Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.

Authentication and access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
three-factor authentication (3FA)
Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories.
-
FIDO (Fast Identity Online)
FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication.
-
YubiKey
YubiKey is a security token that enables users to add a second authentication factor to online services from tier 1 vendor partners, including Google, Amazon, Microsoft and Salesforce.
Compliance, risk and governance
This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.
-
Sarbanes-Oxley Act
The Sarbanes-Oxley Act of 2002 is a federal law that established sweeping auditing and financial regulations for public companies.
-
triple bottom line (TBL)
The triple bottom line (TBL) is a sustainability-based accounting framework that includes social, environmental and financial factors as bottom-line categories.
-
forensic image
A forensic image (forensic copy) is a bit-by-bit, sector-by-sector direct copy of a physical storage device, including all files, folders and unallocated, free and slack space.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
role-based access control (RBAC)
Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.
-
FIDO (Fast Identity Online)
FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication.
-
packet filtering
Packet filtering is the process of passing or blocking data packets at a network interface by a firewall based on source and destination addresses, ports or protocols.
Security Admin
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
-
triage in IT
Triage is a term referring to the assignment of priority levels to tasks or individuals to determine the most effective order in which to deal with them.
-
three-factor authentication (3FA)
Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories.
-
role-based access control (RBAC)
Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
ActiveX
ActiveX is a set of object-oriented programming technologies and tools that Microsoft developed for Internet Explorer to facilitate rich media playback.
-
vishing (voice or VoIP phishing)
Vishing (voice or VoIP phishing) is a type of cyber attack that uses voice and telephony technologies to trick targeted individuals into revealing sensitive data to unauthorized entities.
-
cyber espionage
Cyber espionage (cyberespionage) is a type of cyber attack that malicious hackers carry out against a business or government entity.