication Dial-In User Service (RADIUS) |
|
Definition
| A network protocol that provides client/server authentication and authorization, and audits remote users. |
|
|
Term
| Central processing unit (CPU) |
|
Definition
| A silicon component made up of integrated chips with millions of transistors that carry out the execution of instructions within a computer. |
|
|
Term
| Arithmetic logic unit (ALU) |
|
Definition
| Component of the CPU that carries out logic and mathematical functions as they are laid out in the programming code being processed by the CPU. |
|
|
Term
|
Definition
| Small, temporary memory storage units integrated and used by the CPU during its processing functions. |
|
|
Term
|
Definition
| Part of the CPU that oversees the collection of instructions and data from memory and how they are passed to the processing components of the CPU. |
|
|
Term
|
Definition
| Temporary memory location the CPU uses during its processes of executing instructions. The ALU |
|
|
Term
|
Definition
| Temporary memory location that holds critical processing parameters. They hold values as in the program counter, stack pointer, and program status word. |
|
|
Term
|
Definition
| Holds the memory address for the following instructions the CPU needs to act upon. |
|
|
Term
|
Definition
| Segment used by processes to communicate instructions and data to each other. |
|
|
Term
| Program status word (PSW) |
|
Definition
| Condition variable that indicates to the CPU what mode (kernel or user) instructions need to be carried out in. |
|
|
Term
| User mode (problem state) |
|
Definition
| Protection mode that a CPU works within when carrying out less trusted process instructions. |
|
|
Term
| Kernel mode (supervisory state, privilege mode) |
|
Definition
| Mode that a CPU works within when carrying out more trusted process instructions. The process has access to more computer resources when working in kernel versus user mode. |
|
|
Term
|
Definition
| Physical connections between processing components and memory segments used to communicate the physical memory addresses being used during processing procedures. |
|
|
Term
|
Definition
| Physical connections between processing components and memory segments used to transmit data being used during processing procedures. |
|
|
Term
| Symmetric mode multiprocessing |
|
Definition
| When a computer has two or more CPUs and each CPU is being used in a load-balancing method. |
|
|
Term
| Asymmetric mode multiprocessing |
|
Definition
| When a computer has two or more CPUs and one CPU is dedicated to a specific program while the other CPUs carry out general processing procedures. |
|
|
Term
|
Definition
| Program loaded in memory within an operating system. |
|
|
Term
|
Definition
| Interleaved execution of more than one program (process) or task by a single operating system. |
|
|
Term
|
Definition
| Simultaneous execution of more than one program (process) or task by a single operating system. |
|
|
Term
|
Definition
| Multitasking scheduling scheme used by older operating systems to allow for computer resource time slicing. |
|
|
Term
|
Definition
| Multitasking scheduling scheme used by operating systems to allow for computer resource time slicing. Used in newer, more stable operating systems. |
|
|
Term
| Process states (ready, running, blocked) |
|
Definition
| Processes can be in various activity levels. Ready = waiting for input. Running = instructions being executed by CPU. Blocked = process is |
|
|
Term
|
Definition
| Values assigned to computer components (hardware and software) to allow for efficient computer resource time slicing. |
|
|
Term
|
Definition
| Interrupt value assigned to a non-critical operating system activity. |
|
|
Term
|
Definition
| Interrupt value assigned to a critical operating system activity. |
|
|
Term
|
Definition
| Instruction set generated by a process when it has a specific activity that needs to be carried out by an operating system. When the activity is finished, the thread is destroyed. |
|
|
Term
|
Definition
| Applications that can carry out multiple activities simultaneously by generating different instruction sets (threads). |
|
|
Term
|
Definition
| Two processes cannot complete their activities because they are both waiting for system resources to be released. |
|
|
Term
|
Definition
| Protection mechanism provided by operating systems that can be implemented as encapsulation, time multiplexing of shared resources, naming distinctions, and virtual memory mapping. |
|
|
Term
| Dynamic link libraries (DLLs) |
|
Definition
| A set of subroutines that are shared by different applications and operating system processes. |
|
|
Term
|
Definition
| Beginning of address space assigned to a process. Used to ensure a process does not make a request outside its assigned memory boundaries. |
|
|
Term
|
Definition
| Ending of address space assigned to a process. Used to ensure a process does not make a request outside its assigned memory boundaries. |
|
|
Term
|
Definition
| Memory sticks that are plugged into a computer |
|
|
Term
|
Definition
| Non-volatile memory that is used on motherboards for BIOS functionality and various device controllers to allow for operating system-to-device communication. Sometimes used for off-loading graphic rendering or cryptographic functionality. |
|
|
Term
|
Definition
| Physically mapping software to individual memory segments. |
|
|
Term
|
Definition
| Fast memory type that is used by a CPU to increase read and write operations. |
|
|
Term
|
Definition
| Hardware addresses used by the CPU. |
|
|
Term
|
Definition
| Indirect addressing used by processes within an operating system. The memory manager carries out logical-to-absolute address mapping. |
|
|
Term
|
Definition
| Construct that is made up of individually addressable buffers. Process-to-process communication takes place through the use of stacks. |
|
|
Term
|
Definition
| Too much data is put into the buffers that make up a stack. Common attack vector used by hackers to run malicious code on a target system. |
|
|
Term
| Address space layout randomization (ASLR) |
|
Definition
| Memory protection mechanism used by some operating systems. The addresses used by components of a process are randomized so that it is harder for an attacker to exploit specific memory vulnerabilities. |
|
|
Term
| Data execution prevention (DEP) |
|
Definition
| Memory protection mechanism used by some operating systems. Memory segments may be marked as non-executable so that they cannot be misused by malicious software. |
|
|
Term
|
Definition
| Tool that marks unused memory segments as usable to ensure that an operating system does not run out of memory. |
|
|
Term
|
Definition
| Combination of main memory (RAM) and secondary memory within an operating system. |
|
|
Term
|
Definition
| Technology that allows processes to use the same resources. |
|
|
Term
|
Definition
| Software or hardware signal that indicates that system resources (i.e., CPU) are needed for instruction processing. |
|
|
Term
|
Definition
| Set of operations and commands that can be implemented by a particular processor (CPU). |
|
|
Term
|
Definition
| Specific design of a microprocessor, which includes physical components (registers, logic gates, ALU, cache, etc.) that support a specific instruction set. |
|
|
Term
| Application programming interface (API) |
|
Definition
| Software interface that enables process-to-process interaction. Common way to provide access to standard routines to a set of software programs. |
|
|
Term
| Monolithic operating system architecture |
|
Definition
| All of the code of the operating system working in kernel mode in an ad-hoc and non-modularized manner. |
|
|
Term
| Layered operating system architecture |
|
Definition
| Architecture that separates system functionality into hierarchical layers. |
|
|
Term
|
Definition
| Use of segregation in design decisions to protect software components from negatively interacting with each other. Commonly enforced through strict interfaces. |
|
|
Term
|
Definition
| Reduced amount of code running in kernel mode carrying out critical operating system functionality. Only the absolutely necessary code runs in kernel mode, and the remaining operating system code runs in user mode. |
|
|
Term
| Hybrid microkernel architecture |
|
Definition
| Combination of monolithic and microkernel architectures. The microkernel carries out critical operating system functionality, and the remaining functionality is carried out in a client\server model within kernel mode. |
|
|
Term
|
Definition
| When the CPU has to change from processing code in user mode to kernel mode. |
|
|
Term
|
Definition
| Creation of a simulated environment (hardware platform, operating system, storage, etc.) that allows for central control and scalability. |
|
|
Term
|
Definition
| Central program used to manage virtual machines (guests) within a simulated environment (host). |
|
|
Term
|
Definition
| Strategic tool used to dictate how sensitive information and resources are to be managed and protected. |
|
|
Term
|
Definition
| A collection of all the hardware, software, and firmware components within a system that provide security and enforce the system |
|
|
Term
|
Definition
| Trustworthy software channel that is used for communication between two processes that cannot be circumvented. |
|
|
Term
|
Definition
| Mechanism used to delineate between the components within and outside of the trusted computing base. |
|
|
Term
|
Definition
| Concept that defines a set of design requirements of a reference validation mechanism (security kernel), which enforces an access control policy over subject's (processes, users) ability to perform operations (read, write, execute) on objects (files, resources) on a system. |
|
|
Term
|
Definition
| Hardware, software, and firmware components that fall within the TCB and implement and enforce the reference monitor concept. |
|
|
Term
| Multilevel security policies |
|
Definition
| Outlines how a system can simultaneously process information at different classifications for users with different clearance levels. |
|
|
Term
|
Definition
| Description of a needed security solution. |
|
|
Term
| Target of evaluation (TOE) |
|
Definition
| Product proposed to provide a needed security solution. |
|
|
Term
|
Definition
|
|
Term
| Security functional requirements |
|
Definition
| Individual security functions which must be provided by a product. |
|
|
Term
| Security assurance requirements |
|
Definition
| Measures taken during development and evaluation of the product to assure compliance with the claimed security functionality. |
|
|
Term
|
Definition
| Functional and assurance requirements are bundled into packages for reuse. This component describes what must be met to achieve specific EAL ratings. |
|
|
Term
| Assurance evaluation criteria |
|
Definition
| Check-list and process of examining the security-relevant parts of a system (TCB, reference monitor, security kernel) and assigning the system an assurance rating. |
|
|
Term
| Trusted Computer System Evaluation Criteria (TCSEC) (aka Orange Book) |
|
Definition
| U.S. DoD standard used to assess the effectiveness of the security controls built into a system. Replaced by the Common Criteria. |
|
|
Term
| Information Technology Security Evaluation Criteria (ITSEC) |
|
Definition
| European standard used to assess the effectiveness of the security controls built into a system. |
|
|
Term
|
Definition
| International standard used to assess the effectiveness of the security controls built into a system from functional and assurance perspectives. |
|
|
Term
|
Definition
| Technical evaluation of the security components and their compliance to a predefined security policy for the purpose of accreditation. |
|
|
Term
|
Definition
| Formal acceptance of the adequacy of a system |
|
|
Term
|
Definition
| Designs are built upon accepted standards to allow for interoperability. |
|
|
Term
|
Definition
| Designs are built upon proprietary procedures, which inhibit interoperability capabilities. |
|
|
Term
|
Definition
| Code within software that provides a back door entry capability. |
|
|
Term
| Time-of-check/time-of-use (TOC/TOU) attack |
|
Definition
|
|
Term
|
Definition
| Two or more processes attempt to carry out their activity on one resource at the same time. Unexpected behaviour can result if the sequence of execution does not take place in the proper order. |
|
|
Term
| Open Systems Interconnection (OSI) model |
|
Definition
| International standardization of system-based network communication through a modular seven-layer architecture. |
|
|
Term
|
Definition
| Standardization of device-based network communication through a modular four-layer architecture. Specific to the IP suite, created in 1970 by an agency of the U.S. Department of Defense (DoD). |
|
|
Term
| Transmission Control Protocol (TCP) |
|
Definition
| Core protocol of the TCP/IP suite, which provides connection-oriented, end-to-end, reliable network connectivity. |
|
|
Term
|
Definition
| Core protocol of the TCP/IP suite. Provides packet construction, addressing, and routing functionality. |
|
|
Term
| User Datagram Protocol (UDP) |
|
Definition
| Connectionless, unreliable transport layer protocol, which is considered a |
|
|
Term
|
Definition
| Software construct that allows for application- or service-specific communication between systems on a network. Ports are broken down into categories |
|
|
Term
|
Definition
| DoS attack where an attacker sends a succession of SYN packets with the goal of overwhelming the victim system so that it is unresponsive to legitimate traffic. |
|
|
Term
|
Definition
| Attack method that allows an attacker to overtake and control a communication session between two systems. |
|
|
Term
|
Definition
| IP version 6 is the successor to IP version 4 and provides 128-bit addressing, integrated IPSec security protocol, simplified header formats, and some automated configuration. |
|
|
Term
|
Definition
| Logical subdivision of a network that improves network administration and helps reduce network traffic congestion. Process of segmenting a network into smaller networks through the use of an addressing scheme made up of network and host portions. |
|
|
Term
| Classless Interdomain Routing (CIDR) |
|
Definition
| Variable-length subnet masking, which allows a network to be divided into different-sized subnets. The goal is to increase the efficiency of the use of IP addresses since classful addressing schemes commonly end up in unused addresses. |
|
|
Term
|
Definition
| Transition mechanism for migrating from IPv4 to IPv6. It allows systems to use IPv6 to communicate if their traffic has to transverse an IPv4 network. |
|
|
Term
|
Definition
| Transition mechanism for migrating from IPv4 to IPv6. It allows systems to use IPv6 to communicate if their traffic has to transverse an IPv4 network, but also performs its function behind NAT devices. |
|
|
Term
| Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) |
|
Definition
| An IPv6 transition mechanism meant to transmit IPv6 packets between dual-stack nodes on top of an IPv4 network. |
|
|
Term
|
Definition
| Standard that specifies a set of protocols to meet the security requirements for protecting data traversing Ethernet LANs. |
|
|
Term
|
Definition
| Standard that specifies unique per-device identifiers (DevID) and the management and cryptographic binding of a device (router, switch, access point) to its identifiers. |
|
|
Term
|
Definition
| Binary digits are represented and transmitted as discrete electrical pulses. |
|
|
Term
|
Definition
| Continuously varying electromagnetic wave that represents and transmits data. |
|
|
Term
| Asynchronous communication |
|
Definition
| Transmission sequencing technology that uses start and stop bits or similar encoding mechanism. Used in environments that transmit a variable amount of data in a periodic fashion. |
|
|
Term
| Synchronous communication |
|
Definition
| Transmission sequencing technology that uses a clocking pulse or timing scheme for data transfer synchronization. |
|
|
Term
|
Definition
| Uses the full bandwidth for only one communication channel and has a low data transfer rate compared to broadband. |
|
|
Term
|
Definition
| Divides the bandwidth of a communication channel into many channels, enabling different types of data to be transmitted at one time. |
|
|
Term
| Unshielded twisted pair (UTP) |
|
Definition
| Cabling in which copper wires are twisted together for the purposes of canceling out EMI from external sources. UTP cables are found in many Ethernet networks and telephone systems. |
|
|
Term
| Shielded twisted pair (STP) |
|
Definition
| Twisted-pair cables are often shielded in an attempt to prevent RFI and EMI. This shielding can be applied to individual pairs or to the collection of pairs. |
|
|
Term
|
Definition
| Gradual loss in intensity of any kind of flux through a medium. As an electrical signal travels down a cable, the signal can degrade and distort or corrupt the data it is carrying. |
|
|
Term
|
Definition
| A signal on one channel of a transmission creates an undesired effect in another channel by interacting with it. The signal from one cable |
|
|
Term
|
Definition
| Cable is jacketed with a fire-retardant plastic cover that does not release toxic chemicals when burned. |
|
|
Term
|
Definition
| Each system connects to two other systems, forming a single, unidirectional network pathway for signals, thus forming a ring. |
|
|
Term
|
Definition
| Systems are connected to a single transmission channel (i.e., network cable), forming a linear construct. |
|
|
Term
|
Definition
| Network consists of one central device, which acts as a conduit to transmit messages. The central device, to which all other nodes are connected, provides a common connection point for all nodes. |
|
|
Term
|
Definition
| Network where each system must not only capture and disseminate its own data, but also serve as a relay for other systems; that is, it must collaborate to propagate the data in the network. |
|
|
Term
|
Definition
| Common LAN media access technology standardized by IEEE 802.3. Uses 48-bit MAC addressing, works in contention-based networks, and has extended outside of just LAN environments. |
|
|
Term
|
Definition
| LAN medium access technology that controls network communication traffic through the use of token frames. This technology has been mostly replaced by Ethernet. |
|
|
Term
| Fiber Distributed Data Interface (FDDI) |
|
Definition
| Ring-based token network protocol that was derived from the IEEE 802.4 token bus timed token protocol. It can work in LAN or MAN environments and provides fault tolerance through dual-ring architecture. |
|
|
Term
| Carrier sense multiple access with collision detection (CSMA/CD) |
|
Definition
| A media access control method that uses a carrier sensing scheme. When a transmitting system detects another signal while transmitting a frame, it stops transmitting that frame, transmits a jam signal, and then waits for a random time interval before trying to resend the frame. This reduces collisions on a network. |
|
|
Term
| Carrier sense multiple access with collision avoidance (CSMA/CA) |
|
Definition
| A media access control method that uses a carrier sensing scheme. A system wishing to transmit data has to first listen to the channel for a predetermined amount of time to determine whether or not another system is transmitting on the channel. If the channel is sensed as |
|
|
Term
| Internet Group Management Protocol (IGMP) |
|
Definition
| Used by systems and adjacent routers on IP networks to establish and maintain multicast group memberships. |
|
|
Term
| Media access control (MAC) |
|
Definition
| Data communication protocol sub-layer of the data link layer specified in the OSI model. It provides hardware addressing and channel access control mechanisms that make it possible for several nodes to communicate within a multiple-access network that incorporates a shared medium. |
|
|
Term
| Address Resolution Protocol (ARP) |
|
Definition
| A networking protocol used for resolution of network layer IP addresses into link layer MAC addresses. |
|
|
Term
| Dynamic Host Configuration Protocol (DHCP) |
|
Definition
| A network configuration service for hosts on IP networks. It provides IP addressing, DNS server, subnet mask, and other important network configuration data to each host through automation. |
|
|
Term
| Internet Control Message Protocol (ICMP) |
|
Definition
| A core protocol of the IP suite used to send status and error messages. |
|
|
Term
|
Definition
| A DoS attack type on a computer that involves sending malformed or oversized ICMP packets to a target. |
|
|
Term
|
Definition
| A DDoS attack type on a computer that floods the target system with spoofed broadcast ICMP packets. |
|
|
Term
|
Definition
| A DDoS attack type on a computer that floods the target system with a large amount of UDP echo traffic to IP broadcast addresses. |
|
|
Term
| Simple Network Management Protocol (SNMP) |
|
Definition
| A protocol within the IP suite that is used for network device management activities through the use of a structure that uses managers, agents, and Management Information Bases. |
|
|
Term
|
Definition
| A hierarchical distributed naming system for computers, services, or any resource connected to an IP based network. It associates various pieces of information with domain names assigned to each of the participating entities. |
|
|
Term
|
Definition
| The process of replicating the databases containing the DNS data across a set of DNS servers. |
|
|
Term
|
Definition
| A set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attack types. |
|
|
Term
| Simple Mail Transfer Protocol (SMTP) |
|
Definition
| An Internet standard protocol for electronic mail (e-mail) transmission across IP-based networks. |
|
|
Term
| Post Office Protocol (POP) |
|
Definition
| An Internet standard protocol used by e-mail clients to retrieve e-mail from a remote server and supports simple download-and-delete requirements for access to remote mailboxes. |
|
|
Term
| Internet Message Access Protocol (IMAP) |
|
Definition
| An Internet standard protocol used by e-mail clients to retrieve e-mail from a remote server. E-mail clients using IMAP generally leave messages on the server until the user explicitly deletes them. |
|
|
Term
|
Definition
| An SMTP server configured in such a way that it allows anyone on the Internet to send e-mail through it, not just mail destined to or originating from known users. |
|
|
Term
|
Definition
| Activity in which the sender address and other arts of the e-mail header are altered to appear as though the e-mail originated from a different source. Since SMTP does not provide any authentication, it is easy to impersonate and forge e-mails. |
|
|
Term
| Sender Policy Framework (SPF) |
|
Definition
| An e-mail validation system designed to prevent e-mail spam by detecting e-mail spoofing, a common vulnerability, by verifying sender IP addresses. |
|
|
Term
|
Definition
| A way of attempting to obtain data such as usernames, passwords, credit card information, and other sensitive data by masquerading as an authenticated entity in an electronic communication. Spear phishing targets individuals, and whaling targets people with high authorization (C-Level Executives). |
|
|
Term
| Network address translation (NAT) |
|
Definition
| The process of modifying IP address information in packet headers while in transit across a traffic routing device, with the goal of reducing the demand for public IP addresses. |
|
|
Term
| Distance-vector routing protocol |
|
Definition
| A routing protocol that calculates paths based on the distance (or number of hops) and a vector (a direction). |
|
|
Term
| Link-state routing protocol |
|
Definition
| A routing protocol used in packet-switching networks where each router constructs a map of the connectivity within the network and calculates the best logical paths, which form its routing table. |
|
|
Term
| Border Gateway Protocol (BGP) |
|
Definition
| The protocol that carries out core routing decisions on the Internet. It maintains a table of IP networks, or |
|
|
Term
|
Definition
| This takes place when an attacker captures packets at one location in the network and tunnels them to another location in the network for a second attacker to use against a target system. |
|
|
Term
| Spanning Tree Protocol (STP) |
|
Definition
| A network protocol that ensures a loop-free topology for any bridged Ethernet LAN and allows redundant links to be available in case connection links go down. |
|
|
Term
|
Definition
| Allows a sender of a packet to specify the route the packet takes through the network versus routers determining the path. |
|
|
Term
| Multi-protocol Label Switching (MPLS) |
|
Definition
| A networking technology that directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. |
|
|
Term
| Virtual local area network (VLAN) |
|
Definition
| A group of hosts that communicate as if they were attached to the same broadcast domain, regardless of their physical location. VLAN membership can be configured through software instead of physically relocating devices or connections, which allows for easier centralized management. |
|
|
Term
|
Definition
| An exploit that allows an attacker on a VLAN to gain access to traffic on other VLANs that would normally not be accessible. |
|
|
Term
| Private Branch Exchange (PBX) |
|
Definition
| A telephone exchange that serves a particular business, makes connections among the internal telephones, and connects them to the public-switched telephone network (PSTN) via trunk lines. |
|
|
Term
|
Definition
| A highly exposed device that will most likely be targeted for attacks, and thus should be properly locked down. |
|
|
Term
|
Definition
| This device has two interfaces and sits between an untrusted network and trusted network to provide secure access. |
|
|
Term
|
Definition
| A firewall that communicates directly with a perimeter router and the internal network. The router carries out filtering activities on the traffic before it reaches the firewall. |
|
|
Term
| Screened subnet architecture |
|
Definition
| When two filtering devices are used to create a DMZ. The external device screens the traffic entering the DMZ network, and the internal filtering device screens the traffic before it enters the internal network. |
|
|
Term
|
Definition
| A system that acts as an intermediary for requests from clients seeking resources from other sources. A client connects to the proxy server, requesting some service, and the proxy server evaluates the request according to its filtering rules and makes the connection on behalf of the client. Proxies can be open or carry out forwarding or reverse forwarding capabilities. |
|
|
Term
|
Definition
| Systems that entice with the goal of protecting critical production systems. If two or more honeypots are used together, this is considered a honeynet. |
|
|
Term
|
Definition
| The combining of server, storage, and network capabilities into a single framework, which decreases the costs and complexity of data centers. Converged infrastructures provide the ability to pool resources, automate resource provisioning, and increase and decrease processing capacity quickly to meet the needs of dynamic computing workloads. |
|
|
Term
|
Definition
| The delivery of computer processing capabilities as a service rather than as a product, whereby shared resources, software, and information are provided to end users as a utility. Offerings are usually bundled as an infrastructure, platform, or software. |
|
|
Term
| Metropolitan area network (MAN) |
|
Definition
| A network that usually spans a city or a large campus, interconnects a number of LANs using a high capacity backbone technology, and provides up-link services to WANs or the Internet. |
|
|
Term
| Synchronous Optical Networking (SONET) and Synchronous Digital Hierarchy (SDH) |
|
Definition
| Standardized multiplexing protocols that transfer multiple digital bit streams over optical fiber and allow for simultaneous transportation of many different circuits of differing origin within a single framing protocol. |
|
|
Term
|
Definition
| A data link technology that is used as a metropolitan area network to connect customer networks to larger service networks or the Internet. |
|
|
Term
|
Definition
| A telecommunication network that covers a broad area and allows a business to effectively carry out its daily function, regardless of location. |
|
|
Term
|
Definition
| A method of combining multiple channels of data over a single transmission line. |
|
|
Term
|
Definition
| Dedicated lines that can carry voice and data information over trunk lines. |
|
|
Term
| Time-division multiplexing (TDM) |
|
Definition
| A type of multiplexing in which two or more bit streams or signals are transferred apparently simultaneously as sub-channels in one communication channel, but are physically taking turns on the single channel. |
|
|
Term
| Wave-division multiplexing (WDM) |
|
Definition
| Multiplying the available capacity of optical fibers through use of parallel channels, with each channel on a dedicated wavelength of light. The bandwidth of an optical fiber can be divided into as many as 160 channels. |
|
|
Term
| Frequency-division multiplexing (FDM) |
|
Definition
| Dividing available bandwidth into a series of non-overlapping frequency sub-bands that are then assigned to each communicating source and user pair. FDM is inherently an analog technology. |
|
|
Term
| Statistical time-division multiplexing (STDM) |
|
Definition
| Transmitting several types of data simultaneously across a single transmission line. STDM technologies analyze statistics related to the typical workload of each input device and make real-time decisions on how much time each device should be allocated for data transmission. |
|
|
Term
| Channel Service Unit (CSU) |
|
Definition
| A line bridging device for use with T-carriers, and that is required by PSTN providers at digital interfaces that terminate in a Data Service Unit (DSU) on the customer side. The DSU is a piece of telecommunications circuit terminating equipment that transforms digital data between telephone company lines and local equipment. |
|
|
Term
| Public-switched telephone network (PSTN) |
|
Definition
| The public circuit-switched telephone network, which is made up of telephone lines, fiber-optic cables, cellular networks, communications satellites, and undersea telephone cables and allows all phone-to-phone communication. It was a fixed-line analog telephone system, but is now almost entirely digital and includes mobile as well as fixed telephones. |
|
|
Term
|
Definition
| The set of protocols, technologies, methodologies, and transmission techniques involved in the delivery of voice data and multimedia sessions over IP-based networks. |
|
|
Term
| Session Initiation Protocol (SIP) |
|
Definition
| The signaling protocol widely used for controlling communication, as in voice and video calls over IPbased networks. |
|
|
Term
| Vishing (voice and phishing) |
|
Definition
| Social engineering activity over the telephone system, most often using features facilitated by VoIP, to gain unauthorized access to sensitive data. |
|
|
Term
|
Definition
| A standard that addresses call signaling and control, multimedia transport and control, and bandwidth control for point-to-point and multipoint conferences. |
|
|
Term
| Real-time Transport Protocol (RTP) |
|
Definition
| Used to transmit audio and video over IP-based networks. It is used in conjunction with the RTCP. RTP transmits the media data, and RTCP is used to monitor transmission statistics and QoS, and aids synchronization of multiple data streams. |
|
|
Term
|
Definition
| When a specialized program is used to automatically scan a list of telephone numbers to search for computers for the purposes of exploitation and hacking. |
|
|
Term
| Integrated Services Digital Network (ISDN) |
|
Definition
| A circuit-switched telephone network system technology designed to allow digital transmission of voice and data over ordinary telephone copper wires. |
|
|
Term
| Digital Subscriber Line (DSL) |
|
Definition
| A set of technologies that provide Internet access by transmitting digital data over the wires of a local telephone network. DSL is used to digitize the |
|
|
Term
|
Definition
| A device that provides bidirectional data communication via radio frequency channels on cable TV infrastructures. Cable modems are primarily used to deliver broadband Internet access to homes. |
|
|
Term
|
Definition
| Set of mathematical and logic rules used in cryptographic functions. |
|
|
Term
|
Definition
| Another name for algorithm. |
|
|
Term
|
Definition
| Science of secret writing that enables an entity to store and transmit data in a form that is available only to the intended individuals. |
|
|
Term
|
Definition
| Hardware or software implementation of cryptography that contains all the necessary software, protocols, algorithms, and keys. |
|
|
Term
|
Definition
| Practice of uncovering flaws within cryptosystems. |
|
|
Term
|
Definition
| The study of both cryptography and cryptanalysis. |
|
|
Term
|
Definition
| The Act of transforming data into an unreadable format. |
|
|
Term
|
Definition
| Act of transforming data into a readable format. |
|
|
Term
|
Definition
| Sequence of bits that are used as instructions that govern the acts of cryptographic functions within an algorithm. |
|
|
Term
|
Definition
| Instance when two different keys generate the same ciphertext from the same plaintext. |
|
|
Term
|
Definition
| A range of possible values used to construct keys. |
|
|
Term
|
Definition
| Data in readable format, also referred to as cleartext. |
|
|
Term
|
Definition
| Encryption method that uses an algorithm that changes out (substitutes) one value for another value. |
|
|
Term
|
Definition
| Ancient encryption tool that used a type of paper and rod used by Greek military factions. |
|
|
Term
|
Definition
| Concept that an algorithm should be known and only the keys should be kept secret. |
|
|
Term
|
Definition
| Encryption method created by Gilbert Vernam that is considered impossible to crack if carried out properly. |
|
|
Term
|
Definition
| Algorithm used to create values that are used in cryptographic functions to add randomness. |
|
|
Term
|
Definition
| Substitution cipher that creates keystream values, commonly from agreed-upon text passages, to be used for encryption purposes. |
|
|
Term
|
Definition
| Encryption method that hides a secret message within an open message. |
|
|
Term
|
Definition
| Method of hiding data in another media type. |
|
|
Term
| Digital Rights Management (DRM) |
|
Definition
| Access control technologies commonly used to protect copyright material. |
|
|
Term
|
Definition
| Encryption method that shifts (permutation) values. |
|
|
Term
|
Definition
| Simple substitution algorithm created by Julius Caesar that shifts alphabetic values three positions during its encryption and decryption processes |
|
|
Term
|
Definition
| Cryptanalysis process used to identify weaknesses within cryptosystems by locating patterns in resulting ciphertext. |
|
|
Term
| Key Derivation Functions (KDFs) |
|
Definition
| Generation of secret keys (subkeys) from an initial value (master key). |
|
|
Term
|
Definition
| Encryption method where the sender and receiver use an instance of the same key for encryption and decryption purposes. |
|
|
Term
|
Definition
| Sending data through an alternate communication channel. |
|
|
Term
|
Definition
| Encryption method that uses two different key types, public and private. Also called public key cryptography. |
|
|
Term
|
Definition
| Value used in public key cryptography that is used for encryption and signature validation that can be known by all parties. |
|
|
Term
|
Definition
| Value used in public key cryptography that is used for decryption and signature creation and known to only key owner. |
|
|
Term
|
Definition
| Asymmetric cryptography, which uses public and private key values for cryptographic functions. |
|
|
Term
|
Definition
| Symmetric algorithm type that encrypts chunks (blocks) of data at a time. |
|
|
Term
|
Definition
| Transposition processes used in encryption functions to increase randomness. |
|
|
Term
|
Definition
| Substitution processes used in encryption functions to increase randomness. |
|
|
Term
|
Definition
| Algorithm design requirement so that slight changes to the input result in drastic changes to the output. |
|
|
Term
|
Definition
| Algorithm type that generates a keystream (random values), which is XORd with plaintext for encryption purposes. |
|
|
Term
|
Definition
| Component of a stream algorithm that creates random values for encryption purposes. |
|
|
Term
| Initialization vectors (IVs) |
|
Definition
| Values that are used with algorithms to increase randomness for cryptographic functions. |
|
|
Term
|
Definition
| Combined use of symmetric and asymmetric algorithms where the symmetric key encrypts data and an asymmetric key encrypts the symmetric key. |
|
|
Term
|
Definition
| Symmetric keys that have a short lifespan, thus providing more protection than static keys with longer lifespans. |
|
|
Term
|
Definition
| Block symmetric cipher that was chosen to fulfil the Advanced Encryption Standard. It uses a 128-bit block size and various key lengths (128, 192, 256). |
|
|
Term
|
Definition
| Symmetric cipher that applies DES three times to each block of data during the encryption process. |
|
|
Term
| International Data Encryption Algorithm (IDEA) |
|
Definition
| Block symmetric cipher that uses a 128-bit key and 64-bit block size. |
|
|
Term
|
Definition
| Block symmetric cipher that uses 64-bit block sizes and variable-length keys. |
|
|
Term
|
Definition
| Stream symmetric cipher that was created by Ron Rivest of RSA. Used in SSL and WEP. |
|
|
Term
|
Definition
| Block symmetric cipher that uses variable block sizes (32, 64, 128) and variable-length key sizes (0 |
|
|
Term
|
Definition
| Block symmetric cipher that uses a 128-bit block size and variable length key sizes (128, 192, 256). Built upon the RC5 algorithm. |
|
|
Term
|
Definition
| First asymmetric algorithm created and is used to exchange symmetric key values. Based upon logarithms in finite fields. |
|
|
Term
|
Definition
| Asymmetric algorithm based upon the Diffie-Hellman algorithm used for digital signatures, encryption, and key exchange. |
|
|
Term
| Elliptic curve cryptosystem algorithm |
|
Definition
| Asymmetric algorithm based upon the algebraic structure of elliptic curves over finite fields. Used for digital signatures, encryption, and key exchange. |
|
|
Term
|
Definition
| One entity can prove something to be true without providing a secret value. |
|
|
Term
|
Definition
| Cryptographic process that takes an arbitrary amount of data and generates a fixed-length value. Used for integrity protection. |
|
|
Term
| Message authentication code (MAC) |
|
Definition
| Keyed cryptographic hash function used for data integrity and data origin authentication. |
|
|
Term
| Hashed message authentication code (HMAC) |
|
Definition
| Cryptographic hash function that uses a symmetric key value and is used for data integrity and data origin authentication. |
|
|
Term
|
Definition
| Cipher block chaining message authentication code uses encryption for data integrity and data origin authentication. |
|
|
Term
|
Definition
| Cipher message authentication code that is based upon and provides more security compared to CBC-MAC. |
|
|
Term
|
Definition
| Block cipher mode that combines the CTR encryption mode and CBC-MAC. One encryption key is used for both authentication and encryption purposes. |
|
|
Term
|
Definition
| When two different messages are computed by the same hashing algorithm and the same message digest value results. |
|
|
Term
|
Definition
| Cryptographic attack that exploits the mathematics behind the birthday problem in the probability theory forces collisions within hashing functions. |
|
|
Term
|
Definition
| Ensuring the authenticity and integrity of a message through the use of hashing algorithms and asymmetric algorithms. The message digest is encrypted with the sender |
|
|
Term
|
Definition
| Component of a PKI that creates and maintains digital certificates throughout their life cycles. |
|
|
Term
| Registration Authority (RA) |
|
Definition
| Component of PKI that validates the identity of an entity requesting a digital certificate. |
|
|
Term
| Certificate Revocation List (CRL) |
|
Definition
| List that is maintained by the certificate authority of a PKI that contains information on all of the digital certificates that have been revoked. |
|
|
Term
| Online Certificate Status Protocol (OCSP) |
|
Definition
| Automated method of maintaining revoked certificates within a PKI. |
|
|
Term
|
Definition
| Digital identity used within a PKI. Generated and maintained by a certificate authority and used for authentication. |
|
|
Term
|
Definition
| Technology that encrypts full packets (all headers and data payload) and is carried out without the sender |
|
|
Term
|
Definition
| Encryption method used by the sender of data that encrypts individual messages and not full packets. |
|
|
Term
| Multipurpose Internet Mail Extension (MIME) |
|
Definition
| Standard that outlines the format of e-mail messages and allows binary attachments to be transmitted through e-mail. |
|
|
Term
|
Definition
| Secure/Multipurpose Internet Mail Extensions, which outlines how public key cryptography can be used to secure MIME data types. |
|
|
Term
| Pretty Good Privacy (PGP) Cryptosystem |
|
Definition
| used to integrate public key cryptography with e-mail functionality and data encryption, which was developed by Phil Zimmerman. |
|
|
Term
|
Definition
| Use of quantum mechanical functions to provide strong cryptographic key exchange. |
|
|
Term
|
Definition
| A combination of HTTP and SSL\TLS that is commonly used for secure Internet connections and e-commerce transactions. |
|
|
Term
| Secure Electronic Transaction (SET) |
|
Definition
| Secure e-commerce standard developed by Visa and MasterCard that has not been accepted within the marketplace. |
|
|
Term
|
Definition
| Data files used by web browsers and servers to keep browser state information and browsing preferences. |
|
|
Term
|
Definition
| Network protocol that allows for a secure connection to a remote system. Developed to replace Telnet and other insecure remote shell methods. |
|
|
Term
|
Definition
| Protocol suite used to protect IP traffic through encryption and authentication. De facto standard VPN protocol. |
|
|
Term
| Authentication header (AH) protocol |
|
Definition
| Protocol within the IPSec suite used for integrity and authentication. |
|
|
Term
| Encapsulating Security Payload Protocol (ESP) |
|
Definition
| Protocol within the IPSec suite used for integrity, authentication, and encryption. |
|
|
Term
|
Definition
| Mode that IPSec protocols can work in that provides protection for packet data payload. |
|
|
Term
|
Definition
| Mode that IPSec protocols can work in that provides protection for packet headers and data payload. |
|
|
Term
| Internet Security Association and Key Management Protocol (ISAKMP) |
|
Definition
| Used to establish security associates and an authentication framework in Internet connections. Commonly used by IKE for key exchange. |
|
|
Term
|
Definition
| Attack where the attacker does not interact with processing or communication activities, but only carries out observation and data collection, as in network sniffing. |
|
|
Term
|
Definition
| Attack where the attacker does interact with processing or communication activities. |
|
|
Term
|
Definition
| Cryptanalysis attack where the attacker is assumed to have access only to a set of ciphertexts. |
|
|
Term
|
Definition
| Cryptanalysis attack where the attacker is assumed to have access to sets of corresponding plaintext and ciphertext. |
|
|
Term
|
Definition
| Cryptanalysis attack where the attacker can choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. |
|
|
Term
|
Definition
| Cryptanalysis attack where the attacker chooses a ciphertext and obtains its decryption under an unknown key. |
|
|
Term
| Differential cryptanalysis |
|
Definition
| Cryptanalysis method that uses the study of how differences in an input can affect the resultant difference at the output. |
|
|
Term
|
Definition
| Cryptanalysis method that uses the study of affine transformation approximation in encryption processes. |
|
|
Term
|
Definition
| Attack that uses information (timing, power consumption) that has been gathered to uncover sensitive data or processing functions. |
|
|
Term
|
Definition
| Valid data transmission is maliciously or fraudulently repeated to allow an entity gain unauthorized access. |
|
|
Term
|
Definition
| Cryptanalysis attack that exploits vulnerabilities within the intrinsic algebraic structure of mathematical functions. |
|
|
Term
|
Definition
| Cryptanalysis attack that exploits vulnerabilities within the algorithm structure. |
|
|
Term
|
Definition
| Cryptanalysis attack that uses identified statistical patterns. |
|
|
Term
| Social engineering attack |
|
Definition
| Manipulating individuals so that they will divulge confidential information, rather than by breaking in or using technical cracking techniques. |
|
|
Term
| Meet-in-the-middle attack |
|
Definition
| Cryptanalysis attack that tries to uncover a mathematical problem from two different ends. |
|
|
Term
| Business continuity management (BCM) |
|
Definition
| The overarching approach to managing all aspects of BCP and DRP. |
|
|
Term
| Business Continuity Plan (BCP) |
|
Definition
| Contains strategy documents that provide detailed procedures that ensure critical business functions are maintained and that help minimize losses of life, operations, and systems. A BCP provides procedures for emergency responses, extended backup operations, and post-disaster recovery. |
|
|
Term
| Business Impact Analysis (BIA) |
|
Definition
| One of the most important first steps in the planning development. Qualitative and quantitative data on the business impact of a disaster need to be gathered, analyzed, interpreted, and presented to management. |
|
|
Term
|
Definition
| One in which a company promises another company it can move in and share space if it experiences a disaster, and vice versa. Reciprocal agreements are very tricky to implement and are unenforceable. |
|
|
Term
|
Definition
| Fully configured with hardware, software, and environmental needs. It can usually be up and running in a matter of hours. It is the most expensive option, but some companies cannot be out of business longer than a day without very detrimental results. |
|
|
Term
|
Definition
| Does not have computers, but it does have some peripheral devices, such as disk drives, controllers, and tape drives. This option is less expensive than a hot site, but takes more effort and time to become operational. |
|
|
Term
|
Definition
| Is just a building with power, raised floors, and utilities. No devices are available. This is the cheapest of the three options, but can take weeks to get up and operational. |
|
|
Term
| Recovery Time Objective (RTO) |
|
Definition
| The earliest time period and a service level within which a business process must be restored after a disaster to avoid unacceptable consequences. |
|
|
Term
| Recovery Point Objective (RPO) |
|
Definition
| The acceptable amount of data loss measured in time. |
|
|
Term
| Mean Time Between Failures (MTBF) |
|
Definition
| The predicted amount of time between inherent failures of a system during operation. |
|
|
Term
| Mean Time To Repair (MTTR) |
|
Definition
| A measurement of the maintainability by representing the average time required to repair a failed component or device. |
|
|
Term
|
Definition
| Refers to a system, component, or environment that is continuously operational. |
|
|
Term
|
Definition
| Copies of the plan are handed out to each functional area for examination to ensure the plan properly deals with the area |
|
|
Term
| A structured walk-through test |
|
Definition
| Representatives from each functional area or department get together and walk through the plan from beginning to end. |
|
|
Term
|
Definition
| A practice execution of the plan takes place. A specific scenario is established, and the simulation continues up to the point of actual relocation to the alternate site. |
|
|
Term
|
Definition
| One in which some systems are actually run at the alternate site. |
|
|
Term
|
Definition
| One in which regular operations are stopped and processing is moved to the alternate site. |
|
|
Term
|
Definition
| Involves transmitting the journal or transaction log offsite to a backup facility. |
|
|
Term
|
Definition
| Refers to going through someone |
|
|
Term
|
Definition
| A passive attack that eavesdrops on communications. It is only legal with prior consent or a warrant. |
|
|
Term
|
Definition
| The act of willfully modifying information, programs, or documentation in an effort to commit fraud or disrupt production. |
|
|
Term
|
Definition
| Grants ownership and enables that owner to legally enforce his rights to exclude others from using the invention covered by the patent. |
|
|
Term
|
Definition
| Protects the expression of ideas rather than the ideas themselves. |
|
|
Term
|
Definition
| Protect words, names, product shapes, symbols, colors, or a combination of these used to identify products or a company. These items are used to distinguish products from the competitors |
|
|
Term
|
Definition
| Are deemed proprietary to a company and often include information that provides a competitive edge. The information is protected as long as the owner takes the necessary protective actions. |
|
|
Term
| Personally Identifiable Information (PII) |
|
Definition
| Data that can be used to uniquely identify, contact, or locate a single person or can be used with other sources to uniquely identify a single individual. |
|
|
Term
| System Development Life Cycle (SDLC) |
|
Definition
| A methodical approach to standardize requirements discovery, design, development, testing, and implementation in every phase of a system. It is made up of the following phases |
|
|
Term
|
Definition
| The technical testing of a system. |
|
|
Term
|
Definition
| The formal authorization given by management to allow a system to operate in a specific environment. |
|
|
Term
|
Definition
| Describes the product and customer requirements. A detailed-oriented SOW will help ensure that these requirements are properly understood and assumptions are not made. |
|
|
Term
| Work breakdown structure (WBS) |
|
Definition
| A project management tool used to define and group a project |
|
|
Term
|
Definition
| Components available to be used by an attacker against the product itself. |
|
|
Term
|
Definition
| A systematic approach used to understand how different threats could be realized and how a successful compromise could take place. |
|
|
Term
|
Definition
| A debugging technique that is carried out by examining the code without executing the program, and therefore is carried out before the program is compiled. |
|
|
Term
|
Definition
| A technique used to discover flaws and vulnerabilities in software. |
|
|
Term
|
Definition
| Determines if the product accurately represents and meets the specifications. |
|
|
Term
|
Definition
| Determines if the product provides the necessary solution for the intended real-world problem. |
|
|
Term
| Capability Maturity Model Integration (CMMI) model |
|
Definition
| A process improvement approach that provides organizations with the essential elements of effective processes, which will improve their performance. |
|
|
Term
|
Definition
| The process of controlling the changes that take place during the life cycle of a system and documenting the necessary change control activities. |
|
|
Term
| Software Configuration Management (SCM) |
|
Definition
| Identifies the attributes of software at various points in time, and performs a methodical control of changes for the purpose of maintaining software integrity and traceability throughout the software development life cycle. |
|
|
Term
|
Definition
| Storing of the source code of software with a third-party escrow agent. The software source code is released to the licensee if the licensor (software vendor) files for bankruptcy or fails to maintain and update the software product as promised in the software license agreement. |
|
|
Term
|
Definition
| A set of instructions in binary format that the computer |
|
|
Term
|
Definition
| A low-level programming language that is the mnemonic representation of machine-level instructions. |
|
|
Term
|
Definition
| Tools that convert assembly code into the necessary machine-compatible binary language for processing activities to take place. |
|
|
Term
|
Definition
| Otherwise known as third-generation programming languages, due to their refined programming structures, using abstract statements. |
|
|
Term
| Very high-level languages |
|
Definition
| Otherwise known as fourth-generation programming languages and are meant to take natural language-based statements one step ahead. |
|
|
Term
|
Definition
| Otherwise known as fifth-generation programming languages, which have the goal to create software that can solve problems by themselves. Used in systems that provide artificial intelligence. |
|
|
Term
|
Definition
| Tools that convert high-level language statements into the necessary machine-level format (.exe, .dll, etc.) for specific processors to understand. |
|
|
Term
|
Definition
| Tools that convert code written in interpreted languages to the machine-level format for processing. |
|
|
Term
|
Definition
| Identifies blocks of memory that were once allocated but are no longer in use and deallocates the blocks and marks them as free. |
|
|
Term
|
Definition
| The capability to suppress unnecessary details so the important, inherent properties can be examined and reviewed. |
|
|
Term
|
Definition
| Two objects can receive the same input and have different outputs. |
|
|
Term
|
Definition
| Considers data independently of the way the data are processed and of the components that process the data. A process used to define and analyze data requirements needed to support the business processes. |
|
|
Term
|
Definition
| A measurement that indicates how many different types of tasks a module needs to carry out. |
|
|
Term
|
Definition
| A measurement that indicates how much interaction one module requires for carrying out its tasks. |
|
|
Term
|
Definition
| A representation of the logical relationship between elements of data. |
|
|
Term
|
Definition
| Code that can be transmitted across a network, to be executed by a system or device on the other end. |
|
|
Term
|
Definition
| Small components (applets) that provide various functionalities and are delivered to users in the form of Java bytecode. Java applets can run in a web browser using a Java Virtual Machine (JVM). Java is platform independent; thus, Java applets can be executed by browsers for many platforms. |
|
|
Term
|
Definition
| A virtual environment that allows for very fine-grained control over the actions that code within the machine is permitted to take. This is designed to allow safe execution of untrusted code from remote sources. |
|
|
Term
|
Definition
| A Microsoft technology composed of a set of OOP technologies and tools based on COM and DCOM. It is a framework for defining reusable software components in a programming language |
|
|
Term
|
Definition
| A type of code signing, which is the process of digitally signing software components and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was digitally signed. Authenticode is Microsoft |
|
|
Term
|
Definition
| Usually the first step in an attacker |
|
|
Term
| Server side includes (SSI) |
|
Definition
| An interpreted server-side scripting language used almost exclusively for web-based communication. It is commonly used to include the contents of one or more files into a web page on a web server. Allows web developers to reuse content by inserting the same content into multiple web documents. |
|
|
Term
|
Definition
| Input validation is done at the client before it is even sent back to the server to process. |
|
|
Term
| Cross-site scripting (XSS) attack |
|
Definition
| An attack where a vulnerability is found on a web site that allows an attacker to inject malicious code into a web application. |
|
|
Term
|
Definition
| The values that are being received by the application are validated to be within defined limits before the server application processes them within the system. |
|
|
Term
|
Definition
| A piece of software installed on a system that is designed to intercept all traffic between the local web browser and the web server. |
|
|
Term
|
Definition
| An attacker capturing the traffic from a legitimate session and replaying it with the goal of masquerading an authenticated user. following are some key database terms |
|
|
Term
|
Definition
| A collection of related data items. |
|
|
Term
|
Definition
| A collection of records of the same type. |
|
|
Term
|
Definition
| A cross-referenced collection of data. |
|
|
Term
| Database Management System (DBMS) |
|
Definition
| Manages and controls the database. |
|
|
Term
|
Definition
| A row in a two-dimensional database. |
|
|
Term
|
Definition
| A column in a two-dimensional database. |
|
|
Term
|
Definition
| Columns that make each row unique. (Every row of a table must include a primary key.) |
|
|
Term
|
Definition
| A virtual relation defined by the database administrator in order to keep subjects from viewing certain data. |
|
|
Term
|
Definition
| An attribute of one table that is related to the primary key of another table. |
|
|
Term
|
Definition
| An intersection of a row and a column. |
|
|
Term
|
Definition
| Defines the structure of the database. |
|
|
Term
|
Definition
| Central repository of data elements and their relationships. |
|
|
Term
| Relational database model |
|
Definition
| Uses attributes (columns) and tuples (rows) to contain and organize information. |
|
|
Term
|
Definition
| Combines records and fields that are related in a logical tree structure. |
|
|
Term
|
Definition
| Designed to handle a variety of data (images, audio, documents, video), which is more dynamic in nature than a relational database. |
|
|
Term
| Object-relational database (ORD) |
|
Definition
| Uses object-relational database management system (ORDBMS) and is a relational database with a software front end that is written in an object-oriented programming language. |
|
|
Term
|
Definition
| An operation that ends a current transaction and cancels all the recent changes to the database until the previous checkpoint/ commit point. |
|
|
Term
|
Definition
| A mechanism that is another control used in databases to ensure the integrity of the data held within the database. |
|
|
Term
|
Definition
| A technique used to hide specific cells that contain sensitive information. |
|
|
Term
|
Definition
| A technique of inserting bogus information in the hopes of misdirecting an attacker or confusing the matter enough that the actual attack will not be fruitful. |
|
|
Term
|
Definition
| Combines data from multiple databases or data sources into a large database for the purpose of providing more extensive information retrieval and data analysis. |
|
|
Term
|
Definition
| Otherwise known as knowledge discovery in database (KDD), which is the process of massaging the data held in the data warehouse into more useful information. |
|
|
Term
|
Definition
| A small application, or string of code, that infects host applications. It is a programming code that can replicate itself and spread from one system to another. |
|
|
Term
|
Definition
| A virus written in a macro language and that is platform independent. Since many applications allow macro programs to be embedded in documents, the programs may be run automatically when the document is opened. This provides a distinct mechanism by which viruses can be spread. |
|
|
Term
|
Definition
| Another type of virus that appends itself to executables on the system and compresses them by using the user |
|
|
Term
|
Definition
| A virus that hides the modifications it has made. The virus tries to trick anti-virus software by intercepting its requests to the operating system and providing false and bogus information. |
|
|
Term
|
Definition
| Produces varied but operational copies of itself. A polymorphic virus |
|
|
Term
|
Definition
| Also called a multipartite virus, this has several components to it and can be distributed to different parts of the system. It infects and spreads in multiple ways, which makes it harder to eradicate when identified. |
|
|
Term
|
Definition
| Attempts to hide from anti-virus software by modifying its own code so that it does not match predefined signatures. |
|
|
Term
|
Definition
| These are not actual computer viruses, but types of e-mail messages that are continually forwarded around the Internet. |
|
|
Term
|
Definition
| Software applications that run automated tasks over the Internet, which perform tasks that are both simple and structurally repetitive. Malicious use of bots is the coordination and operation of an automated attack by a botnet (centrally controlled collection of bots). |
|
|
Term
|
Definition
| These are different from viruses in that they can reproduce on their own without a host application and are self-contained programs. |
|
|
Term
|
Definition
| Executes a program, or string of code, when a certain event happens or a date and time arrives. |
|
|
Term
|
Definition
| Set of malicious tools that are loaded on a compromised system through stealthy techniques. The tools are used to carry out more attacks either on the infected systems or surrounding systems. |
|
|
Term
|
Definition
| A program that is disguised as another program with the goal of carrying out malicious activities in the background without the user knowing. |
|
|
Term
| Remote access Trojans (RATs) |
|
Definition
| Malicious programs that run on systems and allow intruders to access and use a system remotely. |
|
|
Term
|
Definition
| Attaches code to the file or application, which would fool a virus into |
|
|
Term
|
Definition
| Allowing the suspicious code to execute within the operating system and watches its interactions with the operating system, looking for suspicious activities. |
|
|
