Security

This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.

Authentication and access control

Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • What is Extensible Authentication Protocol (EAP)?

    Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.

  • What is acceptable use policy (AUP)?

    An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to or use of a corporate network, the internet or other computing resources.

  • What is identity governance and administration (IGA)?

    Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise.

View All Authentication and access control Definitions

Compliance, risk and governance

This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.

  • What is augmented intelligence?

    Augmented intelligence is the use of technology to enhance a human's ability to execute tasks, perform analysis and make decisions.

  • What is compliance risk?

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting from its failure to act in accordance with industry laws and regulations, internal policies or prescribed best practices.

  • What is records management?

    Records management is the supervision and administration of digital or paper records, regardless of format.

View All Compliance, risk and governance Definitions Back to Top

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • What is a session key?

    A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.

  • What is cipher block chaining (CBC)?

    Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.

  • What is IPsec (Internet Protocol Security)?

    IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.

View All Network security Definitions Back to Top

Security Admin

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

View All Security Admin Definitions Back to Top

Threat management

Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • What is a session key?

    A session key is an encryption and decryption key that is randomly generated to ensure the security of a communications session between a user and another computer or between two computers.

  • What is cipher block chaining (CBC)?

    Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.

  • What is obfuscation and how does it work?

    Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program.

View All Threat management Definitions Back to Top