Term | Definition |
Acceptable Use Policy (AUP) | A document that explains to users what they can and cannot do on the corporate network or with company data, and the penalties for violations. |
Access Control List (ACL) | A record or list of the resources (for example, a printer, folder, or file) that a user, device, or program has access to on a corporate network, server, or workstation. |
Anti-Malware Software | Utility software that can prevent infection, scan a system, and detect and remove all types of general malware, including viruses, spyware, worms, and rootkits. |
Antivirus Software | Utility software that can prevent infection, scan a system, and detect and remove viruses. |
ATA Secure Erase | Standards developed by the American National Standards Institute (ANSI) that dictate how to securely erase data from solid-state devices such as a USB flash drive or SSD drive in order to protect personal privacy. |
Biometric Authentication | To authenticate to a network, computer, or other computing device by means of biometric data, such as a fingerprint or retinal data. Touch ID on an iPhone or face lock on an Android device can perform biometric authentication |
Biometric Device | An input device that inputs biological data about a person; the data can identify a person's fingerprints, handprints, face, voice, eyes, and handwriting. |
BitLocker Drive Encryption | A utility in Windows 8/7/Vista that is used to lock down a hard drive by encrypting the entire Windows volume and any other volume on the drive. |
BitLocker To Go | A Windows utility that can encrypt data on a USB flash drive and restrict access by requiring a password. |
Botnet | A network of zombies or robots. Also see zombie |
Brute Force Attack | A method to hack or discover a password by trying every single combination of characters. |
BYOD (Bring your own device) | A corporate policy that allows employees or students to connect their own devices to the corporate network. |
Cellular network analyzer | Software and hardware that can monitor cellular networks for signal strength of cell towers, wireless access points (WAPs), and repeaters, which can help technicians better position antennas in a distributed antenna system |
Certificate of Destruction | Digital or paper documentation, which ensures that data has been destroyed beyond recovery |
Certification Authority (CA) | An organization, such as VeriSign, that assigns digital certificates or digital signatures to individuals or organizations. |
Chain of Custody | Documentation that tracks evidence used in an investigation and includesexactly what, when, and from whom the evidence was collected, the condition of the evidence, and how the evidence was secured while in possession of a responsible party. |
Commercial License | As applied to software, the rights to use the software, which have been assigned to the user by the software vendor. Also see closed source. |
Computer Infestation | Any unwanted program that is transmitted to a computer without the user's knowledge and that is designed to do varying degrees of damage to data and software. Also called malware. |
Copyright | The right to copy the work that belongs to the creators of the works or others to whom the creator transfers this right. |
Data Loss Prevention (DLP) | Methods that protect corporate data from being exposed or stolen; for example, software that filters employee email to verify privacy laws are not accidentally or intentionally being violated. |
Degausser | A machine that exposes a magnetic storage device such as a hard drive or tape drive to a strong magnetic field to completely erase the data on the storage device |
Dictionary Attack | A method to discover or crack a password by trying words in a dictionary. |
Digital Certification | A code used to authenticate the source of a file/doc or to identify and authenticate a person sending data over a network. The code is assigned by a certificate authority and includes a public key for encryption Also called digital ID or digital signature |
Digital Rights Management (DRM) | Software and hardware security limitations meant to protect digital content and prevent piracy. |
Email Filtering | To search incoming or outgoing email messages for matches kept in databases, searching for known scams and spammers to protect against social engineering. |
Email Hoax | An email message that is trying to tempt you to give out personal information or trying to scam you. |
Encrypted File System (EFS) | A way to use a key to encode a file or folder on an NTFS volume to protect sensitive data. Because it is an integrated system service, EFS is transparent to users and applications. |
End User License Agreement (EULA) | A digital or printed statement of your rights to use or copy software, which you agree to when the software is installed. |
Enterprise License | A license to use software that allows an organization to install multiple instances of the software. Also called site license. |
Entry Control Roster | A list of people allowed into a restricted area and a log of any approved visitors that is used and maintained by security guards. |
Gpresults | The Windows command to find out group policies that are currently applied to a system for the computer or user. |
Gpupdate | The Windows command to refresh local group policies as well as group policies set in Active Directory on a Windows domain. |
Grayware | A program that is potentially harmful or potentially unwanted. |
Intrusion Detection System (IDS) | Software that can run on a UTM (Unified Threat Management) appliance, router, server, or workstation to monitor all network traffic and create alerts when suspicious activity happens. |
Intrusion Prevention System (IPS) | Software that can run on a UTM (Unified Threat Management) appliance, router, server, or workstation to monitor all network traffic, create alerts, and prevent the threatening traffic from burrowing into the system. |
Key Fob | A device, such as a type of smart card, that can fit conveniently on a key chain. |
Keylogger | A type of spyware that tracks your keystrokes, including passwords, chat room sessions, email messages, documents, online purchases, and anything else you type on your computer. |
Local Security Policy | A Windows Administrative Tools snap-in in Control Panel that can manage the group of policies in the Local Computer Policy, Computer Configuration, Windows Settings, Security Settings group of Group Policy. |
Local Users and Groups | For business and professional editions of Windows, a Windows utility console (lusrmgr.msc) that can be used to manage user accounts and user groups. |
LoJack | A technology by Absolute Software used to track the whereabouts of a laptop computer and, if the computer is stolen, lock down access to the computer or erase data on it. The technology is embedded in the UEFI/BIOS of many laptops |
Malicious Software | Any unwanted program that is transmitted to a computer without the user's knowledge and that is designed to do varying degrees of damage to data and software. Also called malware or computer infestation malware |
Malware | Any unwanted program that is transmitted to a computer without the user's knowledge and that is designed to do varying degrees of damage to data and software. Also called computer infestation. |
Malware Definition | Information about malware that allows anti-malware software to detect and define malware. Also called a malware signature. |
Malware Encyclopedia | Lists of malware, including symptoms and solutions, often maintained by manufacturers of anti-malware and made available on their websites. |
Malware Signature | Information about malware that allows anti-malware software to detect and define malware. Also called a malware definition |
Man-in-the-Middle Attack | An attack that pretends to be a legitimate website, network, FTP site, or person in a chat session in order to obtain private information. |
Mantrap | A security technique of using two doors on either end of a small entryway where the first door must close before the second door can open. A separate form of identification might be required for each door. |
Multifactor Authentication (MFA) | To use more than one method to authenticate access to a computer, network, or other resource. |
Mutual Authentication | To authenticate in both directions at the same time, as both entities confirm the identity of the other. |
Network Places Wizard | A Windows utility (netplwiz.exe) that can be used to change the way Windows sign-in works and to manage user accounts, including changing passwords and changing the group membership of an account. |
Next-Generation Firewall (NGFW) | A firewall that combines firewall software with anti-malware software and other software that protects resources on a network. |
Noncompliant System | A system that violates security best practices, such as out-of-date anti-malware software or no anti-malware software installed. |
Personal License | A license to use software that gives the right to install one instance of the software. |
Phishing | Sending an email message with the intent of getting the user to reveal private information that can be used for identity theft. Also see spear phishing and spoofing. |
Privacy Filter | A device that fits over a monitor screen to prevent other people from viewing the monitor from a wide angle. |
Quarantined Computer | A computer that is suspected of infection and is not allowed touch the network, is put on a different network dedicated to quarantined computers, or is allowed to access only certain network resources. |
Ransomware | Malware that holds your computer system hostage with encryption techniques until you pay money or a time period expires when the encrypted content is destroyed. |
Remote Backup Application | A cloud backup service on the Internet that backs up data to the cloud and is often used for laptops, tablets, and smart phones. |
Remote Wipe | Remotely erases all contacts, email, photos, and other data from a device to protect your privacy. |
RFID Badge | A badge worn by an employee and used to gain entrance into a locked area of a building. A Radio Frequency Identification token transmits authentication to the system when the token gets in range of a query device. |
Root Certificate | The original digital certificate issued by a Certification Authority. |
Rootkit | A type of malicious software that loads itself before the OS boot is complete and can hijack internal Windows components so that it masks information Windows provides to user-mode utilities such as File Explorer or Task Manager. |
Security Token | A smart card or other device that is one factor in multifactor authentication or can serve as a replacement for a password. |
Shoulder Surfing | As you work, other people secretly peek at your monitor screen to gain valuable information. |
Site License | license that allows a company to install multiple copies of software, or to allow multiple employees to execute the software from a file server. Also called enterprise license. |
Smart Card | Any small device that contains authentication information that can be keyed into a sign-in window or read by a reader to authenticate a user on a network. |
Smart Card Reader | A device that can read a smart card used to authenticate a person onto a network. |
Social Engineering | The practice of tricking people into giving out private information or allowing unsafe programs into the network or computer |
Software Piracy | The act of making unauthorized copies of original software, which violates the Federal Copyright Act of 1976. |
Spear Phishing | A form of phishing where an email message appears to come from a company you already do business with. See also phishing. |
Spoofing | A phishing technique where you are tricked into clicking a link in an email message, which takes you to an official-looking website where you are asked to enter your user ID and password to enter the site. See also phishing. |
Spyware | Malicious software that installs itself on your computer or mobile device to spy on you. It collects personal information about you that it transmits over the Internet to web-hosting sites that intend to use your personal data for harm. |
Strong Password | A password that is not easy to guess. |
Tailgating | When someone who is unauthorized follows an employee through a secured entrance to a room or building. |
TPM (Trusted Platform Module) | A chip on a motherboard that holds an encryption key required at startup to access encrypted data on the hard drive. Windows BitLocker Encryption can use the TPM chip. |
Trojan | A type of malware that tricks you into downloading and/or opening it by substituting itself for a legitimate program. |
Unified Threat Management (UTM) | A computer, security appliance, network appliance, or Internet appliance that stands between the Internet and a private network and runs firewall, anti-malware, and other software to protect the network. |
User Accounts | A Windows utility (netplwiz.exe) that can be used to change the way Windows sign-in works and to manage user accounts, including changing passwords and changing the group membership of an account. Also called Network Places Wizard. |
Virus | A program that often has an incubation period, is infectious, and is intended to cause damage. A virus program might destroy data and programs. |
Wi-Fi Analyzer | Hardware and/or software that monitors a Wi-Fi network to detect devices not authorized to use the network, identify attempts to hack transmissions, or detect performance and security vulnerabilities. |
Windows Defender | Anti-malware software embedded in Windows 8 that can detect, prevent, and clean up a system infected with viruses and other malware. Antispyware utility included in Windows 8/7/Vista. |
Windows Firewall | A personal firewall that protects a computer from intrusion and is automatically configured when you set your network location in the Network and Sharing Center. |
Worm | An infestation designed to copy itself repeatedly to memory, on drive space, or on a network, until little memory, disk space, or network bandwidth remains. |
Zero-Day Attack | When a hacker discovers and exploits a security hole in software before the developer of the software can develop and provide a protective patch to close the hole. |
Zombie | A computer that has been hacked, and the hacker is using the computer to run repetitive software in the background without the knowledge of its user. Also see botnet. |