Browse Definitions :

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

802 - DEC

  • 802.11x - 802.11x refers to a group of evolving wireless local area network (WLAN) standards that are under development as elements of the IEEE 802.
  • AAA server (authentication, authorization and accounting) - An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization and accounting (AAA) services.
  • access control list (ACL) - An access control list (ACL) is a list of rules that specifies which users or systems are granted or denied access to a particular object or system resource.
  • access log - An access log is a list of all requests for individual files -- such as Hypertext Markup Language files, their embedded graphic images and other associated files that get transmitted -- that people or bots have made from a website.
  • AccessEnum - AccessEnum is a free Sysinternals tool that offers administrators a view of the full file system and registry security settings to ensure that users have appropriate permissions to access files and directories.
  • active attack - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target.
  • Active Directory domain (AD domain) - An Active Directory domain is a collection of objects within a Microsoft Active Directory network.
  • Active Directory forest (AD forest) - An Active Directory forest is the highest level of organization within Active Directory.
  • Active Directory tree - An Active Directory (AD) tree is a collection of domains within a Microsoft Active Directory network.
  • active reconnaissance - Active reconnaissance is a type of computer attack in which an intruder engages with the targeted system to gather information about vulnerabilities.
  • Advanced Encryption Standard (AES) - The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.
  • air gap (air gapping) - An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection.
  • Amazon VPC traffic mirroring - Traffic mirroring is a feature for Amazon Virtual Private Cloud (Amazon VPC).
  • anti-replay protocol - The anti-replay protocol provides Internet Protocol (IP) packet-level security by making it impossible for a hacker to intercept message packets and insert changed packets into the data stream between a source computer and a destination computer.
  • antivirus software (antivirus program) - Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.
  • application blacklisting - Application blacklisting, sometimes just referred to as blacklisting, is a network administration practice used to prevent the execution of undesirable programs.
  • application whitelisting - Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.
  • asymmetric cryptography (public key cryptography) - Asymmetric cryptography, also known as public-key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use.
  • asymmetric cyber attack - An asymmetric cyber attack refers to cyberwarfare that inflicts a proportionally large amount of damage compared to the resources used by targeting the victim's most vulnerable security measure.
  • attack surface - An attack surface is defined as the total number of all possible entry points for unauthorized access into any system.
  • attack vector - An attack vector is a path or means by which an attacker or hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome.
  • authenticated security scan - An authenticated security scan is vulnerability testing performed as a logged in (authenticated) user.
  • authentication - Authentication is the process of determining whether someone or something is, in fact, who or what it says it is.
  • authentication server - An authentication server is an application that facilitates the authentication of an entity that attempts to access a network.
  • authentication, authorization, and accounting (AAA) - Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
  • authorization - Authorization is the process of giving someone permission to do or have something.
  • Automatic Identification and Data Capture (AIDC) - Automatic Identification and Data Capture (AIDC) is a broad set of technologies used to collect information from an object, image or sound without manual data entry.
  • backdoor (computing) - A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.
  • backscatter spam - Backscatter spam, also called misdirected bounce spam or NDR spam, is a strategy for sending unsolicited email messages that takes advantage of the fact that certain types of mail transfer agent (MTA) programs return the entire message to the sender when a recipient's email address is invalid.
  • biometric verification - Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits.
  • biometrics - Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.
  • BIOS rootkit - A BIOS-level rootkit is programming that exists in a system's memory hardware to enable remote administration.
  • BIOS rootkit attack - A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code.
  • black hat hacker - A black hat hacker has been historically used to describe one who has malicious intent -- such as theft of information, fraud or disrupting systems -- but increasingly, more specific terms are being used to describe those people.
  • blacklist - A blacklist, in IT, is a collection of entities that are blocked from communicating with or logging into a computer, site or network.
  • blended threat - A blended threat is an exploit that combines elements of multiple types of malware and usually employs various attack vectors to increase the severity of damage and the speed of contagion.
  • block cipher - A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm.
  • Blowfish - Blowfish is a variable-length, symmetric, 64-bit block cipher.
  • bluesnarfing - Bluesnarfing is the theft of information from a wireless device through a Bluetooth connection.
  • botnet - A botnet is a collection of internet-connected devices, which may include personal computers (PCs), servers, mobile devices and internet of things (IoT) devices, that are infected and controlled by a common type of malware, often unbeknownst to their owner.
  • browser hijacker (browser hijacking) - A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.
  • brute-force attack - A brute-force attack is a trial-and-error method used by application programs to decode login information and encryption keys to use them to gain unauthorized access to systems.
  • buffer overflow - A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold.
  • business email compromise (BEC, man-in-the-email attack) - A business email compromise (BEC) is an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity in order to commit fraud .
  • cache poisoning - Cache poisoning is a type of cyber attack in which attackers insert fake information into a domain name system (DNS) cache or web cache for the purpose of harming users.
  • CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) - A CAPTCHA is a type of challenge-response system designed to differentiate humans from robotic computer programs.
  • CERT-In (the Indian Computer Emergency Response Team) - CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology (IT) security organization.
  • certificate authority (CA) - A certificate authority (CA) is a trusted entity that issues Secure Sockets Layer (SSL) certificates.
  • certificate revocation list (CRL) - A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their actual or assigned expiration date.
  • certification - In information technology as in other fields such as teaching, accounting, and acupuncture, certification is a formal process of making certain that an individual is qualified in terms of particular knowledge or skills.
  • Certified Information Systems Security Professional (CISSP) - Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².
  • Chernobyl virus - The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.
  • chief risk officer (CRO) - The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings.
  • cipher - In cryptography, a cipher is an algorithm for encrypting and decrypting data.
  • cipher block chaining (CBC) - Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.
  • ciphertext - Ciphertext is encrypted text transformed from plaintext using an encryption algorithm.
  • ciphertext feedback (CFB) - In cryptography, ciphertext feedback (CFB), also known as cipher feedback, is a mode of operation for a block cipher.
  • Cisco Identity Services Engine (ISE) - Cisco Identity Services Engine (ISE) is a security policy management platform that provides secure network access to users and devices.
  • Class C2 - Class C2 is a security rating established by the U.
  • client-side extension (CSE) - A client-side extension (CSE) is an integral component of enterprise group policy administration that applies Group Policy to users or endpoint systems.
  • cloud access security broker (CASB) - A cloud access security broker (CASB) is a software tool or service that sits between an organization's on-premises infrastructure and a cloud provider's infrastructure.
  • cloud audit - A cloud audit is a periodic examination an organization does to assess and document its cloud vendor's performance.
  • cloud encryption (cloud storage encryption) - Cloud encryption is a service offered by cloud storage providers whereby a customer's data is transformed using encryption algorithms into ciphertext and stored in the cloud.
  • cloud security - Cloud security, also known as cloud computing security, is the practice of protecting cloud-based data, applications and infrastructure from cyberthreats and cyber attacks.
  • cluster name object (CNO) - A cluster name object (CNO) is an Active Directory computer object linked with the network resource Cluster Name.
  • command-and-control server (C&C server) - A command-and-control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware.
  • Common Vulnerabilities and Exposures (CVE) - Common Vulnerabilities and Exposures (CVE) provides unique identifiers for publicly known security threats.
  • computer cracker - A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security.
  • Computer Emergency Response Team (CERT) - A Computer Emergency Response Team (CERT) is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents.
  • computer exploit - A computer exploit, or exploit, is an attack on a computer system, especially one that takes advantage of a particular vulnerability the system offers to intruders.
  • Computer Fraud and Abuse Act (CFAA) - The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that made it a federal crime to access a protected computer without proper authorization.
  • computer security incident response team (CSIRT) - A computer security incident response team, or CSIRT, is a group of IT professionals that provides an organization with services and support surrounding the assessment, management and prevention of cybersecurity-related emergencies, as well as coordination of incident response efforts.
  • computer worm - A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.
  • Conduit browser hijacker - Conduit is a browser hijacker that is usually installed without the user’s knowledge through a drive-by download.
  • Conficker - Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
  • confidentiality, integrity and availability (CIA triad) - Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
  • content filtering - Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items.
  • cookie poisoning - Cookie poisoning is a type of cyber attack in which a bad actor hijacks, forges, alters or manipulates a cookie to gain unauthorized access to a user's account, open a new account in the user's name or steal the user's information for purposes such as identity theft.
  • Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) - Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol based on the U.
  • countermeasure - A countermeasure is an action, process, device, or system that can prevent, or mitigate the effects of, threats to a computer, server or network.
  • critical infrastructure and key resources (CIKR) - Critical infrastructure and key resources (CIKR) is the collective of natural and man-made resources, along with the systems for their processing and delivery, upon which a nation depends on for functioning.
  • critical infrastructure security - Critical infrastructure security is the area of concern surrounding the protection of systems, networks and assets whose continuous operation is deemed necessary to ensure the security of a given nation, its economy, and the public’s health and/or safety.
  • cryptographic checksum - Generated by a cryptographic algorithm, a cryptographic checksum is a mathematical value assigned to a file sent through a network for verifying that the data contained in that file is unchanged.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use.
  • cryptography - Cryptography is a method of protecting information and communications through the use of codes, so that only those for whom the information is intended can read and process it.
  • cryptology - Cryptology is the mathematics, such as number theory and the application of formulas and algorithms, that underpin cryptography and cryptanalysis.
  • cryptosystem - A cryptosystem is a structure or scheme consisting of a set of algorithms that converts plaintext to ciphertext to encode or decode messages securely.
  • cyber hijacking - Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications.
  • cyber resilience - Cyber resilience is a concept that refers to the security that goes beyond defense and prevention to focus on response and resilience in moments of crisis.
  • cybercrime - Cybercrime is any criminal activity that involves a computer, networked device or a network.
  • Cybersecurity and Infrastructure Security Agency (CISA) - Cybersecurity and Infrastructure Security Agency (CISA) is the division of the Department of Homeland Security (DHS) that is tasked with defending the infrastructure of the internet and improving its resilience and security.
  • cyberwarfare - The generally accepted definition of cyberwarfare is the use of cyber attacks against a nation-state, causing it significant harm, up to and including physical warfare, disruption of vital computer systems and loss of life.
  • data availability - Data availability is a term used by computer storage manufacturers and storage service providers to describe how data should be available at a required level of performance in situations ranging from normal through disastrous.
  • Data Encryption Standard (DES) - Data Encryption Standard (DES) is an outdated symmetric key method of data encryption.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data protection management (DPM) - Data protection management (DPM) comprises the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user account with the ability to decrypt data that was encrypted by other users.
  • data splitting - Data splitting is when data is divided into two or more subsets.
  • deception technology - Deception technology is a class of security tools and techniques designed to prevent an attacker who has already entered the network from doing damage.
Networking
  • network traffic

    Network traffic is the amount of data that moves across a network during any given time.

  • dynamic and static

    In general, dynamic means 'energetic, capable of action and/or change, or forceful,' while static means 'stationary or fixed.'

  • MAC address (media access control address)

    A MAC address (media access control address) is a 12-digit hexadecimal number assigned to each device connected to the network.

Security
  • Trojan horse

    In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, ...

  • quantum key distribution (QKD)

    Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties.

  • Common Body of Knowledge (CBK)

    In security, the Common Body of Knowledge (CBK) is a comprehensive framework of all the relevant subjects a security professional...

CIO
  • benchmark

    A benchmark is a standard or point of reference people can use to measure something else.

  • spatial computing

    Spatial computing broadly characterizes the processes and tools used to capture, process and interact with 3D data.

  • organizational goals

    Organizational goals are strategic objectives that a company's management establishes to outline expected outcomes and guide ...

HRSoftware
  • talent acquisition

    Talent acquisition is the strategic process employers use to analyze their long-term talent needs in the context of business ...

  • employee retention

    Employee retention is the organizational goal of keeping productive and talented workers and reducing turnover by fostering a ...

  • hybrid work model

    A hybrid work model is a workforce structure that includes employees who work remotely and those who work on site, in a company's...

Customer Experience
  • database marketing

    Database marketing is a systematic approach to the gathering, consolidation and processing of consumer data.

  • cost per engagement (CPE)

    Cost per engagement (CPE) is an advertising pricing model in which digital marketing teams and advertisers only pay for ads when ...

  • B2C (Business2Consumer or Business-to-Consumer)

    B2C -- short for business-to-consumer -- is a retail model where products move directly from a business to the end user who has ...

Close