Term
| Acceptable use policy (AUP) |
|
Definition
| an organization wide policy that divides what is allowed and disallowed regarding use of IT assets by employees. |
|
|
Term
|
Definition
| a mathematical formula that quantifies the amount of uptime for a system compared to the amount of downtime. usually displayed at a ratio or percentage. |
|
|
Term
|
Definition
| a physiological or bahavioral human system of recognition (i.e. a finger print reader. a retina scanner. a voice recognition reader .etc.) |
|
|
Term
|
Definition
| a brand name for a for a line of smartphones and PDA handheld mobile devices. |
|
|
Term
| Business continuity plan (BCP) |
|
Definition
| a plan for how to handle outages to IT systems applications and data access in order to maintain business operations. |
|
|
Term
| Business impact analysis (BIA) |
|
Definition
| a prerequisite analysis for a business continuity plan that prioritizes mission critical systems, applications, and data and the impact of an outage or downtime. |
|
|
Term
| Certified information systems security professional (CISSP) |
|
Definition
| a globally recognized information systems security professional certification offered by (isc)^2 |
|
|
Term
| Childrens internet protection act (CIPA) |
|
Definition
| a federal law enacted by congress to address concerns about access to offensive content over the internet on school and library computers |
|
|
Term
|
Definition
| the opposite of cleartext. data sent as ciphertext is not visible and not dechiperable. |
|
|
Term
|
Definition
| the opposite of ciphertext. data sent as cleartext is visible and decipherable. |
|
|
Term
|
Definition
| the requirement to keep information private or secret. |
|
|
Term
|
Definition
| the blocking of specific keywords or phrases in domain name and URL lookups. specific URLs and domain names can be prevented from being accessed with content filters. |
|
|
Term
|
Definition
| the study or practice of hiding information. |
|
|
Term
|
Definition
| the act of securing and protecting individuals, businesses, organizations, and governments that are connected to the internet and web. |
|
|
Term
|
Definition
| the global online virtual world created by the internet where individuals, businesses, organizations and governments connect to one another. |
|
|
Term
| Data classification standard |
|
Definition
| a definition of different data types. |
|
|
Term
|
Definition
| an exterior network that acts as a bufferzone between the public internet and an organizations IT infrastructure (i.e. LAN to WAN domain). |
|
|
Term
| Disaster recovery plan (DRP) |
|
Definition
| a written plan for how to handle major disasters or outages and recover mission critical systems, applications and data. |
|
|
Term
|
Definition
| the amount of time an IT system, application or data is not available to users. |
|
|
Term
|
Definition
| The buying and selling of goods and services online through a secure web site, with payment by credit card or direct debit from a checking account. |
|
|
Term
|
Definition
| the act of transforming cleartext data into undecipherable ciphertext. |
|
|
Term
| End user licensing agreement (EULA) |
|
Definition
| a software licensing agreement between the software manufacturer and purchaser, which limits the liability for software errors, bugs, or vulnerabilities. |
|
|
Term
|
Definition
| an IEEE 802.3 CSMA/CD standard for ethernet networking supporting speeds from 10Mbps to 10Gbps. |
|
|
Term
| Family educational rights and privacy act (FERPA) |
|
Definition
| a U.S federal law that protects the private data of students, including their transcripts and grades, with which K-12 and higher education institutions must comply. |
|
|
Term
| Federal information security management act (FISMA) |
|
Definition
| a U.S law that requires U.S. agencies to protect citizens private data and have proper security controls in place. |
|
|
Term
|
Definition
| a publicly traded company that provides information used by the consumer credit reporting agencies equifax, experian, and transunion. |
|
|
Term
| File transfer protocol (FTP) |
|
Definition
| a non secure file transfer application that uses connection oriented TCP transmissions with acknowledgements. |
|
|
Term
|
Definition
| the generation composed of those born between 1980 and 2000 in the U.S members of generation Y grew up with technologies that baby boomers did not have (i.e, cell phones,cable tv,internet,ipods,etc.) |
|
|
Term
| Grammar-Leach-Bliley act (GLBA) |
|
Definition
| a U.S federal law requiring banking and financial institutions to protect customers private data and have proper security controls in place. |
|
|
Term
|
Definition
| a term that refers to ensuring the latest software revisions, security patches, and system configurations are installed properly. |
|
|
Term
| Health insurance portability and accountability act (HIPAA) |
|
Definition
| a U.S fedreal law requiring health care institutions and insurance providers to protect patients private data and have proper security controls in place. |
|
|
Term
| Hyper text transfer protocol (HTTP) |
|
Definition
| an application layer that allows users to communicate and access content via web pages and browsers. |
|
|
Term
| Hyper text transfer protocol secure (HTTPS) |
|
Definition
| the combination of HTTP and SSL/TLS encryption to provide security for data entry by users entering information on secure web pages, like those found on online banking web sites. |
|
|
Term
|
Definition
| an IEEE standard for local area networking that allows multiple computers to communicate using the same cabling this is also known as ethernet. |
|
|
Term
|
Definition
| an instant messaging chat application examples include AOL IM, Yahoo! messenger, and Google talk. |
|
|
Term
|
Definition
| the protection of data itself. |
|
|
Term
|
Definition
| the servers and application software on which information and data reside. |
|
|
Term
| Informations systems security |
|
Definition
| the protection of information systems,applications and systems. |
|
|
Term
| Institute of electrical and electronics engineers (IEEE) |
|
Definition
| a standard body that defines specifications and standards for electronic technology. |
|
|
Term
|
Definition
| the validity of information or data. data with high integrity has not been altered or modified. |
|
|
Term
|
Definition
| a global network of computer networks that use the TCP/IP family of protocols and applications to connect nearly two billion users. |
|
|
Term
|
Definition
| a network layer protocol that has a network layer address. |
|
|
Term
| Intrusion detection system/Intrusion prevention system (IDS/IPS) |
|
Definition
| network security appliances typically installed within th LAN to WAN domain at the internet ingress/egress to monitor and block unwanted IP traffic. |
|
|
Term
| Ip default gateway router |
|
Definition
| the router interfaces IP address that acts as your LANs ingress/egress device. |
|
|
Term
|
Definition
| a device that examines the IP, TCP, and UDP layers within a packet to make blocking or forwarding decisions. Firewalls are placed at the ingress/egress points where networks interconnects |
|
|
Term
International information systems security certification consortium
(ISC)^2 |
|
Definition
| a nonprofit organization dedicated to certifying information systems security professionals |
|
|
Term
| IT security policy framework |
|
Definition
| a set of rules for security. the framework is hierarchical and includes policies, procedures, and guidelines. |
|
|
Term
|
Definition
| a network switch that examines the MAC layer address of an Ethernet frame to determine where to send it. a layer 2 switch supports LAN connectivity. typically via unshielded twisted pair cabling at 10/100/1000 or 10 Gbps Ethernet speeds. |
|
|
Term
|
Definition
| a network switch that examines the network layer address of an IP packet to determine where to route it. a layer 3 switch supports LAN connectivity typically via unshielded twisted pair cabling at 10/100/1000 or 10gig Ethernet speeds and is the same thing as a router. |
|
|
Term
|
Definition
| a collection of computers that are connected to one another or to a common median. computers on a LAN are generally within an area no larger than a building. |
|
|
Term
|
Definition
| software written with malicious intent for example a computer virus. |
|
|
Term
| Mean time to failure (MTTF) |
|
Definition
| the average amount of time a device is expected to operate before encountering a failure. |
|
|
Term
| Man time to repair (MTTR) |
|
Definition
| the average amount of time required to repair a device. |
|
|
Term
| Multi protocal label switching (MPLS) |
|
Definition
| a wide area network technology that operates at layer 2 by inserting labels or tags in the packet header for creating virtual paths between endpoints in a WAN infrastructure. this is a faster method of transporting IP packets through the WAN without requiring routing and switching of IP packets |
|
|
