Term
|
Definition
| Also known as Triple Digital Encryption Standard (DES). A block cipher algorithm used for encryption |
|
|
Term
|
Definition
| The standard that provides for bandwidths of up to 54Mbps in the 5GHz frequency spectrum |
|
|
Term
|
Definition
| The standard that provides for bandwidths of up to 11Mbps in the 2.4Ghz frequency spectrum |
|
|
Term
|
Definition
| The standard that provides for bandwidths of 20Mbps in the 2.4GHz frequency spectrum |
|
|
Term
|
Definition
| A proposed amendment to the 802.11 standard that provides for bandwidth of 74Mbps in the 2.4GHz and 5GHz frequency spectrums. |
|
|
Term
|
Definition
| Agreed-upon principles set forth by a company to govern how the employees of that company may use resources such as computers and Internet access |
|
|
Term
|
Definition
| The means of giving or restricting user access to network resources. Access control is usually accomplished through the use of an access control list (ACL) |
|
|
Term
| Access Control List (ACL) |
|
Definition
| A table or data file that specifies whether a user or group has access to a specific resource on a computer or network |
|
|
Term
|
Definition
| The point at which access to a network is accomplished. This term is often used in relation to a WAP |
|
|
Term
|
Definition
| The act of keeping track of activity. Tracking users' interactions with network resources via log files that are routinely scanned or checked |
|
|
Term
|
Definition
| A message confirming that a data packet was received. Occurs at Transport layer |
|
|
Term
|
Definition
| A directory service that is the replacement for NT Directory Service (NTDS) |
|
|
Term
|
Definition
| Involves an attacker gaining access to a host in the network through a switch and logically disconnecting it from the network |
|
|
Term
|
Definition
| A Microsoft technology that allows customized controls, icons, and other features to increase the usability of web-enabled systems |
|
|
Term
| Address Resolution Protocol (ARP) |
|
Definition
| Protocol used to map known IP-addresses to unknown physical addresses |
|
|
Term
|
Definition
| Anomaly-detection intrusion detection system. An AD-IDS works by looking for deviations from a pattern of normal network traffic |
|
|
Term
| Advanced Encryption Standards (AES) |
|
Definition
| A FIPS publication that specifies a standard cryptographic algorithm for use by the U.S. government |
|
|
Term
|
Definition
| Software that gathers information to pass on the marketers or intercepts personal data such as credit card numbers and makes them available to third parties |
|
|
Term
|
Definition
| A notification that an unusual condition exists and should be investigated |
|
|
Term
|
Definition
| The series of steps/formulas/processes that is followed to arrive at a result |
|
|
Term
|
Definition
| The component or process that analyzes the data collected by the sensor |
|
|
Term
| Annual Loss Expectancy (ALE) |
|
Definition
| A calculation that is used to identify risks and calculate the expected loss each year |
|
|
Term
| Annualized Rate of Occurrence (ARO) |
|
Definition
| A calculation of how often a threat will occur. For example, a threat that occurs once every five years has an annualized rate of occurrence of 1/5, 0.2 |
|
|
Term
|
Definition
| The act of looking for variations from normal operations (anomalies) and reacting to them |
|
|
Term
|
Definition
| Authentication that does not require a user to provide a username, password, or any other identification before accessing resources |
|
|
Term
|
Definition
| A category of software that uses various methods to prevent and eliminate viruses in a computer. It typically also protects against future infections. |
|
|
Term
|
Definition
| 7th Layer of OSI model. Deals with how applications access the network and describes application functionality, such as file transfer, messaging, and so on. |
|
|
Term
| Application Programming Interface (API) |
|
Definition
| An abstract interface to the services and protocols provided by an operating system |
|
|
Term
|
Definition
| A virus that is protected in a way that makes disassembling it difficult. The difficulty makes it "armored" against antivirus programs that have trouble understanding its code |
|
|
Term
|
Definition
| The table that Address Resolution Protocol uses. Contains a list of known TCP/IP addresses and their associated physical addresses. The table is cached in memory so that ARP lookups don't have to be performed for frequently accessed addresses. |
|
|
Term
|
Definition
| Any resource of value that you want to secure and protect |
|
|
Term
|
Definition
| Encryption in which two keys must be used. One key is used to encrypt data, and the other is needed to decrypt the data. |
|
|
Term
|
Definition
| Any unauthorized intrusion into the normal operations of a computer or computer network. The attack can be carried out to gain access to the system or any of its resources |
|
|
Term
|
Definition
| The act of tracking resource usage by users |
|
|
Term
|
Definition
| The means of verifying that someone is who they say they are |
|
|
Term
| Authentication Header (AH) |
|
Definition
| A header used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays |
|
|
Term
|
Definition
| The ability of a resource to be accessed, often expressed as a time period. Many networks limit users' ability to access network resources to working hours, as a security precaution |
|
|
Term
|
Definition
| An opening left in a program application (usually by the developer) that allows additional access to data. Typically created for debugging purposes and aren't documents. Before product ships, backdoors are closed; when they aren't security loopholes exist. |
|
|
Term
|
Definition
| A usable copy of data made to media. Ideally, the backup is made to removable media and stored for recovery should anything happen to the original data |
|
|
Term
|
Definition
| The science of identifying a person by using one or more of their features. |
|
|
Term
|
Definition
| The basic input/output system for an IBM-based PC. The firmware that allows the computer to boot |
|
|
Term
|
Definition
| A probability method of finding collision in hash functions |
|
|
Term
|
Definition
| A type of symmetric block cipher created by Bruce Schneier |
|
|
Term
|
Definition
| Also known as the Master Boot Record (MBR). The first sector of the hard disk, where the program that boots the operating system resides. Popular target for viruses |
|
|
Term
|
Definition
| A type of attack that relies purely on trial and error |
|
|
Term
|
Definition
| A type of denial of Service (DoS)attack that occurs when more data is put into a buffer than it can hold |
|
|
Term
| Business Continuity Planning (BCP) |
|
Definition
| A contingency plan that allows a business to keep running in the event of a disruption to vital resources |
|
|
Term
| Business Impact Analysis (BIA) |
|
Definition
| A study of the possible impact if a disruption to a business's vital resources were to occur |
|
|
Term
|
Definition
| A digital entity that establishes who you are and is often used with e-commerce. It contains your name and other identifying data |
|
|
Term
| Certificate Authority (CA) |
|
Definition
| An issuer of digital certificates (which are then used for digital signatures or key pairs) |
|
|
Term
|
Definition
| Policies governing the use of certificates |
|
|
Term
| Certificate Practice Statement (CPS) |
|
Definition
| The principles and procedures employed in the issuing and managing of certificates |
|
|
Term
|
Definition
| The act of making a certificate invalid |
|
|
Term
| Certificate Revocation List (CRL) |
|
Definition
| A list of digital certificate revocations that must be regularly downloaded to stay current |
|
|
Term
|
Definition
| The log of the history of evidence that has been collected |
|
|
Term
| Challenge Handshake Authentication Protocol (CHAP) |
|
Definition
| A protocol that challenges a system to verify identity |
|
|
Term
|
Definition
| Documentation required to make a change in the scope of any particular item. Formal document requiring many signatures before key elements can be modified |
|
|
Term
|
Definition
| A hexadecimal value computed from transmitted data that is used in error checking routines |
|
|
Term
|
Definition
| Unencrypted text tat can be read with any editor |
|
|
Term
|
Definition
| The part of a client/server network where the computing is usually performed. Client uses server for remote storage, backups, or security. |
|
|
Term
|
Definition
| A server-centric network in which all resources are stored on a file server and processing power is distributed among workstations and the file server |
|
|
Term
|
Definition
| A method of balancing loads and providing fault tolerance |
|
|
Term
|
Definition
| A type of cabling used in computer networks |
|
|
Term
|
Definition
| The storage and conditions for release of source code provided by a vendor, partner, or other party. |
|
|
Term
|
Definition
| An agreement between individuals to commit fraud or deceit |
|
|
Term
|
Definition
| A document of specifications detailing security evaluation methods for IT products and systems |
|
|
Term
| Common Gateway Interface (CGI) |
|
Definition
| An older form of scripting that was used extensively in early web systems |
|
|
Term
|
Definition
| A virus that creates a new program that runs in place of an expected program of the same name |
|
|
Term
|
Definition
| Assurance that data remains private and no one sees it except for those expected to see it |
|
|
Term
|
Definition
| The administration of setup and changes to configurations |
|
|
Term
|
Definition
| A plain text file stored on your machine that contains information about you (and your references) and is used by a database server |
|
|
Term
|
Definition
| The study and practice of finding weaknesses in ciphers |
|
|
Term
|
Definition
| A symmetric algorithm, also known as a cipher, used to encrypt and decrypt data |
|
|
Term
|
Definition
| The field of mathematics focused on encrypting and decrypting data |
|
|
Term
|
Definition
| An individual responsible for maintaining the data, and the integrity of it, within their area |
|
|
