Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
  • AAA server (authentication, authorization and accounting) - An AAA server is a server program that handles user requests for access to computer resources and, for an enterprise, provides authentication, authorization and accounting (AAA) services.
  • access control list (ACL) - An access control list (ACL) is a list of rules that specifies which users or systems are granted or denied access to a particular object or system resource.
  • access log - An access log is a list of all requests for individual files -- such as Hypertext Markup Language files, their embedded graphic images and other associated files that get transmitted -- that people or bots have made from a website.
  • active attack - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target.
  • Active Directory forest (AD forest) - An Active Directory forest is the highest level of organization within Active Directory.
  • Active Directory tree - An Active Directory (AD) tree is a collection of domains within a Microsoft Active Directory network.
  • Advanced Encryption Standard (AES) - The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.
  • air gap (air gapping) - An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection.
  • Amazon VPC traffic mirroring - Traffic mirroring is a feature for Amazon Virtual Private Cloud (Amazon VPC).
  • anti-replay protocol - The anti-replay protocol provides Internet Protocol (IP) packet-level security by making it impossible for a hacker to intercept message packets and insert changed packets into the data stream between a source computer and a destination computer.
  • antispoofing - Antispoofing is a technique for identifying and dropping packets that have a false source address.
  • antivirus software (antivirus program) - Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other types of malware from computers, networks and other devices.
  • asymmetric cryptography - Asymmetric cryptography, also known as public key cryptography, is a process that uses a pair of related keys -- one public key and one private key -- to encrypt and decrypt a message and protect it from unauthorized access or use.
  • authentication server - An authentication server is an application that facilitates the authentication of an entity that attempts to access a network.
  • Automatic Identification and Data Capture (AIDC) - Automatic Identification and Data Capture (AIDC) is a broad set of technologies used to collect information from an object, image or sound without manual data entry.
  • backdoor (computing) - A backdoor attack is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.
  • backscatter spam - Backscatter spam, also called misdirected bounce spam or NDR spam, is a strategy for sending unsolicited email messages that takes advantage of the fact that certain types of mail transfer agent (MTA) programs return the entire message to the sender when a recipient's email address is invalid.
  • BIOS rootkit attack - A BIOS-level rootkit attack, also known as a persistent BIOS attack, is an exploit in which the BIOS is flashed (updated) with malicious code.
  • black hat hacker - A black hat hacker has been historically used to describe one who has malicious intent -- such as theft of information, fraud or disrupting systems -- but increasingly, more specific terms are being used to describe those people.
  • blended threat - A blended threat is an exploit that combines elements of multiple types of malware and usually employs various attack vectors to increase the severity of damage and the speed of contagion.
  • bluesnarfing - Bluesnarfing is a hacking technique in which a hacker accesses a wireless device through a Bluetooth connection.
  • browser hijacker (browser hijacking) - A browser hijacker is a malware program that modifies web browser settings without the user's permission and redirects the user to websites the user had not intended to visit.
  • business email compromise (BEC, man-in-the-email attack) - A business email compromise (BEC) is an exploit in which the attacker gains access to a corporate email account and spoofs the owner’s identity in order to commit fraud .
  • cache poisoning - Cache poisoning is a type of cyber attack in which attackers insert fake information into a domain name system (DNS) cache or web cache for the purpose of harming users.
  • CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) - A CAPTCHA is a type of challenge-response system designed to differentiate humans from robotic computer programs.
  • CERT-In (the Indian Computer Emergency Response Team) - CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology (IT) security organization.
  • Certified Information Systems Security Professional (CISSP) - Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².
  • Chernobyl virus - The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed.
  • cipher - In cryptography, a cipher is an algorithm for encrypting and decrypting data.
  • ciphertext - Ciphertext is encrypted text transformed from plaintext using an encryption algorithm.
  • ciphertext feedback (CFB) - In cryptography, ciphertext feedback (CFB), also known as cipher feedback, is a mode of operation for a block cipher.
  • Class C2 - Class C2 is a security rating established by the U.
  • client-side extension (CSE) - A client-side extension (CSE) is an integral component of enterprise group policy administration that applies Group Policy to users or endpoint systems.
  • cloud audit - A cloud audit is an assessment of a cloud computing environment and its services, based on a specific set of controls and best practices.
  • cloud encryption - Cloud encryption is a service cloud storage providers offer whereby a customer's data is transformed using encryption algorithms from plaintext into ciphertext and stored in the cloud.
  • cloud workload protection - Cloud workload protection is the safeguarding of workloads spread out across multiple cloud environments.
  • command-and-control server (C&C server) - A command-and-control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware.
  • Common Vulnerability Scoring System (CVSS) - The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems.
  • computer cracker - A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security.
  • Computer Emergency Response Team (CERT) - A Computer Emergency Response Team (CERT) is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents.
  • Computer Fraud and Abuse Act (CFAA) - The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that imposes criminal penalties on individuals who intentionally access a protected computer without proper authorization or whose access exceeds their authorization.
  • computer security incident response team (CSIRT) - A computer security incident response team, or CSIRT, is a group of IT professionals that provides an organization with services and support surrounding the assessment, management and prevention of cybersecurity-related emergencies, as well as coordination of incident response efforts.
  • computer worm - A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.
  • Conficker - Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
  • content filtering - Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items.
  • cookie poisoning - Cookie poisoning is a type of cyber attack in which a bad actor hijacks, forges, alters or manipulates a cookie to gain unauthorized access to a user's account, open a new account in the user's name or steal the user's information for purposes such as identity theft.
  • Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) - Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol based on the U.
  • cryptographic checksum - Generated by a cryptographic algorithm, a cryptographic checksum is a mathematical value assigned to a file sent through a network for verifying that the data contained in that file is unchanged.
  • cryptographic nonce - A nonce is a random or semi-random number that is generated for a specific use.
  • Cybersecurity and Infrastructure Security Agency (CISA) - Cybersecurity and Infrastructure Security Agency (CISA) is the division of the Department of Homeland Security (DHS) that is tasked with defending the infrastructure of the internet and improving its resilience and security.
  • cyberwarfare - The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm.
  • data availability - Data availability is a term used by computer storage manufacturers and storage service providers to describe how data should be available at a required level of performance in situations ranging from normal through disastrous.
  • data integrity - Data integrity is the assurance that digital information is uncorrupted and can only be accessed or modified by those authorized to do so.
  • data protection management (DPM) - Data protection management (DPM) is the administration, monitoring and management of backup processes to ensure backup tasks run on schedule and data is securely backed up and recoverable.
  • data recovery agent (DRA) - A data recovery agent (DRA) is a Microsoft Windows user account with the ability to decrypt data that was encrypted by other users.
  • data splitting - Data splitting is when data is divided into two or more subsets.
  • deception technology - Deception technology is a class of security tools and techniques designed to prevent an attacker who has already entered the network from doing damage.
  • deep packet inspection (DPI) - Deep packet inspection (DPI) is an advanced method of examining and managing network traffic.
  • default password - A default password is a standard preconfigured password for a device or software.
  • dictionary attack - A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary, or word list, as a password.
  • Diffie-Hellman key exchange (exponential key exchange) - Diffie-Hellman key exchange is a method of digital encryption that securely exchanges cryptographic keys between two parties over a public channel without their conversation being transmitted over the internet.
  • digital certificate - A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it.
  • digital identity - A digital identity is the body of information about an individual, organization or electronic device that exists online.
  • digital signature - A digital signature is a mathematical technique used to validate the authenticity and integrity of a digital document, message or software.
  • Digital Signature Standard (DSS) - The Digital Signature Standard (DSS) is a digital signature algorithm (DSA) developed by the U.
  • directory traversal - Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory.
  • distributed denial-of-service (DDoS) attack - A distributed denial-of-service (DDoS) attack is one in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource.
  • DNS over HTTPS (DoH) - DNS over HTTPS (DoH) is a relatively new protocol that encrypts domain name system traffic by passing DNS queries through a Hypertext Transfer Protocol Secure encrypted session.
  • DNS redirection - DNS redirection is the controversial practice of serving a Web page to a user that is different from either the one requested or one that might reasonably be expected, such as an error page.
  • eavesdropping - Eavesdropping is the act of listening to, recording or intercepting private communications.
  • Electronic Code Book (ECB) - Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption.
  • email security gateway - An email security gateway is a product or service that is designed to prevent the transmission of emails that break company policy, send malware or transfer information with malicious intent.
  • embedded system security - Embedded system security is a strategic approach to protecting software running on embedded systems from attack.
  • encoding and decoding - Encoding and decoding are used in many forms of communications, including computing, data communications, programming, digital electronics and human communications.
  • encryption - Encryption is the method by which information is converted into secret code that hides the information's true meaning.
  • encryption key - In cryptography, an encryption key is a variable value that is applied using an algorithm to a string or block of unencrypted text to produce encrypted text or to decrypt encrypted text.
  • encryption key management - Encryption key management is the practice of generating, organizing, protecting, storing, backing up and distributing encryption keys.
  • end-to-end encryption (E2EE) - End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another.
  • ethical hacker - An ethical hacker, or white hat hacker, is an information security expert authorized by an organization to penetrate computing infrastructure to find security vulnerabilities a malicious hacker could exploit.
  • evil twin attack - An evil twin attack is a rogue Wi-Fi access point (AP) that masquerades as a legitimate one, enabling an attacker to gain access to sensitive information without the end user's knowledge.
  • facial recognition - Facial recognition is a category of biometric software that maps an individual's facial features to confirm their identity.
  • Faraday cage - A Faraday cage is a metallic enclosure that prevents the entry or escape of an electromagnetic field (EM field).
  • FFIEC compliance (Federal Financial Institutions Examination Council) - FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC).
  • FIDO (Fast Identity Online) - FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication.
  • filter (computing) - The term filter in computing can mean a variety of things, depending on the technology or technical discipline in question.
  • firewall as a service (FWaaS) - Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis capabilities to customers as part of an overall cybersecurity program.
  • flow routing - Flow routing is a network routing technology that takes variations in the flow of data into account to increase routing efficiency.
  • footprinting - Footprinting is an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, an infrastructure and networks to identify opportunities to penetrate them.
  • frequency-hopping spread spectrum (FHSS) - Frequency-hopping spread spectrum (FHSS) transmission is the repeated switching of the carrier frequency during radio transmission to reduce interference and avoid interception.
  • Generic Routing Encapsulation (GRE) - Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route various protocols over Internet Protocol (IP) networks.
  • going dark - Going dark describes a scenario in which communication appears to have ceased, but in reality has just moved from a public communication channel to a private, encrypted channel.
  • Google dork query - A Google dork query, sometimes just referred to as a dork, is a search string or custom query that uses advanced search operators to find information not readily available on a website.
  • GPS jamming - GPS jamming is the act of using a frequency transmitting device to block or interfere with radio communications.
  • GPS tracking - GPS tracking is the surveillance of location through use of the Global Positioning System (GPS ) to track the location of an entity or object remotely.
  • hacking as a service (HaaS) - Hacking as a service (HaaS) is the commercialization of hacking skills, in which the hacker serves as a contractor.
  • hard-drive encryption - Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.
  • hardware security - Hardware security is vulnerability protection that comes in the form of a physical device rather than software that's installed on the hardware of a computer system.
  • hashing - Hashing is the process of transforming any given key or a string of characters into another value.
  • Heartbleed - Heartbleed was a vulnerability in some implementations of OpenSSL, an open source cryptographic library.
  • honeynet - A honeynet is a network set up with intentional vulnerabilities hosted on a decoy server to attract hackers.