Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security+ Terms

10 Tape Rotation A backup rotation scheme in which ten backup tapes are used over the course of two weeks.
3DES - Number of Rounds 48
3-Leg Perimeter A type of DMZ where a firewall has three legs that connect to the LAN, Internet, and the DMZ.
802.1X An authentication technology used to connect devices to a LAN or WLAN. It is an example of port-based NAC.
Acceptable Use Acceptable usage policies define the rules that restrict how a computer, network, or other system may be used.
Acceptable Use Policy A document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet
Access Control The ability of a subject to interact with an object
Access Control List A list stating who has specific types access to what
Access Control Model Methodologies in which admission to physical areas, and more important computer systems, is managed and organized.
Access Point A hardware device or a computer's software that acts as a communication hub for users of a wireless device to connect to a wired LAN
Account Expiration The date when users’ accounts they use to log on to the network expires.
Accounting Track the use of network resources by authenticated users
Active Directory Microsoft's directory service, which is a central database of all network resources, is used to manage the network and provide users with access to resources.
Active Interception Also known as active inception in the CompTIA 2008 Security+ objectives; normally includes a computer placed between the sender and the receiver in an effort to capture and possibly modify information.
Activex A set of Microsoft technologies used to link desktop applications to Web sites.
Activex Controls A specific way of implementing ActiveX; also called add–ons.
Ad Filtering Ways of blocking and filtering out unwanted advertisement; popup blockers and content filters are considered to use these methods
Add–Ons A specific way of implementing ActiveX; also called ActiveX controls.
Address Resolution Protocol A protocol used by the Internet Protocol, specifically IPv4, to map IP network addresses to the hardware addresses used by a data link protocol.
Address Space Layout Randomization A windows vista feature that randomly assigns executable operating system code to different possible locations in memory
Advanced Encryption Standard One of the newest encryption methods, uses Rijndael algorythm 128bit 192 bit and 256 bit are typically used. The U.S. Government specifies AES 192 or 256 for highly sensitive data
Advanced Persistent Threat A network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time
Adware A software program that delivers advertising content in a manner that is unexpected and unwanted by the user
Algorithms Well-defined instructions that describe computations from their initial state to their final state.
Annualized Loss Expectancy The product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE)
Annualized Rate of Occurrence The probability that a risk will occur in a particular year.
Anomaly-Based Monitoring Also known as statistical anomaly based; establishes a performance baseline based on a set of normal network traffic evaluations.
Anomaly–Based Monitoring A process for detecting attacks by observing statistical anomalies.
Antispyware Software that helps prevent computers from becoming infected by different types of spyware
Antivirus Software that can scan a computer for infections as well as monitor computer activity and scan all new documents, such as e–mail attachments, that might contain a virus.
AP Isolation Each client connected to the AP will not be able to communicate with each other, but they can each still access the Internet.
Application Firewall A firewall that can control the traffic associated with specific applications. Works all the way up to the Application Layer of the OSI model.
Application Level Gateway Applies security mechanisms to specific applications, such as FTP and/or BitTorrent. It supports address and port translation and checks whether the type of application traffic is allowed.
Application Programming Interface A system of tools and resources in an operating system, enabling developers to create software applications.
Application Service Provider A business providing computer-based services to customers over a network; such as access to a particular software application (such as customer relationship management) using a standard protocol
ARP Poisoning An attack that exploits Ethernet networks, and it may enable an attacker to sniff frames of information, modify that information, or stop it from getting to its intended destination.
Asset An entity that has value.
Asymmetric Key Algorithm This type of cipher uses a pair of different keys to encrypt and decrypt data.
Audit A methodical examination and review that produces a detailed report of its findings.
Audit Records Operating system logs that contain only security event information
Audit Trails Records or logs that show the tracked actions of users, whether the user was successful in the attempt.
Authentication Verifying the identity of a subject Note: Does NOT infer any test for any permissions, only the identity.
Authentication Header Protects the non–changing elements in the Ipheader, enabling data–origin authentication
Authentication Methods (3) 1. Something you know (ie password) 2. Something you have (ie token) 3. Something you are (ie biometrics)
Authenticator The device in between the supplicant and the authentication server, such as a wireless access point. Can be simple and dumb – all of the brains have to be in the supplicant and the authentication server.
Authorization Grant specific types of privileges or permissions of an authenticated entity to specific resource
Automated Patch Update Service A locally managed patch update service that is used to distribute patches instead of relying upon the vendor's online update service.
Availability Ensures that data is accessible to authorized users.
Back to-Back Perimeter A type of DMZ where the DMZ is located between the LAN and the Internet.
Backdoor Typically a program, such as BackOrifice, that opens and holds a dynamic port number open while the intruder uses that port number to "respond" to the program
Backup Generator Part of an emergency power system used when there is an outage of regular electric grid power.
Baiting When a malicious individual leaves malware-infected removable media, such as a USB drive or optical disc, lying around in plain view.
Baseline A reference set of data against which operational data is compared.
Baseline Reporting Identification of the security posture of an application, system, or network.
Baselining The process of measuring changes in networking, hardware, software, and so on.
Basic Input/Output System A coded program embedded on a processor chip that recognizes and controls different devices on the computer system..
Bastion Host System located in a DMZ or connected to the internet that has been hardened against hackers
Bayesian Filtering An advanced method for detecting spam.
Behavior-Based Monitoring A monitoring system that looks at the previous behavior of applications, executables, and/or the operating system and compares that to current activity on the system.
Biometrics The science of recognizing humans based on one or more physical characteristics.
Birthday Attack A brute force attack that takes advantage of the Birthday Paradox to simplify the attack.
Bittorrent A type of p2p network that maximizes transfer speeds by gathering pieces of a file and downloading them separately.
Blacklist A list of senders for which the user does not want to receive e–mail.
Blackout When a total loss of power for a prolonged period occurs.
Block Cipher A type of algorithm that encrypts a number of bits as individual units known as blocks.
Blowfish Key Length up to 448 bits
Bluejacking The sending of unsolicited messages to Bluetooth-enabled devices such as mobile phones and PDAs.
Bluesnarfing The unauthorized access of information from a wireless device through a Bluetooth connection.
Bluetooth security modes SM1(promiscous) < SM2 (establish security after pairing) < SM3 (establish security required first)
Boot Virus A virus that infects the Master Boot Record (MBR) of a hard disk drive.
Border Gateway Protocol Routing protocol used to transfer data and information between different host gateways, the Internet or autonomous systems. Is a Path Vector Protocol (PVP)
Bot Herder An attacker who controls several botnets.
Botnet A group of zombie computers that are under the control of an attacker.
Bridge Protocol Data Unit Frame that contains information about the Spanning tree protocol (STP)
Bring Your Own Device Increasing trend toward employee-owned devices within a business
Broadcast Storm When there is an accumulation of broadcast and multicast packet traffic on the LAN coming from one or more network interfaces.
Brownout When the voltage drops to such an extent that it typically causes the lights to dim and causes computers to shut off.
Brute Force Attack A password attack where every possible password is attempted.
Buffer Overflow A process that attempts to store data in random access memory beyond the boundaries of a fixed length storage buffer.
Buffer Overflow Exploit An anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory
Business Continuity Planning The creation of a strategy through the recognition of threats and risks facing a company, with an eye to ensure that personnel and assets are protected and able to function in the event of a disaster
Business Impact Analysis The examination of critical versus noncritical functions, it is part of a business continuity plan (BCP).
Business Partners Agreement Written agreement between two or more individuals who join as partners to form and carry on a for-profit business.
Butt Set A device that looks similar to a phone but has alligator clips that can connect to the various terminals used by phone equipment, enabling a person to listen in to a conversation.
California Database Security Breach Act A state act that requires disclosure to California residents if a breach of personal information has or is believed to have occurred.
Carrier Protocol The protocol used by the network (IP on the Internet) that the information is traveling over
Cells The coverage areas for cellular communications
Cellular Telphones Portable communications devices that function in a manner unlike wired telephones.
Certificate Authority The entity (usually a server) that issues digital certificates to users.
Certificate Multi–Factor Authentication Uses more than one authentication mechanism at the same time (ie ATM card + PIN)
Certificate Revocation List A list of certificates no longer valid or that have been revoked by the issuer.
Certificate Signing Request A message sent from an applicant to a Certificate Authority in order to apply for a digital identity certificate
Certificates Digitally signed electronic documents that bind a public key with a user identity.
Chain of Custody Documents who had custody of evidence all the way up to litigation or a court trial (if necessary) and verifies that the evidence has not been modified.
Challenge Handshake Authentication Protocol A vendor–neutral protocol in which the server and the client are able to complete a handshake and obtain authentication over a PPP network connection, without the client's password EVER crossing the network
Change Management Team A group of personnel within an organization who oversee changes.
Channel Service Unit a digital-interface device used to connect a data terminal equipment (DTE), such as a router, to a digital circuit, such as a Digital Signal 1 (T1) line
Channels Internet Relay Chat discussion forums.
Chat Instant messaging between several users simultaneously.
Chief Information Officer An executive job title commonly given to the person at an enterprise in charge of information technology (IT) strategy and the computer systems required to support an enterprise's objectives and goals
Chief Security Officer The company executive responsible for the security of personnel, physical assets and information in both physical and digital form
Chief Technology Officer An executive-level position in a company or other entity whose occupation is focused on scientific and technological issues within an organization
Children'S Online Privacy Protection Act A U.S. federal act that requires operators of online services or Wev sites directed at children under the age of 13 to obtain parental consent prior to the collection, use, disclosure, or display of a child's personal information
Chromatic Dispersion The refraction of light as in a rainbow. If light is refracted in such a manner on fiber optic cables, the signal cannot be read by the receiver.
Cipher An algorithm that can perform encryption or decryption.
Cipher Feedback A mode of operation for a block cipher
Ciphertext Attack A vulnerability of all crypto–systems, but mainly PGP and Open–PGP. The cryptoanalyst works from the cipher text alone, but is able to gather enough data to infer the rest. Especially weak, if the same cipher or key is used to sign and encrypt the email
Circuit-Level Gateway Works at the Session Layer of the OSI model and applies security mechanisms when a TCP or UDP connection is established; they act as a go-between for the Transport and Application Layers in TCP/IP.
Closed-Circuit Television A television system in which the video signals are transmitted from one or more cameras by cable to a restricted set of monitors.
Cloud Computing A way of offering on-demand services that extend the capabilities of a person’s computer or an organization’s network.
Cloud Service Provider A company that offers some component of cloud computing
Cluster Two or more servers that work with each other.
Cold Site This has tables, chairs, bathrooms, and possibly some technical setup, for example, basic phone, data, and electric lines, but will require days if not weeks to set up properly.
Common Access Card A "smart" card about the size of a credit card, is the standard identification for active duty uniformed service personnel
Common Gateway Interface Scripts that manipulate data and enable user interaction on Web servers.
Companion Virus A virus that adds a program to the operating system that is a copycat "companion" to a legitimate program.
Completely Automated Public Turing test to tell Computers and Humans Apart A type of challenge-response test used in computing to determine whether or not the user is human
Computer Emergency Response Team Expert group that handles computer security incidents
Computer Incident Response Team A group that handles events involving computer security breaches
Computer Security Audits Technical assessments made of applications, systems, or networks.
Confidentiality Ensures that only authorized parties can view the information.
Configuration Baseline Operating system configurations settings that will be used for each computer in the organization.
Content Addressable Memory Table A table that is in a switch’s memory that contains ports and their corresponding MAC addresses.
Content Filters Individual computer programs that block external files that use JavaScript or images from loading into the browser.
Content Management System A computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment.
Content protection Obfuscation of the data within a conversation "protected movie dvd"
Context protection Obfuscation of the identity of the sender and receiver of data
Contingency Planning Developing responses in advance for various situations that might impact business
Continuity Of Operation Planning Planning that helps to ensure trouble-free operations through unanticipated events
Controller Area Network A vehicle bus standard designed to allow microcontrollers and devices to communicate with each other in applications without a host computer.
Cookies Text files placed on the client computer that store information about it, which could include your computer’s browsing habits and credentials
Corrective Action Report Procedure used to originate a corrective action. It is used as response to a defect. In simple words, it means an action/actions adopted to eliminate the problem from occurring again
Counter-mode/CBC-MAC Protocol An encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard
Cross-Site Request Forgery An attack that exploits the trust a website has in a user’s browser in an attempt to transmit unauthorized commands to the website.
Cross-Site Scripting Using client–side scripts typically written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker.
Crosstalk When a signal transmitted on one copper wire creates an undesired effect on another wire; the signal “bleeds” over, so to speak.
Cryptanalysis Attack A password attack uses a considerable set of precalculated encrypted passwords located in a lookup table.
Cryptographic Hash Functions Hash functions based on block ciphers.
Cryptography The practice and study of hiding information.
Customer Relationship Management An approach to managing a company's interactions with current and future customers. It often involves using technology to organize, automate, and synchronize sales, marketing, customer service, and technical support
Cybercrime Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information.
Cybercriminals A loose–knit network of attackers, identity thieves, and financial fraudsters that are more highly motivated, less risk–averse, better funded, and more tenacous than hackers.
Cyberterrorism Attacks launched by cyberterrorists that could cripple a nation's electronic and commercial infrastructure.
Cyberterrorist An attacker motivated by ideology to attack computers or infrastructure networks.
Cyclical Redundancy Check A method of checking for errors in data that has been transmitted on a communications link
Data Classification The process of assigning a level of business importance, availability, sensitivity, security, and regualtion requirements to data.
Data Emanation The electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversations or to steal data.
Data Encryption Standard Symmetric-key algorithm for the encryption of electronic data. Although now considered insecure, it was highly influential in the advancement of modern cryptography.
Data Execution Prevention A windows feature that uses a CPU's ability to mark sections of a computer's memory as exclusively for data and not for code.
Data Loss Prevention Strategy for making sure that end users do not send sensitive or critical information outside the corporate network
Data Service Unit Piece of telecommunications circuit terminating equipment that transforms digital data between telephone company lines and local equipment
Database Administrator Performs activities to ensure that a database is always available as needed
Default Account An account installed by default on a device or within an operating system with a default set of user credentials that are usually insecure.
Defense in Depth The building up and layering of security measures that protect data from inception, on through storage and network transfer, and lastly to final disposal.
Definition Files Antivirus update files; also known as signature files.
Demilitarized Zone A special area of the network (sometimes referred to as a subnetwork) that houses servers that host information accessed by clients or other networks on the Internet.
Denial of Service A broad term given to many different types of network attacks that attempt to make computer resources unavailable.
DES - Number of Rounds 16
DES Blocksize 64 bits
DES Key Length 56 bits
Destination Network Address Translation Performed on incoming packets, when the firewall translates a public destination address to a private address
Dictionary attack A method of finding a key by trying many commonly used or probable keys
Differential Backup Type of backup that backs up only the contents of a folder that have changed since the last full backup.
Diffie–Hellman Key Exchange A method where two strange computers can agree on a secure password, over a non–secure network, which can subsequently be used for IPSEC encryption. It is the first step of a secure conversation.
Digital Signature A signature that authenticates a document through math, letting the recipient know that the document was created and sent by the actual sender and not someone else.
Digital Signature Algorithm Standard for digital signatures
Digital Subscriber Line Communications medium used to transfer digital signals over standard telephone lines
Directory Traversal Also known as the ../ (dot dot slash) attack is a method of accessing unauthorized parent directories.
Disaster Recovery Plan A plan that details the policies and procedures concerning the recovery and/or continuation of an organization’s technology infrastructure.
Discover Part of the pretrial phase of a lawsuit in which each party through the law of civil procedure can request documents and evidence.
Discretionary Access Control Access control based on identity of subjects or groups to which they belong *Certain subjects (eg ""Owner"") may pass permissions on to any other subject
Disk Duplexing When each disk is connected to a separate controller.
Distributed Denial of Service The intentional paralyzing of a computer network by flooding it with data sent simultaneously from many individual computers
Diversion Theft When a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location.
Diversity of Defense Layers of security should be implemented using dissimilar methods and vendors. Layers should be so dissimilar that if one layer is penetrated, the next layer cannot be penetrated using the same method
DNS Poisoning The modification of name resolution information that should be in a DNS server’s cache.
DNS Zone Transfer One of the many mechanisms available for administrators to replicate DNS databases across a set of DNS servers
Domain Name Kiting The process of deleting a domain name during the five-day grace period (known as the add grace period or AGP) and immediately reregistering it for another five-day period to keep a domain name indefinitely and for free.
Domain Name Service (Server) An Internet service that translates domain names into IP addresses
Dumpster Diving When a person literally scavenges for private information in garbage and recycling containers.
Dynamic Host Configuration Protocol Client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway
Dynamic Link Library Collection of small programs, any of which can be called when needed by a larger program that is running in the computer
Easter Egg A platonic extra added to an OS or application as a sort of joke; the harmless cousin of the logic bomb.
Eavesdropping When a person uses direct observation to “listen” in to a conversation.
Electrically Erasavle Programmable Read–Only Memory Nonvolatile computer memory that can be electrically erased and rewritten repeatedly.
Electromagnetic Interference A disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation.
Electronic Serial Number Unique identification number embedded by manufacturers on a microchip in wireless phones
Elliptic Curve Diffie-Hellman Exchange Anonymous key agreement protocol that allows two parties, each having an elliptic curve public–private key pair, to establish a shared secret over an insecure channel
Elliptic Curve Digital Signature Algorithm Cryptographic algorithm used by Bitcoin to ensure that funds can only be spent by their rightful owners
Elliptic Key Cryptography A type of public key cryptography based on the structure of an elliptic curve.
E–Mail Hoaxes E–mail messages containing false information for the sole purpose of having readers forward the message to others.
Encapsulating Protocol This term includes both the tunneling protocol (PPTP,L2TP) and the encrypting protocol (IPSec,Secure Shell [SSH]) that is wrapped around the original data
Encapsulating Security Payload Ensures the integrity of the data and also the authenticity of the data’s origin
Encrypted File System Enables transparent encryption and decryption of files by using advanced, standard cryptographic algorithms
Encryption The process of changing information using an algorithm (or cipher) into another form that is unreadable by others—unless they possess the key to that data.
Enterprise Resource Planning Process by which a company (often a manufacturer) manages and integrates the important parts of its business
Ethical Hacker An expert at breaking into systems and can attack systems on behalf of the system’s owner and with the owner’s consent.
Event An occurrence within a software system that is communicated to users or other programs outside the operating system.
Explicit Allow When an administrator sets a rule that allows a specific type of traffic through a firewall, often within an ACL.
Explicit Deny When an administrator sets a rule that denies a specific type of traffic access through a firewall, often within an ACL.
Exploit To take advantage of a vulnerability.
Extensible Authentication Protocol Not an authentication mechanism in itself but instead defines message formats. 802.1X would be the authentication mechanism and defines how this is encapsulated within messages.
Extensible Authentication Protocol over IP Makes initial authentication over IP less complicated, but it must be strongly protected by an outside mechanism such as IPSEC AH and ESP.
Extensible Markup Language Markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable
Extranet Networking zone walled off from the general public, but open to certain authenticated hosts. Access to an extranet does not give access to the intranet.
Failopen Mode When a switch broadcasts data on all ports the way a hub does.
Failover Clusters Also known as high-availability clusters, these are designed so that a secondary server can take over in the case that the primary one fails, with limited or no downtime.
False Negative When a system denies a user who actually should be allowed access to the system. For example, when an IDS/IPS fails to block an attack, thinking it is legitimate traffic.
False Positive When a system authenticates a user who should not be allowed access to the system. For example, when an IDS/IPS blocks legitimate traffic from passing on to the network.
False Positives Alarms that are raised when there is no actual abnormal behavior.
False Rejection When a biometric system fails to recognize an authorized person and doesn’t allow that person access.
False Rejection Rate Measure of the likelihood that the biometric security system will incorrectly reject an access attempt by an authorized user
Faraday Cage An enclosure formed by conducting material or by a mesh of such material; it blocks out external static electric fields and can stop emanations from cell phones and other devices within the cage from leaking out.
File Infector Virus A virus that infects program executable files with an .EXE or .COM file extension.
File system Access Control List List of user permissions for a file, folder, or other object
File Transfer Protocol Standard Internet protocol for transmitting files between computers on the Internet over TCP/IP connections.
Fire Suppression The process of controlling and/or extinguishing fires to protect people and an organization’s data and equipment.
Firewall hardware or software designed to prevent malicous packets from entering or leaving the computers; sometimes called a packet filter.
First Responders People who perform preliminary analysis of the incident data and determine whether the incident is an incident or just an event, and the criticality of the incident.
First–Party Cookie A cookie that is created from the web site that a user is currently viewing.
Flash Memory A type of nonvolatile computer memory that can be electrically erased and rewritten repeatedly.
Flashing The process for rewriting the contents of the BIOS.
Fork Bomb An attack that works by creating a large number of processes quickly to saturate the available processing space in the computer’s operating system. It is a type of wabbit.
Forward Confirmed reverse DNS Verifies that an email's originating IP address matches the fqdn used in the email's "from address" by doing a reverse DNS lookup on the IP, a nslookup on the fqdn, and then comparing.
Fraggle A type of DoS similar to the Smurf attack, but the traffic sent is UDP echo traffic as opposed to ICMP echo traffic.
Full Backup Type of backup where all the contents of a folder are backed up.
Full Disk Encryption Encryption of all data on a disk drive, including the program that encrypts the bootable OS partition
Fully Qualified Domain Name Complete domain name for a specific computer, or host, on the Internet. Consists of two parts: the hostname and the domain name
Fuzz Testing When random data is inputted into a computer program in an attempt to find vulnerabilities
Galois Counter Mode Mode of operation for symmetric key cryptographic block ciphers that has been widely adopted because of its efficiency and performance
Generic Routing Encapsulation An IP Prototcol, which can encapsulate, encapsulate IPSEC tunnels, or be encrypted by IPSEC
Geometric Variance Spam that uses "speckling" and different colors so that no two spam e–mails appear to be the same.
Gif Layering Spam that is divided into multiple images but still creates a legible message.
Global Positioning System System of satellites, computers, and receivers that is able to determine the latitude and longitude of a receiver on Earth by calculating the time difference for signals from different satellites to reach the receiver
GNU Privacy Guard Free software replacement for Symantec's PGP cryptographic software suite
Gramm–Leach–Bliley Act A US federal act that requires private data to be protected by banks and other financial institutions.
Grandfather-Father-Son A backup rotation scheme in which three sets of backup tapes must be defined—usually they are daily, weekly, and monthly, which correspond to son, father, and grandfather.
Graphic Processing Unit Programmable logic chip (processor) specialized for display functions. Renders images, animations and video for the computer's screen
Grayware A general term used to describe applications that are behaving improperly but without serious consequences; often describes types of spyware.
Group Policies A microsoft windows feature that provides centralized management and configuration of computers.
Group Policy Object Collection of settings that define what a system will look like and how it will behave for a defined group of users
Guest System A forgein virtual operating system.
Hacker Anyone who illegally breaks into or attempts to break into a computer system; A person who uses advanced computer skills to attack computers but not with malicous intent.
Hard Disk Drive Data storage device that uses magnetic storage to store and retrieve digital information using one or more rigid rapidly rotating disks (platters) coated with magnetic material
Hardening Hardening of the operating system is the act of configuring an OS securely, updating it, creating rules and policies to help govern the system in a secure manner, and removing unnecessary applications and services.
Hardware Security Module A physical device that deals with the encryption of authentication processes, digital signings, and payment processes.
Hash A summary of a file or message. It is generated to verify the integrity of the file or message.
Hash Function A mathematical procedure that converts a variable-sized amount of data into a smaller block of data.
Hashed Message Authentication Code Specific type of message authentication code (MAC) involving a cryptographic hash function and a secret cryptographic key
Health Insurance Portability And Accountability Act A US federal act that requires health care nenterprises to guard protected health information.
Heating, Ventilation and Air Conditioning System used to provide heating and cooling services to buildings
High Availability Systems that are durable and likely to operate continuously without failure for a long time
HMAC-based One Time Password Algorithm relying on two basic things: a shared secret and a moving factor (a.k.a counter)
Hoax The attempt at deceiving people into believing something that is false.
Honeynet One or more computers, servers, or an area of a network, used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network.
Honeypot Generally is a single computer but could also be a file, group of files, or an area of unused IP address space used to attract and trap potential attackers to counteract any attempts at unauthorized access of the network.
Host Intrusion Detection Systems Software that attempts to monitor and possibly prevent attempts to intrude into a system and network resources.
Host System The native operating system to the hardware
Host-based Intrusion Prevention System System or a program employed to protect critical computer systems containing crucial data against viruses and other Internet malware
Hot and Cold Aisles The aisles in a server room or data center that circulate cold air into the systems and hot air out of them. Usually, the systems and cabinets are supported by a raised floor.
Hot Site A near duplicate of the original site of the organization, complete with phones, computers, networking devices, and full backups.
Hot Standby Router Protocol Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway
Hotfix A software update that addresses a specific customer situation and often may not be distributed outside that customer's organization.
HTTP Proxy Caches web pages from servers on the Internet for a set amount of time.
Hypertext Markup Language Set of markup symbols or codes inserted in a file intended for display on a World Wide Web browser page
Hypertext Transfer Protocol Application protocol for distributed, collaborative, and hypermedia information systems. Foundation of data communication for the World Wide Web
Hypertext Transfer Protocol over SSL Communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security, or its predecessor, Secure Sockets Layer
Hypervisor Software that runs on a physical computer and manages one or more virtual machine operating systems.
Identification When a person is in a state of being identified. It can also be described as something that identifies a person such as an ID card.
Identity Proofing An initial validation of an identity.
Identity Provider Provides identifiers for users looking to interact with a system and asserts to such a system that such an identifier presented by a user is known to the provider
Identity Theft Using someone's personal information, such as a SSN to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating.
Image Spam Spam that uses graphical images of text to circumvent text–based spam filters.
Implicit Deny Denies all traffic to a resource unless the users generating that traffic are specifically granted access to the resource
Incident Management The monitoring and detection of security events on a computer network and the execution of proper responses to those security events.
Incident Response A set of procedures that an investigator goes by when examining a computer security incident.
Incident Response Procedure Set of written instructions for detecting, responding to and limiting the effects of an information security event
Incremental Backup Type of backup that backs up only the contents of a folder that have changed since the last full backup or the last incremental backup.
Indirect attack A method of breaking a cryptographic or other system by attacking the implementation of the system/algorithm rather than the system itself
Industrial Control Systems General term that encompasses several types of control systems and associated instrumentation used in industrial production
Information Assurance The practice of managing information–related risks by ensuring CONFIDENTIALITY, INTEGRITY, AUTHENTICITY, AVAILABILITY, AND NON–REPUDIATION. IA is the process of insuring that AUTHORIZED USERS have access to AUTHORIZED INFORMATION at the AUTHORIZED TIME.
Information Lifecycle Management A set of strategies for administering, maintaining, and managing computer storage systems to retain data.
Information Security Protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, and destruction. Protection = Prevention + Detection + Response
Information Systems Security Officer Senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats
Infrastructure as a Service A cloud computing service that offers computer networking, storage, load balancing, routing, and VM hosting.
Inheritance The process by which permissions given to a higher–level "parent" are passed down to a lower–level "child"
Initialization Vector Random number used in combination with a secret key as a means to encrypt data. This number is sometimes referred to as a nonce, or “number occuring once,” as an encryption program uses it only once per session
Input Validation Verifying user input.
Instant Messaging A method of online communication like e–mail except that it is conducted instantaneously in real time.
Integrity Assurance that data is authentic, complete, un–altered, correct, and can be relied upon
Integrity Primitives Evaluation Message Digest Family of cryptographic hash functions developed in Leuven, Belgium, by Hans Dobbertin, Antoon Bosselaers and Bart Preneel at the COSIC research group at the Katholieke Universiteit Leuven, and first published in 1996
Interconnection Security Agreement Agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection
Intermediate Distribution Frame Distribution frame in a central office or customer premises, which cross-connects the user cable media to individual user line circuits
International Data Encryption Algorithm Originally called Improved Proposed Encryption Standard (IPES), a symmetric-key block cipher. An optional algorithm in the OpenPGP standard.
Internet Content Filter Applied as software at the Application Layer and can filter out various types of Internet activities such as websites accessed, e-mail, instant messaging, and more. It is used most often to disallow access to inappropriate web material.
Internet Control Message Protocol Supporting protocol in the Internet protocol suite used by network devices, like routers, to send error messages and operational information indicating, for example, that a requested service is not available or that a host or router could not be reached
Internet key Exchange Used to authenticate the two ends of a secure tunnel by providing a secure exchange of a shared key before IPSec transmissions begin.
Internet Message Access Protocol v4 The current version of internet mail access protocol (IMAP).
Internet of Things Interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data.
Internet Protocol Set of rules governing the format of data sent over the Internet or other network.
Internet Protocol Security A TCP/IP protocol that authenticates and encrypts IP packets, effectively securing communications between computers and devices using the protocol.
Internet Relay Chat Protocol that allows users that connect to servers to have converstaions with others in real time
Internet Service Provider A company that provides subscribers with access to the Internet
Intranet Every part of a network that lies on the inside of the last firewall from the Internet inside of the last firewall from the Internet
Intrusion Detection System Device or software application that monitors a network or systems for malicious activity or policy violations
IP Proxy Secures a network by keeping machines behind it anonymous; it does this through the use of NAT.
Irc Internet Relay Chat An open communication protocol that is used for real–time "chatting" with other IRC users over the Internet. Also used to control zombies.
IT Contingency Plan Plan devised for an outcome other than in the usual (expected) plan. It is often used for risk management when an exceptional risk that, though unlikely, would have catastrophic consequences
IV Attack A type of related-key attack, which is when an attacker observes the operation of a cipher using several different keys, and finding a mathematical relationship between them, allowing the attacker to ultimately decipher data.
Java A complete object–oriented programming language created by sun microsystems that can be used to create standalone applications.
Java Applet A type of smaller java program
Javascript A scripting language that enables developers to create interactive Web sites.
Job Rotation When users are cycled through various assignments.
Just a Bunch Of Disks Type of multilevel configuration for disks that have not been designed for a RAID array. Combines all underlying disks in a computer system or array as a logical unit
Kerberos An authentication protocol that enables computers to prove their identity to each other in a secure manner.
Kerberos Time–based 5 minutes skew in Windows, 10 minutes in other applications. If the client's time is not within the permissible skew, authentication is denied
Kernel Part of the operating system that is responsible for managing the system resources.
Key The essential piece of information that determines the output of a cipher.
Key Distribution Center Performs as a Authentication Server (AS) and a Ticket Granting Server (TGS)
Key Encryption Key Used to encrypt what they call the Master Key, which will be used to encrypt any data that is put in the user's protected storage
Key Escrow When certificate keys are held in case third parties, such as government or other organizations, need access to encrypted communications.
Key Hashing for Message Authentication Code Used to digitally sign packets on IPSec connections
Keylogger A small hardware device or a program that monitors each keystroke a user types on the computer's keyboard.
L Universal Resource Locator Commonly informally termed a web address (a term which is not defined identically). Reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it
LANMAN Hash The original hash used to store Windows passwords, known as LM hash, based off the DES algorithm.
Layer 2 Tunneling Protocol A tunneling protocol used to connect virtual private networks. It does not include confidentiality or encryption on its own. It uses port 1701 and can be more secure than PPTP ifused in conjunction with IPsec.
Layers of Security Multiple barriers working in conjunction help eliminate single points of failure
Least Privilege Give only the absolute minimum rights and privileges needed
Lightweight Directory Access Protocol An Application Layer protocol used for accessing and modifying directory services data.
Lightweight Extensible Authentication Protocol Proprietary wireless LAN authentication method developed by Cisco Systems. Important features are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server).
Live Migration Technology that enables a virtual machine to be moved to a different physical computer with no impact to the users.
Load Balancing Clusters When multiple computers are connected in an attempt to share resources such as CPU, RAM, and hard disks.
Local Area Network Computer network that links devices within a building or group of adjacent buildings.
Log A record of events that occur.
Log Entries Information in a log that contains information related to a specific event that has occured
Log File Monitor An IDS that reads log files to determine if the network is under attack
Log Management The process for generating, transmitting, storing, analyzing, and disposing of computer security log data.
Logic Bomb Malicious software installed by an authorized user that is designed to drop it's payload at a designated time or after a set of conditions ha been met
MAC Filtering A method used to filter out which computers can access the wireless network; the WAP does this by consulting a list of MAC addresses that have been previously entered.
MAC Flooding An attack that sends numerous packets to a switch, each of which has a different source MAC address, in an attempt to use up the memory on the switch. If this is successful, the switch will change state to failopen mode.
Macro A series of commands and instructions that can be grouped as a single command.
Macros Virus A virus written in a scripting language.
Mail Exchange Record An entry in the domain name system that identifies the mail server responsible for handling that domain name.
Main Distribution Frame Signal distribution frame for connecting equipment (inside plant) to cables and subscriber carrier equipment (outside plant)
Malware Malicious software that enters a computer system without the owner's knowledge or consent.
Mandatory Access Control Access control based on levels of sensitivity assigned to objects (Labels) and formal levels of authorization (ie clearance) of subjects.
Man-in-the-Middle Attack An attack in which the attacker will intercept communications between two parties and, sometimes, modify the messages between them
Mantrap An area between two doorways, meant to hold people until they are identified and authenticated.
Many-to-One Mapping When multiple certificates are mapped to a single recipient.
Master Boot Record An area on a hard disk drive that contains the program necessary for the computer to start up and a description of how the hard drive is organized.
Maximum Transmission Unit Largest size packet or frame, specified in octets (eight-bit bytes), that can be sent in a packet- or frame-based network such as the Internet
MD5 Hash Size 128 bits
Mean Time Between Failures Predicted elapsed time between inherent failures of a system during operation
Mean Time To Failure Length of time a device or other product is expected to last in operation
Mean Time To Recover Average time that a device will take to recover from any failure
Memorandum Of Understanding Formal agreement between two or more parties
Message Authentication Code Short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity)
Message-Digest Algorithm 5 A 128-bit key hash used to provide integrity of files and messages.
Metamorphic Virus A virus that alters how it appears to avoid detection
Metropolitan Area Network Network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large local area network (LAN) but smaller than the area covered by a wide area network (WAN)
Microsoft Challenge Handshake Authentication Protocol Microsoft version of the Challenge-Handshake Authentication Protocol, CHAP
Mobile Telecommunications Switching Office The link between the cellular network and the wired telephone world that controls all of the transmitters and base stations in the cellular network.
Monitoring as a Service Provides the option to offload a large majority of those costs by having it run as a service as opposed to a fully invested in house tool
Multifactor Authentication Uses more than one authentication mechanism at the same time (eg ATM card + PIN)
Multi-Protocol Layer Switch Allows most packets to be forwarded at Layer 2 (the switching level) rather than having to be passed up to Layer 3 (the routing level). Each packet gets labeled on entry into the service provider's network by the ingress router.
Mutual Authentication Authentication of both sides of a communication. Helps prevent man–in–the–middle attacks
National Institute of Standards and Technology Measurement standards laboratory, also known as a National Metrological Institute (NMI), which is a non-regulatory agency of the United States Department of Commerce
Near Field Communication Short-range wireless connectivity standard (Ecma-340, ISO/IEC 18092) that uses magnetic field induction to enable communication between devices when they're touched together, or brought within a few centimeters of each other
nessus Tenable Network Security Vulnerability Scanner. Checks for remote cracker; open mail relays; missing patches; default, blank, dictionaly or weak passwords; DoS against the TCP/IP stack and by using mangled packets; etc.
Network Access Control Approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement
Network Address Control Sets the rules by which connections to a network are governed.
Network Address Translation The process of changing an IP address while it is in transit across a router. This is usually so one larger address space (private) can be remapped to another address space, or single IP address (public).
Network Attached Storage A single dedicated hard disk–based file storage device that provides centralized and consolidated disk storae that is available to LAN users through a standard network connection.
Network Intrusion Detection System A type of IDS that attempts to detect malicious network activities—for example, port scans and DoS attacks—by constantly monitoring network traffic.
Network Intrusion Prevention System Designed to inspect traffic, and based on its configuration or security policy, the system can remove, detain, or redirect malicious traffic.
Network Management System The software run on one or more servers that controls the monitoring of network attached devices and computers.
Network Mapping The study of physical and logical connectivity of networks.
Network News Transfer Protocol Predominant protocol used by computer clients and servers for managing the notes posted on Usenet newsgroups.
Network Operating System Computer operating system system that is designed primarily to support workstation, personal computer, and, in some instances, older terminal that are connected on a local area network (LAN)
Network Perimeter The border of a computer network, commonly secured by devices such as firewalls and NIDS/NIPS solutions.
Network Time Protocol Networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks
New Technology File System Proprietary file system developed by Microsoft. Starting with Windows NT 3.1, it is the default file system of Windows NT family
New Technology LAN Manager Suite of Microsoft security protocols that provides authentication, integrity, and confidentiality to users
No Execute A bit setting to designate a part of memory to contain only data, not executable code.
Nonce A random number issued by an authentication protocol that can only be used once.
Non-Disclosure Agreement Contract by which one or more parties agree not to disclose confidential information that they have shared with each other as a necessary part of doing business together
Non-Promiscuous Mode When a network adapter captures only the packets that are addressed to it.
Nonrepudiation A way to guarantee that information received is from the source indicated. This must be legally enforceable. This is usually accomplished by "digitally signing" of messages, computer programs and other data. senders cannot deny they sent a message
NTLM Hash Successor to the LM hash. A more advanced hash used to store Windows passwords, based off the RC4 algorithm.
NTLM2 Hash Successor to the NTLM hash. Based off the MD5 hashing algorithm.
Null Session When used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$).
One Time Pad Considered the MOST difficult symetric (or "private key") encryption to crack. Each file uses a diffferent random number.
One-to-One Mapping When an individual certificate is mapped to a single recipient.
Online Certificate Status Protocol Internet protocol used for obtaining the revocation status of an X.509 digital certificate
Open Authorization Open standard for token-based authentication and authorization on the Internet
Open License Agreement Volume licensing program for small- to mid-sized companies with fewer than 250 desktop computers
Open Mail Relay Also known as an SMTP open relay; it enables anyone on the Internet to send e-mail through an SMTP server.
Open Vulnerability Assessment Language A standard and a programming language designed to standardize the transfer of secure public information across networks and the Internet utilizing any security tools and services available
Operating System The software that supports a computer's basic functions, such as scheduling tasks, executing applications, and controlling peripherals
Operating System Virtualization A virtualized environment in which an entire operating system environment is simulated.
Operational Model of Security Protection = Prevention + Detection + Response
Packet Capture Computer networking term for intercepting a data packet that is crossing or moving over a specific computer network
Packet Filter Another name for a firewall.
Packet Filtering Inspects each packet passing through the firewall and accepts or rejects it based on rules.
Pan-Tilt-Zoom Name given to a type of IP camera where the user can control the movement and position of the lens from a remote location using controls on an Internet browser or software application
Partition Table A table on the hard drive that describes how the hard drive is organized.
Passenger Protocol The original data being carried
Password Authentication Protocol Authentication protocol that uses a password. Used by Point to Point Protocol to validate users before allowing them access to server resources
Password Cracker Software tool used to recover passwords from hosts or to discover weak passwords.
Password-Based Key Derivation Function 2 Applies a pseudorandom function to the input password or passphrase along with a salt value and repeats the process many times to produce a derived key, which can then be used as a cryptographic key in subsequent operations
Patch A general software security update intended to cover vulnerabilities that have been discovered.
Patch Management The planning, testing, implementing, and auditing of patches.
Peer to Peer Computer networks in which each computer can act as a server for the others, allowing shared access to files and peripherals without the need for a central server
Penetration Testing A method of evaluating the security of a system by simulating one or more attacks on that system.
Perfect Forward Secrecy Property of secure communication protocols in which compromise of long-term keys does not compromise past session keys
Performance Baseline A baseline that is established to create the "norm" of performance.
Performance Monitors Hardware or software through which data is accumulated on the normal operations of the systems and networks.
Permanent DoS Attack Generally consists of an attacker exploiting security flaws in routers and other networking hardware by flashing the firmware of the device and replacing it with a modified image.
Permissions File system permissions control what resources a person can access on the network.
Personal Electronic Device Lightweight consumer electronic device that looks like a hand-held computer but instead performs specific tasks
Personal Firewall Applications that protect an individual computer from unwanted Internet traffic; they do so by way of a set of rules and policies.
Personal Identity Verification Common credentialing and standard background investigation process required by Homeland Security Presidential Directive 12 (HSPD-12).
Personal Software Firewall Software that runs as a program on a local system to protect it against attacks.
Personally Identifiable Information Information used to uniquely identify, contact, or locate a person.
Pharming When an attacker redirects one website’s traffic to another bogus and possibly malicious website by modifying a DNS server or hosts file.
Phishing Impersonating a trusted sender to obtain the recipient's logon and other confidential data.
Piggybacking When an unauthorized person tags along with an authorized person to gain entry to a restricted area.
Ping Flood When an attacker attempts to send many ICMP echo request packets (pings) to a host in an attempt to use up all available bandwidth.
Ping Of Death An attack that uses IP packet fragmentation techniques to crash remote systems.
Plain Old Telephone Service The world's collection of interconnected voice-oriented public telephone networks, both commercial and government-owned (Also PSTN)
Platform as a Service A cloud computing service that provides various software solutions to organizations especially the ability to develop applications without the cost or administration of a physical platform.
Pluggable Authentication Modules Mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface (API). It allows programs that rely on authentication to be written independently of the underlying authentication scheme
Point of Presence An access point to the internet, can be in the ISP, external to an ISP, or leased from a carrier or aggregator.
Point-to-Point Protocol Foundation for ALL modern transmission methods. Developed for serial communications (Modem, X.25, and ISDN), but its decendents are everywhere present in network communications.
Point-to-Point Tunneling Protocol Protocol that appears to operate in the Data Link (Layer 2), but the protocol functionally operates in the Session (Layer 5)
Policy Rules or guidelines used to guide decisions and achieve outcomes. They can be written or configured on a computer.
Polymorphic Virus A virus that changes how it appears and encrypts its contents differently each time.
Pop-Up Blocker An application or add-on to a web browser that blocks pop-up windows that usually contain advertisements.
Port Address Translation Like NAT, but it translates both IP addresses and port numbers.
Port Scanner Software used to decipher which ports are open on a host.
Post Office Protocol v3 The current version of Post Office Protocol
Pre-Action Sprinkler System Similar to a dry pipe system, but there are requirements for it to be set off such as heat or smoke.
Pre-Shared Key Shared secret which was previously shared between the two parties using some secure channel before it needs to be used
Pretexting When a person invents a scenario, or pretext, in the hope of persuading a victim to divulge information.
Pretty Good Privacy Uses keys and a secret passphrase to encrypt and decrypt e–mail.
Private Branch Exchange Telephone system within an enterprise that switches calls between enterprise users on local lines while allowing all users to share a certain number of external phone lines
Private Key A type of key that is known only to a specific user or users who keep the key a secret.
Privilege Auditing Reviewing a subject's privileges over and object.
Privilege Escalation The act of exploiting a vulnerability in the software to gain access to resources that the user would normally be restricted from obtaining.
Privilege Management Process of assigning and revoking privileges to objects; it covers the procedures of managing object authorizations.
Programmable Read–Only Memory A chip with which the contents can be overwritten to provide new functionality.
Promiscuous Mode In a network adapter, this passes all traffic to the CPU, not just the frames addressed to it. When the network adapter captures all packets that it has access to regardless of the destination for those packets.
Protected Extensible Authentication Protocol Provides security via server–side PKI certificates
Protocol Analyzer Software tool used to capture and analyze packets.
Proxy Auto Configuration Defines how web browsers and other user agents can automatically choose the appropriate proxy server (access method) for fetching a given URL
Proxy Server A server that sits between an intranet and its Internet connection and handles requests to access internet resources on behalf of intranet clients
Public Key A type of key that is known to all parties involved in encrypted transactions within a given group.
Public Key Cryptography Uses asymmetric keys alone or in addition to symmetric keys. The asymmetric key algorithm creates a secret private key and a published public key.
Public Key Infrastructure An entire system of hardware and software, policies and procedures, and people, used to create, distribute, manage, store, and revoke digital certificates.
Public Switched Telephone Network The world's collection of interconnected voice-oriented public telephone networks, both commercial and government-owned (Also POTS)
Qualitative Risk Assessment An assessment that assigns numeric values to the probability of a risk and the impact it can have on the system or network.
Quantitative Risk Assessment An assessment that measures risk by using exact monetary values.
Radio Frequency Interference Interference that can come from AM/FM transmissions and cell towers.
Rainbow Tables In password cracking, a set of precalculated encrypted passwords located in a lookup table.
Rapid Application Development Suite of software development methodology techniques used to expedite software application development
RC 4 RSA variable length stream cipher
RC 5 RSA variable length block–cipher
RC4 40 or 128 bit stream cipher The most widely used stream cipher, used in SSL and WEP. Simple and fast – but very easy to crack. By Ron Rivest or RSA security
Read Only Memory A chip that cannot be reprogrammed.
Real-time Transport Protocol Network protocol for delivering audio and video over IP networks
Recovery Agent Microsoft Windows user who has been granted the right to decrypt data that was encrypted by other users
Recovery Point Objectives In business impact analysis, the acceptable latency of data.
Recovery Time Objectives In business impact analysis, the acceptable amount of time to restore a function.
Redundant Array of Independent Disks 1 Mirroring. Data is copied to two identical disks. If one disk fails, the other continues to operate.
Redundant Array of Independent Disks 5 Striping with Parity. Data is striped across multiple disks; fault tolerant parity data is also written to each disk.
Redundant Array of Inexpensive Disks Data storage virtualization technology that combines multiple physical disk drive components into a single logical unit for the purposes of data redundancy, performance improvement, or both
Redundant ISP Secondary connections to another ISP; for example, a backup T-1 line.
Redundant Power Supply An enclosure that contains two complete power supplies, the second of which turns on when the first fails.
Registration Authority Authority in a network that verifies user requests for a digital certificate and tells the certificate authority (CA) to issue it
Remote Access Service A networking service that allows incoming connections from remote dial-in clients. It is also used with VPNs.
Remote Authentication Dial-In User Server Used to provide centralized administration of dial-up, VPN, and wireless authentication.
Remote Desktop Protocol Microsoft protocol designed to facilitate application data transfer security and encryption between client users, devices and a virtual network server. It enables a remote user to add a graphical interface to the desktop of another computer.
Remote Triggered Black Hole Filtering Technique that provides the ability to drop undesirable traffic before it enters a protected network
Removable Storage Devices, such as USB flash drives, that can store data from a computer and then be disconnected.
Replay Attack Any attack in which an attacker records an authentication or other credentials, to be replayed later to spoof the secure service
Resident Virus A virus that is loaded into random access memory and can interrupt almost any function executed by the computer operating system and alter it.
Residual Risk The risk that is left over after a security and disaster recovery plan have been implemented.
Return On Investment Used to compare a company's profitability or to compare the efficiency of different investments. Formula = (Net Profit / Cost of Investment) x 100.
Risk The likelihood that a threat agent will exploit a vulnerability.
Risk Acceptance The amount of risk an organization is willing to accept. Also known as risk retention.
Risk Assessment The attempt to determine the amount of threats or hazards that could possibly occur in a given amount of time to your computers and networks.
Risk Avoidance When an organization avoids risk because the risk factor is too great.
Risk Management The identification, assessment, and prioritization of risks, and the mitigating and monitoring of those risks.
Risk Mitigation When a risk is reduced or eliminated altogether.
Risk Reduction When an organization mitigates risk to an acceptable level.
Risk Transference The transfer or outsourcing of risk to a third party. Also known as risk sharing.
Rivest, Shamir and Adleman A public key cryptography algorithm created by Rivest, Shamir, Adleman. It is commonly used in e-commerce.
Role–Based Access Control Access control based on subjects being assigned certain roles. Access control is managed at the role level instead of the subject level.
Rootkit A set of software tools used by an intruder to break into a computer, obtain special privileges to perform unauthorized functions, and then hide all traces of its existence.
RSA Variable Key Size Encryption Algorithm A stream cipher, remarkable for its simplicity and speed in software, but multiple vulnerabilities have been discovered, rendering it insecure
Sag An unexpected decrease in the amount of voltage provided.
Salting The randomization of the hashing process to defend against cryptanalysis password attacks and Rainbow Tables.
Sandbox A restrictive fence that surrounds a java program and keeps it awway from private data and other resources on a local computer.
Sarbanes–Oxley Act A US federal act that enforces reporting requirements and internal controls on electronic financial reporting systems.
Script Kiddie An unskilled user who downloads automated attack software to attack computers.
Scripting Language A computer programming language that is typically interpreted into a language the computer can understand without the need f a compiler.
Secure Code Review An in-depth code inspection procedure.
Secure Coding Concepts The best practices used during the life cycle of software development.
Secure Hash Algorithm A group of hash functions designed by the NSA and published by the NIST, widely used in government
Secure Hypertext Transfer Protocol Obsolete alternative to the HTTPS protocol for encrypting web communications carried over HTTP
Secure Shell A protocol that can create a secure channel between two computers or network devices.
Secure Sockets Layer A cryptographic protocol that provides secure Internet communications such as web browsing, instant messaging, e-mail, and VoIP.
Secure/Multipurpose Internet Mail Extensions Built into most Web browsers. This method of sending e–mail uses RSA encryption.
Secured File Transfer Protocol Network protocol that provides file transfer and manipulation functionality over any reliable data stream
Security Assertions Markup Language XML-based, open-standard data format for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.
Security Content Automation Protocol Method for using specific standards to enable the automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization
Security Information and Event Management software products and services combining security information management (SIM) and security event management (SEM)
Security Log Files Files that log activity of users. They show who did what and when, plus whether they succeeded or failed in their attempt.
Security Policy A document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.
Security Posture The risk level to which a system, or other technology element, is exposed
Security Posture Assessments Assessments that use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems and networks.
Security Template A method to configure a suite of configuration baseline security settings.
Security Tokens Physical devices given to authorized users to help with authentication. These devices might be attached to a keychain or are part of a card system.
Separation of Duties This is when more than one person is required to complete a particular task or operation.
Server Message Block Protocol Network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network
Server Virtualization Creating and managing multiple server operating systems.
Service Level Agreement Part of a service contract where the level of service is formally defined.
Service Pack A cumulative package of all security updates plus additional features.
Service Set Identifier The name of a wireless access point (or network) to which network clients will connect; it is broadcast through the air.
Session Control Protocol Method of creating multiple light-duty connections from a single TCP (Transmission Control Protocol) connection. Several such lightweight connections can be active simultaneously
Session Ticket Authentication Credential from KDC allows client access to resource server
SHA 1 Hash Size 160 bits
Shielded Twisted Pair Special kind of copper telephone wiring used in some business installations. An outer covering or shield is added to the ordinary twisted pair telephone wires; the shield functions as a ground
Short Message Service Text messaging service component of most telephone, World Wide Web, and mobile telephony systems. It uses standardized communication protocols to enable mobile phone devices to exchange short text messages.
Shoulder Surfing When a person uses direct observation to find out a target’s password, PIN, or other such authentication information.
Signature Files Antivirus update files; also known as definition files.
Signature–Based Defense A method that identifies malware on a computer by matching it to an antivirus signature file.
Signature-Based Monitoring Frames and packets of network traffic are analyzed for predetermined attack patterns. These attack patterns are known as signatures.
Signed Java Applet A java applet from a trusted source
Simple Certificate Enrollment Protocol Protocol is used by numerous manufacturers of network equipment and software who are developing simplified means of handling certificates for large-scale implementation to everyday users
Simple Mail Transfer Protocol Internet standard for electronic mail (email) transmission
Simple Network Management Protocol A TCP/IP protocol that monitors network-attached devices and computers. It’s usually incorporated as part of a network management system.
Simple Object Access Protocol Messaging protocol that allows programs that run on disparate operating systems (such as Windows and Linux) to communicate using Hypertext Transfer Protocol (HTTP) and its Extensible Markup Language (XML)
Single Loss Expectancy Monetary value expected from the occurrence of a risk on an asset. It is related to risk management and risk assessment
Single Point of Failure An element, object, or part of a system that, if it fails, will cause the whole system to fail.
Single Sign-On When a user can log in once but gain access to multiple systems without being asked to log in again.
Skipjack Blocksize 64 bits
Skipjack Key Length 80 bits
Small Computer System Interface Set of parallel interface standards developed by the American National Standards Institute (ANSI) for attaching printers, disk drives, scanners and other peripherals to computers
SMTP Open Relay An uncontrolled smtp relay
SMTP Relay Forwarding e–mail sent from an email client to a remote domain through an smtp server.
Smurf Attack A non–OS–specific attack that uses a third party's network segment to overwhelm a host with a flood of Internet Control Message Protocol (ICMP) packets.
Snap–In A software modue that provides administrative capabilities for a device.
Sniffing Listening–in on all of the traffic on the network. Watch for key strings before beginning a capture; most also have the capability of translating the machine language of the network into human–readable form, and interpret it
SNMP Agent Software deployed by the network management system that is loaded on managed devices. The software redirects the information that the NMS needs to monitor the remote managed devices.
snoop Solaris built in sniffer
Social Engineering Con–artistry. An indirect attack on a system that relies on the inherent trusting nature, or gullibility of human beings.
Software as a Service A cloud computing service where users access applications over the Internet that are provided by a third party.
Software Development Life Cycle Methodology Term used in systems engineering, information systems and software engineering to describe a process for planning, creating, testing, and deploying an information system
Solid State Drive All-electronic storage device that is an alternative to a hard disk
Spam Unsolicited e–mail.
Spam over Internet Messaging Unsolicited bulk messages broadcast over VoIP (Voice over Internet Protocol) to phones connected to the Internet
Spear Phishing A type of phishing attack that targets particular individuals.
Special Hazard Protection System A clean agent sprinkler system such as FM-200 used in server rooms.
Spike A short transient in voltage that can be due to a short circuit, tripped circuit breaker, power outage, or lightning strike.
Spoofing Making data look like it's coming from a different source than it is.
Spy A person who has been hired to break into a computer and steal information.
Spyware A general term used to describe software that violates a user's personal security
SQL Injection An injection attack that uses structered query language
Standby Generator Systems that turn on automatically within seconds of a power outage.
Stateful Packet Inspection Type of packet inspection that keeps track of network connections by examining the header in each packet
Static Network Address Translation When a single private IP address translates to a single public IP address. This is also called one-to-one mapping.
Steganography he science (and art) of writing hidden messages; it is a form of security through obscurity.
Storage And Retention Policies Policies that outline the requirements for data storage.
Storage Area Network A specialized high–speed network for attaching servers to storage devices
Stream Cipher A symmetric key cipher where plaintext bits are combined with a pseudo–random cipher bit stream. Typically very fast, with little system impact – but it is highly suscpetable to cracking, because of the pseudo–random key
Structured Exception Handler mechanism for handling both hardware and software exceptions.
Structured Query Language Standard computer language for relational database management and data manipulation
Subscriber Identity Module Integrated circuit that is intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices
Supplicant The user or client that wants to be authenticated
Surge Means that there is an unexpected increase in the amount of voltage provided.
Swarm Downloading parts of a bittorrent file simultaneously from multiple users.
Symmetric Key Algorithm A class of cipher that uses identical or closely related keys for encryption and decryption.
SYN Flood / SYN Attack DOS attack exploiting the TCP 3–way handshake. A multitude of SYN requests are sent to the target. The target responds with a SYN/ACK and waits for a default period for an ACK. The attacker will never reply
Synchronous Optical Network Technologies Standardized digital comms protocol that is used to transmit a large volume of data over relatively long distances using a fiber optic medium. Multiple digital data streams are transferred at the same time over optical fiber using LEDs and laser beams
System Control and Data Acquisition Control system architecture that uses computers for high-level process supervisory management, but uses other peripheral devices such as programmable logic controllers and discrete PID controllers to interface to the process plant or machinery.
System Events Operational actions that are performed by the operating system.
System Integrity Verifier An IDS that notifies when essential files have changed
System Monitoring A low–level systme program that uses a notification engine designed to monitor and track down hidden activity on a desktop system, server, pda or cell phone.
Systems Development Life Cycle The process of creating systems and applications, and the methodologies used to do so.
Tailgating A type of piggybacking where an unauthorized person follows an authorized person into a secure area, without the authorized person’s consent.
TCP 3–way Handshake SYN –> <– SYN/ACK ACK/SYN –> Establishes a "Session" between two computers over a network.
TCP Reset Attack Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.
TCP/IP Hijacking When a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access.
tcpdump Unix built in sniffer
Teardrop Attack A type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.
Telnet Standard, insecure TCP/IP remote terminal session protocol
TEMPEST Refers to the investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization.
Temporal Key Integrity Protocol An algorithm used to secure wireless computer networks; meant as a replacement for WEP.
Terminal Access Controller Access Control System A remote authentication protocol similar to RADIUS used more often in UNIX networks.
Terminal Access Controller Access Control System Plus Protocol developed by Cisco and released as an open standard beginning in 1993. Handles authentication, authorization, and accounting (AAA) services
Third–Party Cookie A cookie that is used by a web site other than the site that created it.
Threat An event or action that may defeat the security measures in place and result in a loss.
Threat Agent A person or thing that has the power to carry out a threat.
Ticket Authentication Server One of the components of Kerberos. Issues a TGT (Ticket Granting Ticket), which the client can use in future communications with Kerberos to prove pre–authentication and obtain
Ticket Granting Ticket Cached Authentication Credential from TGS allows client to request Session Ticket
Tickets Part of the authentication process used by Kerberos.
Time Bomb Trojans set off on a certain date.
Time-based One-Time Password Temporary passcode, generated by an algorithm, for use in authenticating access to computer systems. The algorithm that generates each password uses the current time of day as one of its factors, ensuring that each password is unique
Time-of-Day Restriction When a user’s logon hours are configured to restrict access to the network during certain times of the day and week.
Token Hardware device used in authentication (something you have)
Torrents Active internet connections that download a specific file through a bittorrent.
Towers of Hanoi A backup rotation scheme based on the mathematics of the Towers of Hanoi puzzle. Uses three backup sets. For example, the first tape is used every second day, the second tape is used every fourth day, and the third tape is used every eighth day.
Tracker A server program operated by the person or organization who wants to share a bittorrent file.
Transaction Signature Computer networking protocol used primarily by the Domain Name System (DNS) to provide a means of authenticating updates to a DNS database
Transmission Control Protocol/Internet Protocol Basic communication language or protocol of the Internet. It can also be used as a communications protocol in a private network
Transport Layer Security New version of ssl
Transport Mode IPSec Mode where only the data(payload) is encrypted
Trap Door Code segments that were deliberatedly coded into the security or OS, to be used by the coder at a future date. Modern hyjacking methods sometimes allow intruders to "patch" a trapdoor, then return later to exploit it.
Triple Data Encryption Standard Similar to DES but applies the cipher algorithm three times to each cipher block.
Trivial File Transfer Protocol Simple protocol used for transferring files. Uses the User Datagram Protocol (UDP) to transport data from one end to another. Mostly used to read and write files/mail to or from a remote server
Trojan Malicious software that masquerades as useful software. Rely on the end–user to run them.
Trojan Horse Applications that appear to perform desired functions but are actually performing malicious functions behind the scenes.
Trojan Horses A program advertised as performing one activity but actually doing something else, or performing both the advertised and malicious activities.
Trusted Computer System Evaluation Criteria A DoD standard that sets basic requirements for assessing the effectiveness of computer security access policies. Also known as The Orange Book.
Trusted Platform Module International standard for a secure cryptoprocessor, which is a dedicated microcontroller designed to secure hardware by integrating cryptographic keys into devices
Tunnel Mode IPSec Mode where data and IP headers are encrypted
Tunneling The encapsulation of one packet in another, The inner packet is often encrypted and could not be forwarded by standard routers. The outer packet looks like a standard packet which can be handled by typical routers
UDP Flood Attack A similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. It is enticing to attackers because it does not require a synchronization process.
Unified Extensible Firmware Interface Specification that defines a software interface between an operating system and platform firmware
Unified Threat Management Term to describe a category of security appliances which integrates a range of security features into a single appliance. Combine firewall, gateway anti-virus, and intrusion detection and prevention capabilities into a single platform
Uniform Resource Identifier String of characters used to identify a resource. Such identification enables interaction with representations of the resource over a network, typically the World Wide Web, using specific protocols
Uninterruptable Power Supply Takes the functionality of a surge suppressor and combines that with a battery backup, protecting computers not only from surges and spikes, but also from sags, brownouts, and blackouts.
Universal Serial Bus Common interface that enables communication between devices and a host controller such as a personal computer (PC)
Unshielded Twisted Pair Most common kind of copper telephone wiring. To reduce crosstalk or electromagnetic induction between pairs of wires, two insulated copper wires are twisted around each other
USA Patriot Act A US federal act that broadens the surveillance of law enforcement agencies to enhance the detection and suppression of terrorism.
Usage Auditing The process of examining whihc subjects are accessing specific objects and how frequently.
User Acceptance Testing Last phase of the software testing process where actual software users test the software to make sure it can handle required tasks in real-world scenarios, according to specifications
User Account Control A security component of Windows Vista that keeps every user (besides the actual Administrator account) in standard user mode instead of as an administrator with full administrative rights—even if they are a member of the administrators group.
User Datagram Protocol Part of the Internet Protocol suite used by programs running on different computers on a network. Used to send short messages called datagrams but overall, it is an unreliable, connectionless protocol
Vampire Tap A device used to add computers to a 10BASE5 network. It pierces the copper conductor of a coaxial cable and can also be used for malicious purposes.
Variable Length Subnet Masking Means to specify a different subnet mask for the same network number on different subnets. A network administrator can use a long mask on networks with few hosts and a short mask on subnets with many hosts
Video Teleconferencing Telecommunication in the form of a videoconference.
Virtual Local Area Network Any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2)
Virtual Local Area Network Hopping The act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.
Virtual Machine A self–contained software environment.
Virtual Private Network An encrypted tunnel between two nodes over a public network.
Virtualization A means of managing and presenting computer resources by function without regard to their physical layout or location.
Virtualization Desktop Infrastructure Virtualization technology that hosts a desktop operating system on a centralized server in a data center.
Virus A program that secretly attaches itself to a legitimate "carrier," such as a document or program, and then executes when that document is open or the program is launched.
Vishing A type of phishing attack that makes use of telephones and VoIP.
Voice over IP Methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet
VPN Concentrator A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN.
Vulnerability A weakness that allows a threat agent to bypass security.
Vulnerability Assessment Baselining of the network to assess the current security state of computers, servers, network devices, and the entire network in general.
Vulnerability Management The practice of finding and mitigating software vulnerabilities in computers and networks.
Vulnerability Scanning The act of scanning for weaknesses and susceptibilities in the network and on individual systems.
Wardialing The act of scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to computer networks.
Wardriving The act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna, often a particularly strong antenna.
Warm Site This will have computers, phones, and servers, but they might require some configuration before users can start working on them.
Web of Trust A decentralized model used for sharing certificates without the need for a centralized CA.
Web-Application Firewall Application firewall for HTTP applications that applies a set of rules to an HTTP conversation
WEP High Security Key Size 128 bits
WEP Low Security Key Size nominally 64 bits
Wet Pipe Sprinkler System Consists of a pressurized water supply system that can deliver a high quantity of water to an entire building via a piping distribution system.
Whaling A phishing attack that targets senior executives.
WiFi Protected Access A security protocol created by the Wi-Fi Alliance to secure wireless computer networks, more secure than WEP.
WiFi Protected Setup Network security standard to create a secure wireless home network
Wired Equivalent Privacy Can be cracked by modern equipment in minutes. Superceeded by WPA and WPA2. It is still being used widely (probably obsolete equipment or ease of implementation)
Wireless Access Point Networking hardware device that allows a Wi-Fi compliant device to connect to a wired network. Usually connects to a router (via a wired network) as a standalone device, but it can also be an integral component of the router itself
Wireless Intrusion Detection System Network device that monitors the radio spectrum for the presence of unauthorized access points
Wireless Intrusion Prevention System Network device that automatically take countermeasures to unauthorized access points
Wireless TLS Security level for Wireless Application Protocol (WAP) applications
wireshark Free network sniffer (formerly ethereal, just renamed because or a copyright suite). Very similar to Unix TCPDUMP
Wiretapping Tapping into a network cable in an attempt to eavesdrop on a conversation or steal data.
Word Splitting Spam that horizontally separates words so that they can still be read by the human eye.
Worm Malicious, self–replicating software that runs stand–alone/without the need for a host file or a willing user to propogate it.
X.509 A common PKI standard developed by the ITU-T that incorporates the single sign-on authentication method.
Zero Day A vulnerability that is not known to the security public and therefore no protections, patches, or detection signatures exist for it
Zero Day Attack An attack that occurs when an attacker discovers and exploits a previously unknown flaw, providing "zero days" of warning.
Zombie Computer under the control of an attacker.
Created by: ccman1