Term | Definition |
Access List | A paper or electronic record of individuals who have permission to enter a secure area the time they entered and the time they left the area |
Activity Phase Controls | Subtypes of security controls classified as deterrrent preventive detective compensation or corrective |
Administrative Control | Process for developing and ensuring that policies and procedures are carried out specifying actions that users may do must do or cannot do |
Alarm | An audible sound to warn a guard of an intruder |
Antispywar | software that can examine a computer for an infections as weel as a monitor computer activity scan new documents that might contain a virus |
Antivirus | software that can examine a computer for an infections as welll as as monitor computer activity |
Barricade | A structure designed to block the passage of traffic |
Bayesian Filtering | Spam filting software that analyzing every word in an email and determines how frequntly a word occurs in order to determine if it is spam |
Big Data | a collection of data sets so large and complex that it becomes difficult to process using on hand database management tools or traditional data processing application |
Blacklist | permitting eveything unless it appears on the list of nonapproved senders |
Cable Lock | A device that can be inserted into the security slot of a portable device and roated so that the lock is secured to the device preventing it from being stolen |
Client Side Validation | having the client web browser perform all validations and error recovery procedures |
CCTV | Closed circuit television |
Compensating Control | Control that is intended to mitigate or lessen the damage caused by an incident |
XSRF | Cross site request forgery |
Data At Rest | Data that is stored on electronic media |
Data In Transit | Data that is in transit across a netwrok such as an email sent across the internet |
Data In Use | A state of data in which actions upon it atr being performed by endpoint devices |
DLP | Data lose prevention |
Deadbolt Lock | A doorlock that extends a solid metal bar into the door frame for extra security |
Detective Control | A control that is designed to identify any threat that has reached the sytem |
Deterrent Control | A control that attempts to discourage security violations before they occur |
Embedded System | A computer system with a dedicated function within a larger electrical or mechanical system |
Errors | Faults in a program that occur while the application is running. Also called exemptions |
Exemptions | another word for errors |
Fencing | Securing a restricted area by erecting a barrier |
Firewall | Hardware or software that is designed to prevent malicious packets from entering of leaving computers |
Fuzz Testing | A software testing technique that deliberately provides invalid unexpected or random data as inputs to a computer program |
Guard | A human who is an active security element |
Host Based Application Firewall | A firewall that runs as a program on a local system |
Hotfix | Software that addresses a specific customer situation and often may not be distributed outside the customers organization |
Input Validation | Verifying a users input to an application |
Lighting | Lights that illuminate an area so that it can be viewed after dark |
Locking Cabinet | A rugged steel box with a lock |
Mainframe | A very large computing system that has significant processing capabilities |
Mantrap | A device that monitors and controls two interlocking doors to a small room designed to seperate secure and non secure areas |
Motion Detection | Determining an objects change in position in related to its surrounding |
NoSQL | a nonrelational database that is better tuned for accessing large data sets |
NoSQL vs. SQL Databases | an argument regarding which database technology is superior. also called sql vs no sql |
OS Hardening | Tightening security during the design and coding of the OS |
Packet Filter | Hardware or software that is designed to prevent malicious packets from entering or leaving computers also called firewall |
Patch | A general software update intended to cover vulnerabilities that have been discovered |
Popup Blocker | Either a program or a feature incorporated within a browser that stops popup advertisements from appearing |
Preventative Controls | A control that attempts to prevent the threat from coming in and reaching contact with the vulnerability |
PDS | Protected Distribution System |
Proximity Reader | A device that detects an emitted signal in order to identify the owner |
Safe | A ruggedized steel box with lock |
SCADA | Supervisory Control And Data Acquistion |
Security Control | Any device or process that is used to reduce risk |
Security Policy | A document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information safe |
Server Side Validation | Having the server perform all validations and error recovery procedures |
Service Pack | Software that is a cumulative package of all security updates plus additional features |
Sign | A written placard that explains a warning such as a notice the area is restricted |
Smart Phone | A cell phone with an operating system that allows it to run third party scripts |
SQL vs NoSQL | Same as NoSQL databases vs SQL Databases |
Static Enviroment | Devices in which additional hardware cannot easily be added or attached |
Technical Controls | Security Controls that are carried out or managed by devices |
Trusted OS | An OS that has been designed through OS hardening |
Video Surveillance | Monitoring activity that is captured by a video camera |
Whitelist | Permitting nothing unless it appears on the list |
Wrapper Function | A substitute for a regular function that is used in testing |