Term
|
Definition
| Triple Digital Encryption Standard is a symmetric-key block cipher that applies the DES cipher three times when encrypting data |
|
|
Term
|
Definition
| Standing for Authentication, Authorization and Accounting; AAA is a system for tracking user activities on an IP-based network and controlling their access to network resources. AAA is often is implemented as a dedicated server. |
|
|
Term
|
Definition
| Access Control List; specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. |
|
|
Term
|
Definition
| Advanced Encryption Standard; A symmetric algorithm with 128-bit group encryption 128, 192 and 256-bit key lengths which requires only one encryption and decryption key. |
|
|
Term
|
Definition
| Authentication Header; is used to guarantee connectionless integrity and data origin authentication of IP packets. AH is also a good way to prevent replay attacks. AH is a part of the IPsec protocol suite. |
|
|
Term
|
Definition
| Annualized Loss Expectancy; The expected monetary loss that can be expected for an asset due to a risk over a one year persio |
|
|
Term
|
Definition
| Application Programming Interface; A set of routines, protocols, and tools for building software applications. API's also specify how software components interact. |
|
|
Term
|
Definition
| Advanced Persistent Threat; A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. |
|
|
Term
|
Definition
| Annual Rate of Occurrence; The probability that a risk will occur in a particular year. |
|
|
Term
|
Definition
| Address Resolution Protocol; A protocol for mapping an IP address to a physical machine address that is recognized in the local area network. |
|
|
Term
|
Definition
| Address Space Layout Randomization; A memory-protection process for operating systems that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory. |
|
|
Term
|
Definition
| Application Service Provider; An enterprise that delivers application functionality and associated services across a network to multiple customers using a rental or usage-based transaction-pricing model. |
|
|
Term
|
Definition
| Acceptable Use Policy; A document stipulating constraints and practices that a user must agree to for access to a corporate network or the internet. |
|
|
Term
|
Definition
| Business Availability Center; Allows you to optimize the availability, performance and effectiveness of business services and applications. |
|
|
Term
|
Definition
| Business Continuity Plan; The preparation and testing of measures that protect business operations and also provide the means for the recovery of technologies in the event of any loss, damage or failure of facilities. |
|
|
Term
|
Definition
| Business Impact Analysis: A systematic process to determine and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident or emergency. |
|
|
Term
|
Definition
| Basic Input/Output System: A set of computer instructions in firmware that control input and output operations. |
|
|
Term
|
Definition
| Business Partners Agreement: A written agreement between two or more individuals who join as partners to form and carry on a for-profit business. |
|
|
Term
|
Definition
Bridge Protocol Data Unit: Frames that contain information about the Spanning Tree Protocol. |
|
|
Term
|
Definition
| Bring Your Own Device: The practice of allowing the employees of an organization to use their own computers, smartphones, or other devices for work purposes. |
|
|
Term
|
Definition
| Certificate Authority: A trusted entity that manages and issues security certificates and public keys that are used for secure communication in a public network. |
|
|
Term
|
Definition
| Common Access Card: is a United States Department of Defense (DoD) smart card for multi-factor authentication. |
|
|
Term
|
Definition
| Controller Area Network: A serial bus network of micro-controllers that connects devices, sensors and actuators in a system or sub-system for real-time control application. |
|
|
Term
|
Definition
Completely Automated Public Turing test to tell Computers and Humans Apart: A program or system intended to distinguish human from machine input, typically as a way of stopping spam and automated extraction of data from websites. |
|
|
Term
|
Definition
| Corrective Action Report: A procedure used to originate a corrective action. |
|
|
Term
|
Definition
| Counter-mode/CBC-MAC Protocol: An encryption protocol that forms part of the 802.11i standard for wireless local area networks, particularly those using WiMax technology. |
|
|
Term
|
Definition
| Closed Circuit Television: A TV system in which signals are not publicly distributed (Broadcasted) but are monitored, primarily for surveillance and security purposes. |
|
|
Term
|
Definition
| Computer Emergency Response Team: An expert group that handles computer security incidents. |
|
|
Term
|
Definition
| encrypts/decrypts its input one block at a time instead of one bit at a time using a shared, secret key. The block is fixed in size; otherwise, padding is necessary. This algorithm is symmetric. |
|
|
Term
|
Definition
| Cipher Feedback: A mode of operation for a block cipher. |
|
|
Term
|
Definition
| Challenge Handshake Authentication Protocol: CHAP ensures that the server sends a challenge to the client after the client establishes a network connection to access a web/ISP server. |
|
|
Term
|
Definition
| Chief Information Officer: An executive job title commonly given to the person at an enterprise in charge of information technology strategy and the computer systems required to support an enterprise’s objectives and goals. |
|
|
