Term
|
Definition
Triple Data Encryption Standard
A symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block. |
|
|
Term
|
Definition
Authentication, Authorization, and Accounting
A standard-based framework used to control who is permitted to use network resources (through authentication), what they are authorized to do (through authorization), and capture the actions performed while accessing the network (through accounting). |
|
|
Term
|
Definition
Attribute-based Access Control
An authorization model that evaluates attributes (or characteristics), rather than roles, to determine access. |
|
|
Term
|
Definition
Access Control List
An access control list (ACL) is a list of rules that specifies which users or systems are granted or denied access to a particular object or system resource. Access control lists are also installed in routers or switches, where they act as filters, managing which traffic can access the network. |
|
|
Term
|
Definition
Active Directory
Microsoft's proprietary directory service. It runs on Windows Server and enables administrators to manage permissions and access to network resources. Active Directory stores data as objects. An object is a single element, such as a user, group, application or device such as a printer. |
|
|
Term
|
Definition
Advanced Encryption Standard
A symmetric block cipher chosen by the U.S. government to protect classified information. |
|
|
Term
|
Definition
| Advanced Encryption Standard, 256 bit |
|
|
Term
|
Definition
Authentication Header
Provides data origin authentication, data integrity, and replay protection. However, AH does not provide data confidentiality, which means that all of your data is sent in the clear. |
|
|
Term
|
Definition
|
|
Term
|
Definition
Automated Indicator Sharing
AIS enables the real-time exchange of machine-readable cyber threat indicators through a server/client architecture for communications. |
|
|
Term
|
Definition
Annualized Loss Expectancy
ALE provides an estimate of the yearly financial impact to the organization from a particular risk. This helps determine how much money the organization is justified in spending on countermeasures in order to reduce the likelihood or impact of an incident. |
|
|
Term
|
Definition
Access Point
An access point connects to a wired router, switch, or hub via an Ethernet cable, and projects a WiFi signal to a designated area. |
|
|
Term
|
Definition
Application Programming Interface
An API, or application programming interface, is a set of defined rules that enable different applications to communicate with each other. |
|
|
Term
|
Definition
Advanced Persistent Threat
An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. |
|
|
Term
|
Definition
Annualized Rate of Occurrence
Annualized Rate of Occurrence, also known as ARO, refers to the expected frequency with which a risk or a threat is expected to occur. ARO is also commonly referred to as Probability Determination. |
|
|
Term
|
Definition
Address Resolution Protocol
Address Resolution Protocol (ARP) is a protocol or procedure that connects an ever-changing Internet Protocol (IP) address to a fixed physical machine address, also known as a media access control (MAC) address, in a local-area network (LAN). |
|
|
Term
|
Definition
Address Space Layout Randomization
Address space layout randomization (ASLR) is a technique that is used to increase the difficulty of performing a buffer overflow attack that requires the attacker to know the location of an executable in memory. |
|
|
Term
|
Definition
Active Server Pages
Active Server Pages (ASP) is Microsoft's first server-side scripting language and engine for dynamic web pages.
It was first released in December 1996, before being superseded in January 2002 by ASP.NET. |
|
|
Term
|
Definition
Adversarial Tactics, Techniques, and Common Knowledge
A guideline for classifying and describing cyberattacks and intrusions. The framework consists of 14 tactics categories consisting of "technical objectives" of an adversary. Examples include privilege escalation and command and control.
The framework is an alternative to the Cyber Kill Chain developed by Lockheed Martin. |
|
|
Term
|
Definition
Acceptable Use Policy
A document stipulating constraints and practices that a user must agree to for access to a corporate network, the internet or other resources. |
|
|
Term
|
Definition
Antivirus
(of software) designed to detect and destroy computer viruses. |
|
|
Term
|
Definition
Bourne Again Shell
BASH (Bourne Again Shell) is the free and enhanced version of the Bourne shell distributed with Linux and GNU operating systems. |
|
|
Term
|
Definition
Business Continuity Planning
A document that consists of the critical information an organization needs to continue operating during an unplanned event. The BCP states the essential functions of the business, identifies which systems and processes must be sustained, and details how to maintain them. |
|
|
Term
|
Definition
Border Gateway Protocol
Border Gateway Protocol (BGP) refers to a gateway protocol that enables the internet to exchange routing information between autonomous systems (AS). |
|
|
Term
|
Definition
Business Impact Analysis
A business impact analysis (BIA) predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies. Potential loss scenarios should be identified during a risk assessment. |
|
|
Term
|
Definition
Basic Input/Output System
BIOS (basic input/output system) is the program a computer's microprocessor uses to start the computer system after it is powered on. |
|
|
Term
|
Definition
Business Partnership Agreement
A business partnership is a formal agreement between two parties operating and managing a company and share in its profits or losses. |
|
|
Term
|
Definition
Bridge Protocol Data Unit
A bridge protocol data unit (BPDU) is a data message transmitted across a local area network to detect loops in network topologies. |
|
|
Term
|
Definition
Basic Service Set Identifier
A BSSID is basically the MAC physical address of the wireless router or the access point. It is the unique identifier for a BSS. It is the Layer 2 identifier of each individual BSS. It is often confused with the SSID. But the BSSID is a 48-bit MAC address of an access point’s radio card. |
|
|
Term
|
Definition
Bring Your Own Device
BYOD (bring your own device) is a policy that allows employees in an organization to use their personally owned devices for work-related activities. |
|
|
Term
|
Definition
Certificate Authority
A certificate authority (CA) is a trusted entity that issues Secure Sockets Layer (SSL) certificates. These digital certificates are data files used to cryptographically link an entity with a public key. Web browsers use them to authenticate content sent from web servers, ensuring trust in content delivered online. |
|
|
Term
|
Definition
Completely Automated Public Turing Test to Tell Computers and Humans Apart
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of security measure known as challenge-response authentication. |
|
|
Term
|
Definition
Corrective Action Report
A report of measures taken to address root causes of non-conformances to prevent recurrence of issues. 'CAR type' indicates the type of investigation or action taken to address the non-conformance or potential for non-conformance. |
|
|
Term
|
Definition
Cloud Access Security Broker
A cloud access security broker (CASB) is a security check point between cloud network users and cloud-based applications. |
|
|
Term
|
Definition
Cipher Block Chaining
Cipher block chaining (CBC) is a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block. Cipher block chaining uses what is known as an initialization vector (IV) of a certain length. |
|
|
Term
|
Definition
Computer Based Training
Computer-based training (CBT) is any course of instruction whose primary means of delivery is a computer. A CBT course (sometimes called courseware ) may be delivered via a software product installed on a single computer, through a corporate or educational intranet, or over the Internet as Web-based training |
|
|
Term
|
Definition
Counter-Mode/CBC-MAC Protocol
Counter Mode Cipher Block Chaining Message Authentication Code Protocol (Counter Mode CBC-MAC Protocol) or CCM mode Protocol (CCMP) is an encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard. |
|
|
Term
|
Definition
Closed Circuit Television
Closed-circuit television (CCTV), also known as video surveillance, is the use of video cameras to transmit a signal to a specific place, on a limited set of monitors. It differs from broadcast television in that the signal is not openly transmitted, though it may employ point-to-point (P2P), point-to-multipoint (P2MP), or mesh wired or wireless links. |
|
|
Term
|
Definition
Computer Emergency Response Team
In cybersecurity, CERT stands for computer emergency response team - a team of information security analysts tasked with cyber incident detection, response, prevention, and reporting. The role of the CERT is to Protect, Detect, and Respond to cyberthreats. |
|
|
Term
|
Definition
Cipher Feedback
CFB mode performs cipher feedback encryption. CFB mode operates on segments instead of blocks. |
|
|
Term
|
Definition
Challenge-Handshake Authentication Protocol
CHAP (Challenge-Handshake Authentication Protocol) is a challenge and response authentication method that Point-to-Point Protocol (PPP) servers use to verify the identity of a remote user. CHAP authentication begins after the remote user initiates a PPP link. |
|
|
Term
|
Definition
Chief Information Officer
Chief information officer (CIO), chief digital information officer (CDIO) or information technology (IT) director, is a job title commonly given to the most senior executive in an enterprise who works with information technology and computer systems, in order to support enterprise goals. |
|
|
Term
|
Definition
Computer Incident Response Team
Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery resulting from computer security incidents. |
|
|
Term
|
Definition
Center for Internet Security
Center for Internet Security (CIS) offers cyber threat intelligence and cyber security solutions to help federal, local and state agencies protect network ... |
|
|
Term
|
Definition
Content Management System
A content management system (CMS) is an application that is used to manage content, allowing multiple contributors to create, edit and publish. Content in a CMS is typically stored in a database and displayed in a presentation layer based on a set of templates like a website. Management System |
|
|
Term
|
Definition
Common Name
The name by which an organism or group of organisms is known to the general public, rather than its taxonomic or scientific name. |
|
|
Term
|
Definition
Continuity Of Operations Planning
the effort within individual agencies to ensure they can continue to perform their mission essential functions during a wide range of emergencies. It’s the initiative that ensures that governments, departments, businesses and agencies are able to continue their essential daily functions. |
|
|
Term
|
Definition
Corporate-Owned Personally Enabled
COPE is a business model in which an organization provides its employees with mobile computing devices and allows the employees to use them as if they were personally owned notebook computers, tablets or smartphones. |
|
|
Term
|
Definition
Contingency Planning
A management tool that involves all parts of an organization. It can help ensure timely and effective humanitarian aid to those who need it most. Making a contingency plan involves making various decisions as an organization before an emergency happens. |
|
|
Term
|
Definition
Cyclic Redundancy Check
A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to digital data. Blocks of data entering these systems get a short check value attached, based on the remainder of a polynomial division of their contents. On retrieval, the calculation is repeated and, in the event the check values do not match, corrective action can be taken against data corruption. CRCs can be used for error correction. |
|
|
Term
|
Definition
Certificate Revocation List
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date. |
|
|
Term
|
Definition
Cloud Security Alliance
A not-for-profit organization with the mission to “promote the use of best practices for providing security assurance within cloud computing, and to provide education on the uses of cloud computing to help secure all other forms of computing. |
|
|
Term
|
Definition
Computer Security Incident Response Team
Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery resulting from computer security incidents. |
|
|
Term
|
Definition
Chief Security Officer
In its broadest definition, chief security officer may refer to the person chiefly responsible for an organization's information security, as well as its so-called “corporate security” — that is, the physical security and safety of employees, facilities and assets. |
|
|
Term
|
Definition
Cloud Service Provider
A CSP is a third-party company that provides scalable computing resources that businesses can access on demand over a network, including cloud-based compute, storage, platform, and application services. |
|
|
Term
|
Definition
Certificate Signing Request
In public key infrastructure (PKI) systems, a certificate signing request (also CSR or certification request) is a message sent from an applicant to a certificate authority of the public key infrastructure in order to apply for a digital identity certificate. It usually contains the public key for which the certificate should be issued, identifying information (such as a domain name) and a proof of authenticity including integrity protection (e.g., a digital signature). |
|
|
Term
|
Definition
Cross Site Request Forgery
Also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website or web application where unauthorized commands are submitted from a user that the web application trusts. |
|
|
Term
|
Definition
Channel Service Unit
A CSU/DSU (Channel Service Unit/Data Service Unit) is a hardware device that converts a digital data frame from the communications technology used on a local area network (LAN) into a frame appropriate to a wide-area network (WAN) and vice versa. Think of it as a high end modem which is used to connect a data terminal equipment (DTE), such as a router, to a digital circuit, such as a Digital Signal 1 (T1) line. |
|
|
Term
|
Definition
Counter Mode
The Counter Mode or CTR is a simple counter-based block cipher implementation. Every time a counter-initiated value is encrypted and given as input to XOR with plaintext which results in ciphertext block. The CTR mode is independent of feedback use and thus can be implemented in parallel. |
|
|
Term
|
Definition
Chief Technology Officer
A chief technology officer (CTO) is a top executive that oversees the entire information technology department and is responsible for integrating business needs and requirements into IT planning and operations. |
|
|
Term
|
Definition
Common Vulnerabilities and Exposures
The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information-security vulnerabilities and exposures. |
|
|
Term
|
Definition
Common Vulnerabilities Scoring System
The Common Vulnerability Scoring System (CVSS) is a method used to supply a qualitative measure of severity. CVSS is not a measure of risk. CVSS consists of three metric groups: Base, Temporal, and Environmental. |
|
|
Term
|
Definition
Choose Your Own Device
Choose Your Own Device (CYOD) is a hardware management model in which employees select a preferred device from a company-approved range of options. |
|
|
Term
|
Definition
Discretionary Access Control
Discretionary access control (DAC) is a type of security access control that grants or restricts object access via an access policy determined by an object's owner group and/or subjects. |
|
|
Term
|
Definition
Database Administrator
Database administrators and architects create or organize systems to store and secure a variety of data, such as financial information and customer shipping records. |
|
|
Term
|
Definition
Distributed Denial of Service
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. |
|
|
Term
|
Definition
Data Execution Prevention
Data Execution Prevention (DEP) is a technology built into Windows that helps protect you from executable code launching from places it's not supposed to. DEP does that by marking some areas of your PC's memory as being for data only, no executable code or apps will be allowed to run from those areas of memory. |
|
|
Term
|
Definition
Distinguished Encoding Rules
DER (Distinguished Encoding Rules) is a restricted variant of BER for producing unequivocal transfer syntax for data structures described by ASN. 1. Like CER, DER encodings are valid BER encodings. DER is the same thing as BER with all but one sender's options removed. |
|
|
Term
|
Definition
Basic Encoding Rules
Basic Encoding Rules (BER) is the set of rules for encoding ASN.1 defined data into a particular representation for transmitting to another system. |
|
|
Term
|
Definition
Data Encryption Standard
Like all other private-key cryptographic methods, both the sender and the receiver must know and use the same private key.
DES applies a 56-bit key to each 64-bit block of data. Although this is considered strong encryption, many companies use triple DES, which applies three keys in succession. |
|
|
Term
|
Definition
Dynamic Host Configuration Protocol
The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture. |
|
|
Term
|
Definition
Diffie-Hellman Ephemeral
Diffie–Hellman key exchange is a mathematical method of securely exchanging cryptographic keys over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman. DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography. |
|
|
Term
|
Definition
Domain Keys Identified Mail
DKIM, or Domain Keys Identified Mail, is an email authentication method that uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain. |
|
|
Term
|
Definition
Dynamic Link Library
A dynamic link library (DLL) is a collection of small programs that larger programs can load when needed to complete specific tasks. |
|
|
Term
|
Definition
Data Loss Prevention
Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. |
|
|
Term
|
Definition
Domain Message Authentication Reporting and Conformance
DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol. |
|
|
Term
|
Definition
Destination Network Address Translation
Destination NAT is the translation of the destination IP address of a packet entering the Juniper Networks device. Destination NAT is used to redirect traffic destined to a virtual host (identified by the original destination IP address) to the real host (identified by the translated destination IP address). |
|
|
Term
|
Definition
Domain Name System
The domain name system (DNS) is a naming database in which internet domain names are located and translated into Internet Protocol (IP) addresses. |
|
|
Term
|
Definition
Domain Name System Security Extensions
The Domain Name System Security Extensions (DNSSEC) is a feature of the Domain Name System (DNS) that authenticates responses to domain name lookups. It does not provide privacy protections for those lookups, but prevents attackers from manipulating or poisoning the responses to DNS requests. |
|
|
Term
|
Definition
Denial of Service
A denial-of-service (DoS) attack is a malicious attempt to overwhelm a web property with traffic in order to disrupt its normal operations. |
|
|
Term
|
Definition
Data Protection Officer
A data protection officer (DPO) ensures, in an independent manner, that an organization applies the laws protecting individuals' personal data. |
|
|
Term
|
Definition
Disaster Recovery Plan
A disaster recovery (DR) plan is a formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents such as natural disasters, power outages, cyber attacks and any other disruptive events. |
|
|
Term
|
Definition
Digital Signature Algorithm
DSA stands for Digital Signature Algorithm. It is a cryptographic algorithm used to generate digital signatures, authenticate the sender of a digital message, and prevent message tampering. DSA works by having two keys: a private key owned by the sender and a public key held by the receiver. |
|
|
Term
|
Definition
Digital Subscriber Line
Digital subscriber lines (DSLs) are high-speed Internet connections that use standard telephone lines. DSL uses the standard twisted-pair telephone lines that come into every home for normal telephone service. These lines, because they were developed only for voice signals, are restricted in bandwidth and data rate. |
|
|
Term
|
Definition
Extensible Authentication Protocol
The Extensible Authentication Protocol (EAP) is an architectural framework that provides extensibility for authentication methods for commonly used protected network access technologies, such as IEEE 802.1X-based wireless access, IEEE 802.1X-based wired access, and Point-to-Point Protocol (PPP) connections such as Virtual Private Networking (VPN). |
|
|
Term
|
Definition
Electronic Code Book
Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption. |
|
|
Term
|
Definition
Elliptic Curve Cryptography
Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. |
|
|
Term
|
Definition
Elliptic Curve Diffie-Hellman Ephemeral
Elliptic-curve Diffie–Hellman (ECDH) is a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel. |
|
|
Term
|
Definition
Elliptic Curve Digital Signature Algorithm
The Elliptic Curve Digital Signature Algorithm (ECDSA) is a Digital Signature Algorithm (DSA) which uses keys derived from elliptic curve cryptography (ECC). It is a particularly efficient equation based on public key cryptography (PKC). ECDSA is used across many security systems, is popular for use in secure messaging apps, and it is the basis of Bitcoin security (with Bitcoin "addresses" serving as public keys). |
|
|
Term
|
Definition
Endpoint Detection and Response
An endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware. |
|
|
Term
|
Definition
Encrypted File System
Encrypting File System provides an added layer of protection by encrypting files or folders on various versions of the Microsoft Windows OS. |
|
|
Term
|
Definition
Extended Instruction Pointer
EIP is a register in x86 architectures (32bit). It holds the "Extended Instruction Pointer" for the stack. In other words, it tells the computer where to go next to execute the next command and controls the flow of a program. |
|
|
Term
|
Definition
End Of Life
When an operating system reaches its End of Life (EOL), it becomes a prime target for hackers. The stream of patches, security updates, and research into vulnerabilities from the system's provider ends, leaving the system and the user more defenseless than ever. |
|
|
Term
|
Definition
End of Service
End-of-Service-Life(EOSL) or end of support is when the manufacturer quits selling a piece of equipment and in most cases no longer provides maintenance services or updates after a certain date. |
|
|
Term
|
Definition
Enterprise Resource Planning
Enterprise resource planning (ERP) is a software system that helps you run your entire business, supporting automation and processes in finance, human resources, manufacturing, supply chain, services, procurement, and more. |
|
|
Term
|
Definition
Electronic Serial Number
An electronic serial number (ESN) is a unique identification number embedded by manufacturers on a microchip in wireless phones. |
|
|
Term
|
Definition
Encapsulating Security Payload
Encapsulating Security Payload (ESP) is a member of the Internet Protocol Security (IPsec) set of protocols that encrypt and authenticate the packets of data between computers using a Virtual Private Network (VPN). The focus and layer on which ESP operates makes it possible for VPNs to function securely. |
|
|
Term
|
Definition
Extended Service Set identifier
The service set identifier (SSID) defines a service set or extends service set. Normally it is broadcast in the clear by stations in beacon packets to announce the presence of a network and seen by users as a wireless network name. An extended service set (ESS) is a wireless network, created by multiple access points, which appears to users as a single, seamless network, such as a network covering a home or office that is too large for reliable coverage by a single access point. It is a set of one or more infrastructure basic service sets on a common logical network segment (i.e. same IP subnet and VLAN). |
|
|
Term
|
Definition
File System Access Control List
An ACL is a list of permissions that are associated with a directory or file. It defines which users are allowed to access a particular directory or file. An access control entry in the ACL defines the permissions for a user or a group of users. An ACL usually consists of multiple entries. |
|
|
Term
|
Definition
Full Disk Encryption
Full-disk encryption (FDE) is a security method for protecting sensitive data at the hardware level by encrypting all data on a disk drive. |
|
|
Term
|
Definition
File Integrity Monitoring
File Integrity Monitoring (FIM) examines operating system files, Windows registries, application software, and Linux system files for changes that might indicate an attack. FIM (file integrity monitoring) uses the Azure Change Tracking solution to track and identify changes in your environment. |
|
|
Term
|
Definition
Field Programmable Gate Array
A field-programmable gate array (FPGA) is an integrated circuit designed to be configured by a customer or a designer after manufacturing – hence the term field-programmable. The FPGA configuration is generally specified using a hardware description language (HDL), similar to that used for an application-specific integrated circuit (ASIC). |
|
|
Term
|
Definition
False Rejection Rate
It measures the percent of valid inputs which are incorrectly rejected. It is sometimes denoted as False Non-Match Rate (FNMR). |
|
|
Term
|
Definition
File Transfer Protocol
The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data connections between the client and the server. |
|
|
Term
|
Definition
Secured File Transfer Protocol
SFTP, or Secure File Transfer Protocol, is a secure file transfer protocol that uses secure shell encryption to provide a high level of security for sending and receiving file transfers. SFTP is similar to FTPS in that it uses AES and other algorithms to secure data as it travels between different systems. |
|
|
Term
|
Definition
Galois/Counter Mode
Galois/Counter Mode (GCM) is a block cipher mode of operation that uses universal hashing over a binary Galois field to provide authenticated encryption. |
|
|
Term
|
Definition
General Data Protection Regulation
The GDPR establishes the general obligations of data controllers and of those processing personal data on their behalf (processors). These include the obligation to implement appropriate security measures, according to the risk involved in the data processing operations they perform. |
|
|
Term
|
Definition
GNU Privacy Guard
GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperable with GnuPG and other OpenPGP-compliant systems. |
|
|
Term
|
Definition
Group Policy Object
Microsoft's Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users. Microsoft provides a program snap-in that allows you to use the Group Policy Management Console (GPMC). |
|
|
Term
|
Definition
Global Positioning System
The Global Positioning System (GPS), originally Navstar GPS,[2] is a satellite-based radio navigation system owned by the United States government and operated by the United States Space Force.[3] It is one of the global navigation satellite systems (GNSS) that provides geolocation and time information to a GPS receiver anywhere on or near the Earth where there is an unobstructed line of sight to four or more GPS satellites. |
|
|
Term
|
Definition
Graphics Processing Unit
Graphics processing unit, a specialized processor originally designed to accelerate graphics rendering. GPUs can process many pieces of data simultaneously, making them useful for machine learning, video editing, and gaming applications.
GPUs may be integrated into the computer’s CPU or offered as a discrete hardware unit. |
|
|
Term
|
Definition
Generic Routing Encapsulation
Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network. |
|
|
Term
|
Definition
High Availability
High availability (HA) is the elimination of single points of failure to enable applications to continue to operate even if one of the IT components it depends on, such as a server, fails. |
|
|
Term
|
Definition
Hard Disk Drive
A hard disk drive (HDD), hard disk, hard drive, or fixed disk,[b] is an electro-mechanical data storage device that stores and retrieves digital data using magnetic storage with one or more rigid rapidly rotating platters coated with magnetic material. The platters are paired with magnetic heads, usually arranged on a moving actuator arm, which read and write data to the platter surfaces. |
|
|
Term
|
Definition
Host based Intrusion Detection System
A host-based IDS is an intrusion detection system that monitors the computer infrastructure on which it is installed, analyzing traffic and logging malicious behavior. |
|
|
Term
|
Definition
Host based Intrusion Prevention System
The Host-based Intrusion Prevention System (HIPS) protects your system from malware and unwanted activity attempting to negatively affect your computer. |
|
|
Term
|
Definition
Hash based Message Authentication Code
Hash-based message authentication code (or HMAC) is a cryptographic authentication technique that uses a hash function and a secret key. With HMAC, you can achieve authentication and verify that data is correct and authentic with shared secrets, as opposed to approaches that use signatures and asymmetric cryptography. |
|
|
Term
|
Definition
Hash based One Time Password
What is an HOTP? HOTPs are one-time codes based on events. HOTP stands for "hash-based one-time password", therefore it is based on hash-based message authentication codes. The generation of this type of code is based on a counter, that is activated and incremented with each event. |
|
|
Term
|
Definition
Hardware Security Module
A physical computing device that provides tamper-evident and intrusion-resistant safeguarding and management of digital keys and other secrets, as well as crypto-processing. (FIPS 140-2) specifies requirements for HSMs. |
|
|
Term
|
Definition
Hardware Security Module as a Service
HSM as a service is a subscription-based offering where customers can use a hardware security module in the cloud to generate, access, and protect their cryptographic key material, separately from sensitive data. |
|
|
Term
|
Definition
Hypertext Markup Language
HTML stands for HyperText Markup Language. It is a standard markup language for web page creation. It allows the creation and structure of sections, paragraphs, and links using HTML elements (the building blocks of a web page) such as tags and attributes. |
|
|
Term
|
Definition
Hypertext Transfer Protocol
HTTP is the protocol that enables the transfer of data over the internet, allowing users to access websites and other online resources. |
|
|
Term
|
Definition
Hypertext Transfer Protocol Secure
Hypertext Transfer Protocol Secure (HTTPS) is a protocol that secures communication and data transfer between a user's web browser and a website. HTTPS is the secure version of HTTP. The protocol protects users against eavesdroppers and man-in-the-middle (MitM) attacks. |
|
|
Term
|
Definition
Heating, Ventilation, Air Conditioning
Heating, ventilation, and air conditioning (HVAC)[1] is the use of various technologies to control the temperature, humidity, and purity of the air in an enclosed space. |
|
|
Term
|
Definition
Infrastructure as a Service
nfrastructure as a service (IaaS) is a type of cloud computing service that offers essential compute, storage, and networking resources on demand, on a pay-as-you-go basis. IaaS is one of the four types of cloud services, along with software as a service (SaaS), platform as a service (PaaS), and serverless. |
|
|
Term
|
Definition
Identity and Access Management
Identity and Access Management (IAM) is a security and business discipline that includes multiple technologies and business processes to help the right people or machines to access the right assets at the right time for the right reasons, while keeping unauthorized access and fraud at bay. |
|
|
Term
|
Definition
Internet Control Message Protocol
CMP (Internet Control Message Protocol) is an error-reporting protocol that network devices such as routers use to generate error messages to the source IP address when network problems prevent delivery of IP packets. |
|
|
Term
|
Definition
Industrial Control Systems
General term that encompasses several types of control systems, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC) often found in the industrial sectors and critical infrastructures. |
|
|
Term
|
Definition
International Data Encryption Algorithm
The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input, i.e., 64-bit data. |
|
|
Term
|
Definition
Intermediate Distribution Frame
An intermediate distribution frame (IDF) is a distribution frame in a central office or customer premises, which cross connects the user cable media to individual user line circuits and may serve as a distribution point for multipair cables from the main distribution frame (MDF) or combined distribution frame (CDF) to individual cables connected to equipment in areas remote from these frames. |
|
|
Term
|
Definition
Identity Provider
An identity provider (IdP) is a service that stores and manages digital identities. Companies use these services to allow their employees or users to connect with the resources they need. They provide a way to manage access, adding or removing privileges, while security remains tight. |
|
|
Term
|
Definition
Intrusion Detection System
An Intrusion Detection System (IDS) is a monitoring system that detects suspicious activities and generates alerts when they are detected. Based upon these alerts, a security operations center (SOC) analyst or incident responder can investigate the issue and take the appropriate actions to remediate the threat. |
|
|
Term
|
Definition
Institute of Electrical and Electronic Engineers
Institute of Electrical and Electronics Engineers (IEEE) promotes the development of electro technology and related sciences, the application of those technologies for the benefit of humanity, the advancement of the profession, and the well-being of its members. |
|
|
Term
|
Definition
Internet Key Exchange
Internet Key Exchange (IKE) is a secure key management protocol that is used to set up a secure, authenticated communications channel between two devices. |
|
|
Term
|
Definition
Instant Messaging
Instant messaging (IM) technology is a type of online chat allowing real-time text transmission over the Internet or another computer network. |
|
|
Term
|
Definition
Internet Message Access Protocol v4
IMAP4 stands for Internet Mail Access Protocol version 4, is an Internet standard protocol for storing and retrieving messages from Simple Mail Transfer Protocol (SMTP) hosts. Internet Mail Access Protocol version 4 (IMAP4) provides functions similar to Post Office Protocol version 3 (POP3), with additional features. |
|
|
Term
|
Definition
Indicators of Compromise
Indicators of compromise (IOCs) refer to data that indicates a system may have been infiltrated by a cyber threat. They provide cybersecurity teams with crucial knowledge after a data breach or another breach in security. |
|
|
Term
|
Definition
Internet of Things
The Internet of things (IoT) describes physical objects (or groups of such objects) with sensors, processing ability, software and other technologies that connect and exchange data with other devices and systems over the Internet or other communications networks. Internet of things has been considered a misnomer because devices do not need to be connected to the public internet, they only need to be connected to a network, and be individually addressable. |
|
|
Term
|
Definition
Internet Protocol
The Internet Protocol (IP) is the network layer communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. |
|
|
Term
|
Definition
Intrusion Prevention System
An intrusion prevention system (IPS) is a network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur. |
|
|
Term
|
Definition
Internet Protocol Security
Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs). |
|
|
Term
|
Definition
Incident Response
The goal of incident response is to enable an organization to quickly detect and halt attacks, minimizing damage and preventing future attacks of the same type. This is part of an extensive series of guides about data security. |
|
|
Term
|
Definition
Internet Relay Chat
Internet Relay Chat (IRC) is a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called channels, but also allows one-on-one communication via private messages as well as chat and data transfer, including file sharing. |
|
|
Term
|
Definition
Incident Response Plan
An Incident Response Plan is a written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident. |
|
|
Term
|
Definition
Interconnection Security Agreement
An ISA captures the technical and security requirements to establish and maintain the interconnection between any two or more systems. |
|
|
Term
|
Definition
Internal Segmentation Firewall
The Internal Segmentation Firewall (ISFW) is designed to protect network segments from malicious code that makes its way to the internal network. |
|
|
Term
|
Definition
International Organization for Standardization
ISO is a nongovernmental organization that comprises standards bodies from more than 160 countries, with one standards body representing each member country. |
|
|
Term
|
Definition
Internet Service Provider
An Internet service provider (ISP) is an organization that provides services for accessing, using, managing, or participating in the Internet. |
|
|
Term
|
Definition
Information Systems Security Officer
Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program. |
|
|
Term
|
Definition
IT Contingency Plan
IT contingency planning refers to the plans, policies, procedures and technical measures that enable the recovery of IT operations after an unexpected incident. A disruptive event could include a major natural disaster such as a flood, or something smaller, such as malfunctioning software caused by a computer virus. |
|
|
Term
|
Definition
Initialization Vector
An initialization vector (IV) is an arbitrary number that can be used with a secret key for data encryption to foil cyber attacks. This number, also called a nonce (number used once), is employed only one time in any session to prevent unauthorized decryption of the message by a suspicious or malicious actor. |
|
|
Term
|
Definition
Key Distribution Center
A key distribution center (KDC) in cryptography is a system that is responsible for providing keys to the users in a network that shares sensitive or private data. Each time a connection is established between two computers in a network, they both request the KDC to generate a unique password which can be used by the end system users for verification. |
|
|
Term
|
Definition
Key Encryption Key
A key encryption key (KEK) is a cryptographic key that is used for encrypting other cryptographic keys. |
|
|
Term
|
Definition
Layer 2 Tunneling Protocol
Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used by internet service providers (ISPs) to enable virtual private networks (VPNs). To ensure security and privacy, L2TP must rely on an encryption protocol to pass within the tunnel. |
|
|
Term
|
Definition
Local Area Network
A local area network (LAN) is a collection of devices connected together in one physical location, such as a building, office, or home. |
|
|
Term
|
Definition
Lightweight Directory Access Protocol
LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network -- whether on the public internet or a corporate intranet. |
|
|
Term
|
Definition
Lightweight Extensible Authentication Protocol
Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server). |
|
|
Term
|
Definition
Monitoring as a Service
It is a framework that facilitates the deployment of monitoring functionalities for various other services and applications within the cloud. |
|
|
Term
|
Definition
Media Access Control
A media access control is a network data transfer policy that determines how data is transmitted between two computer terminals through a network cable. The media access control policy involves sub-layers of the data link layer 2 in the OSI reference model. |
|
|
Term
|
Definition
Mobile Application Management
Mobile application management (MAM) is software that secures and enables IT control over enterprise applications on end users' corporate and personal devices. |
|
|
Term
|
Definition
Metropolitan Area Network
A metropolitan area network (MAN) is a computer network that connects computers within a metropolitan area, which could be a single large city, multiple cities and towns, or any given large area with multiple buildings. A MAN is larger than a local area network (LAN) but smaller than a wide area network (WAN). |
|
|
Term
|
Definition
Master Boot Record
The Master Boot Record (MBR) is the information in the first sector of a hard disk or a removable drive. It identifies how and where the system's operating system (OS) is located in order to be booted (loaded) into the computer's main storage or random access memory (RAM). |
|
|
Term
|
Definition
Message Digest 5
What is the MD5 Algorithm? MD5 (Message Digest Method 5) is a cryptographic hash algorithm used to generate a 128-bit digest from a string of any length. It represents the digests as 32 digit hexadecimal numbers. Ronald Rivest designed this algorithm in 1991 to provide the means for digital signature verification. |
|
|
Term
|
Definition
Main Distribution Frame
A main distribution frame (MDF) is the primary hub or demarcation point that interconnects private or public IT and telecommunication lines coming into a building to an internal network via any number of intermediate distribution frames (IDFs). |
|
|
Term
|
Definition
Mobile Device Management
Mobile Device Management is any software that allows IT to automate, control, and secure administrative policies on laptops, smartphones, tablets, or any other device connected to an organization's network. |
|
|
Term
|
Definition
Multi-Factor Authentication
Multi-factor authentication (MFA) is a multi-step account login process that requires users to enter more information than just a password. For example, along with the password, users might be asked to enter a code sent to their email, answer a secret question, or scan a fingerprint. |
|
|
Term
|
Definition
Multi Function Device
Multifunctional devices (MFDs) combine the capabilities of photocopiers, printers, scanners and also faxes in one convenient unit and act as the hub for all of your document processing needs. |
|
|
Term
|
Definition
Multi Function Printer
A multifunction printer (MFP) is a device that consolidates the functionality of a printer, copier, scanner and/or fax into one machine. Multifunction printers are a common choice for budget-minded businesses that want to consolidate assets, reduce costs and improve workflow. |
|
|
Term
|
Definition
Machine Learning
Machine learning is a branch of artificial intelligence (AI) and computer science which focuses on the use of data and algorithms to imitate the way that humans learn, gradually improving its accuracy. |
|
|
Term
|
Definition
Multimedia Message Service
Multimedia Messaging Service (MMS) is a standard way to send messages that include multimedia content to and from a mobile phone over a cellular network. |
|
|
Term
|
Definition
Memorandum of Agreement
Memorandum of Agreement (MOA): An MOA is a document written between parties to cooperatively work together on an agreed upon project or meet an agreed upon objective. The purpose of an MOA is to have a written formal understanding of the agreement between parties. |
|
|
Term
|
Definition
Memorandum of Understanding
A memorandum of understanding, or MOU, is a nonbinding agreement that states each party’s intentions to take action, conduct a business transaction, or form a new partnership. This type of agreement may also be referred to as a letter of intent (LOI) or memorandum of agreement (MOA). Under U.S. law, all three are effectively interchangeable. |
|
|
Term
|
Definition
Multi Protocol Label Switching
Multiprotocol Label Switching (MPLS) is a routing technique in telecommunications networks that directs data from one node to the next based on labels rather than network addresses. Whereas network addresses identify endpoints the labels identify established paths between endpoints. MPLS can encapsulate packets of various network protocols, hence the multiprotocol component of the name. MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL. |
|
|
Term
|
Definition
Measurement Systems Analysis
MSA is defined as an experimental and mathematical method of determining the amount of variation that exists within a measurement process. |
|
|
Term
|
Definition
Microsoft Challenge-Handshake Authentication Protocol
CHAP (Challenge-Handshake Authentication Protocol) is a challenge and response authentication method that Point-to-Point Protocol (PPP) servers use to verify the identity of a remote user. CHAP authentication begins after the remote user initiates a PPP link. |
|
|
Term
|
Definition
Managed Service Provider
A managed service provider (MSP) delivers services, such as network, application, infrastructure and security, via ongoing and regular support and active administration on customers' premises, in their MSP's data center (hosting), or in a third-party data center. |
|
|
Term
|
Definition
Managed Security Service Provider
A managed security service provider (MSSP) offers network security services to an organization. As a third party, an MSSP can alleviate the strain on IT teams, as well as free up crucial time the organization needs to support and expand operations. |
|
|
Term
|
Definition
Mean Time Between Failures
Mean time between failures (MTBF) is the predicted elapsed time between inherent failures of a mechanical or electronic system during normal system operation. MTBF can be calculated as the arithmetic mean (average) time between failures of a system. The term is used for repairable systems while mean time to failure (MTTF) denotes the expected time to failure for a non-repairable system. |
|
|
Term
|
Definition
Mean Time To Failure
Mean time to failure (MTTF) is a maintenance metric that measures the average amount of time a non-repairable asset operates before it fails. Because MTTF is relevant only for assets and equipment that cannot or should not be repaired, MTTF can also be thought of as the average lifespan of an asset.
MTTF = Total Hours of Operation ÷ Total Number of Assets in Use. |
|
|
Term
|
Definition
Mean Time To Repair
MTTR (mean time to repair) is the average time it takes to repair a system (usually technical or mechanical). It includes both the repair time and any testing time. The clock doesn't stop on this metric until the system is fully functional again. |
|
|
Term
|
Definition
Maximum Transmission Unit
MTU is the largest packet or frame size, specified in octets (eight-bit bytes) that can be sent in a packet- or frame-based network. The internet's transmission control protocol (TCP) uses the MTU to determine the maximum size of each packet in any transmission. |
|
|
Term
|
Definition
Network Access Control
Network access control (NAC), also known as network admission control, is the process of restricting unauthorized users and devices from gaining access to a corporate or private network. |
|
|
Term
|
Definition
Network Attached Storage
Network-attached storage (NAS) is a file-level (as opposed to block-level storage) computer data storage server connected to a computer network providing data access to a heterogeneous group of clients. The term "NAS" can refer to both the technology and systems involved, or a specialized device built for such functionality (as unlike tangentially related technologies such as local area networks, a NAS device is often a singular unit). |
|
|
Term
|
Definition
Network Address Translation
A Network Address Translation (NAT) is the process of mapping an internet protocol (IP) address to another by changing the header of IP packets while in transit via a router. This helps to improve security and decrease the number of IP addresses an organization needs. |
|
|
Term
|
Definition
Non Disclosure Agreement
NDAs, or non-disclosure agreements, are legally enforceable contracts that create a confidential relationship between a person who has sensitive information and a person who will gain access to that information. A confidential relationship means one or both parties has a duty not to share that information. |
|
|
Term
|
Definition
Near Field Communication
Near Field Communication (NFC) is a set of short-range wireless technologies, typically requiring a distance of 4cm or less to initiate a connection. NFC allows you to share small payloads of data between an NFC tag and an Android-powered device, or between two Android-powered devices. Tags can range in complexity. |
|
|
Term
|
Definition
Network Function Virtualization
Network functions virtualization (NFV) is the replacement of network appliance hardware with virtual machines. The virtual machines use a hypervisor to run networking software and processes such as routing and load balancing. |
|
|
Term
|
Definition
Next Generation Firewall
A next-generation firewall (NGFW) is a network security device that provides capabilities beyond a traditional, stateful firewall. While a traditional firewall typically provides stateful inspection of incoming and outgoing network traffic, a next-generation firewall includes additional features like application awareness and control, integrated intrusion prevention, and cloud-delivered threat intelligence. |
|
|
Term
|
Definition
Next Generation Secure Web Gateway
A Next Generation Secure Web Gateway (SWG) is a new cloud-native solution for protecting enterprises from the growing volume of sophisticated cloud enabled threats and data risks. It is the logical evolution of the traditional secure web gateway, also known as a web proxy or web filter. |
|
|
Term
|
Definition
Network Interface Card
A network interface controller (NIC, also known as a network interface card, network adapter, LAN adapter or physical network interface, and by similar terms) is a computer hardware component that connects a computer to a computer network. |
|
|
Term
|
Definition
Network based Intrusion Detection System
A network-based intrusion detection system (NIDS) detects malicious traffic on a network. NIDS usually require promiscuous network access in order to analyze all traffic, including all unicast traffic. |
|
|
Term
|
Definition
Network based Intrusion Prevention System
An intrusion prevention system (IPS) is a network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur. |
|
|
Term
|
Definition
National Institute of Standards & Technology
The National Institute of Standards and Technology is a non-regulatory government agency that develops technology, metrics, and standards to drive innovation and economic competitiveness at U.S.-based organizations in the science and technology industry. |
|
|
Term
|
Definition
Network Operations Center
A network operations center (NOC) is a centralized location where computer, telecommunications or satellite networks systems are monitored and managed 24-7. It is the first line of defense against network disruptions and failures. |
|
|
Term
|
Definition
New Technology File System
The New Technology File System (NTFS) is the standard file structure for the Windows NT operating system. It is used for retrieving and storing files on the hard disk. |
|
|
Term
|
Definition
New Technology LAN Manager
Windows New Technology LAN Manager (NTLM) is a suite of security protocols offered by Microsoft to authenticate users' identity and protect the integrity and confidentiality of their activity. |
|
|
Term
|
Definition
Network Time Protocol
The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of Delaware. |
|
|
Term
|
Definition
Online Certificate Status Protocol
The Online Certificate Status Protocol (OCSP) is an alternative to the certificate revocation list (CRL) and is used to check whether a digital certificate is valid or if it has been revoked. |
|
|
Term
|
Definition
Object Identifier
An object identifier (OID) is a string, of decimal numbers, that uniquely identifies an object. These objects are typically an object class or an attribute. If you do not have an OID, you can specify the object class or attribute name appended with -oid. |
|
|
Term
|
Definition
Operating System
An operating system (OS) is the program that, after being initially loaded into the computer by a boot program, manages all of the other application programs in a computer. The application programs make use of the operating system by making requests for services through a defined application program interface (API). |
|
|
Term
|
Definition
Open Systems Interconnection
The open systems interconnection (OSI) model is a conceptual model created by the International Organization for Standardization which enables diverse communication systems to communicate using standard protocols. |
|
|
Term
|
Definition
Open Source Intelligence
Open-Source Intelligence (OSINT) is defined as intelligence produced by collecting, evaluating and analyzing publicly available information with the purpose of answering a specific intelligence question. |
|
|
Term
|
Definition
Open Shortest Path First
Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system (AS). |
|
|
Term
|
Definition
Operational Technology
Programmable systems or devices that interact with the physical environment (or manage devices that interact with the physical environment). These systems/devices detect or cause a direct change through the monitoring and/or control of devices, processes, and events. |
|
|
Term
|
Definition
Over The Air
An over-the-air (OTA) update, also known as over-the-air programming, is an update to an embedded system that is delivered through a wireless network. |
|
|
Term
|
Definition
On The Go
USB On-The-Go (USB OTG or just OTG) is a specification first used in late 2001 that allows USB devices, such as tablets or smartphones, to also act as a host, allowing other USB devices, such as USB flash drives, digital cameras, mouse or keyboards, to be attached to them. Use of USB OTG allows those devices to switch back and forth between the roles of host and device. A mobile phone may read from removable media as the host device, but present itself as a USB Mass Storage Device when connected to a host computer. |
|
|
Term
|
Definition
Open Vulnerability and Assessment Language
Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community. |
|
|
Term
|
Definition
Open Web Application Security Project
The Open Web Application Security Project (OWASP) is a nonprofit foundation that provides guidance on how to develop, purchase and maintain trustworthy and secure software applications. OWASP is noted for its popular Top 10 list of web application security vulnerabilities. |
|
|
Term
|
Definition
PKCS #12
PKCS#12 (P12) files define an archive file format for storing cryptographic objects as a single file. API Connect supports the P12 file format for uploading a keystore and truststore. The keystore should contain both a private and public key along with intermediate CA certificates. |
|
|
Term
|
Definition
Peer to Peer
Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network. They are said to form a peer-to-peer network of nodes. |
|
|
Term
|
Definition
Platform as a Service
Platform as a service (PaaS) is a cloud computing model where a third-party provider delivers hardware and software tools to users over the internet. Usually, these tools are needed for application development. A PaaS provider hosts the hardware and software on its own infrastructure. |
|
|
Term
|
Definition
Proxy Auto Configuration
Network Proxy Configuration settings permit the device to use a proxy server for access to websites. |
|
|
Term
|
Definition
Privileged Access Management
Privileged access management (PAM) is an identity security solution that helps protect organizations against cyberthreats by monitoring, detecting, and preventing unauthorized privileged access to critical resources. |
|
|
Term
|
Definition
Password Authentication Protocol
The Password Authentication Protocol (PAP) provides a simple method for the peer to establish its identity using a two-way handshake. After the link is established, an ID and password pair is repeatedly sent by the peer to the authenticator until authentication is acknowledged or the connection is terminated. |
|
|
Term
|
Definition
Port Address Translation
Port Address Translation (PAT) is an extension of Network Address Translation (NAT) that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses. |
|
|
Term
|
Definition
Password Based Key Derivation Function 2
PBKDF2 (Password Based Key Derivation Function 2) is typically used for deriving a cryptographic key from a password. It may also be used for key storage, but an alternate key storage KDF such as Scrypt is generally considered a better solution. |
|
|
Term
|
Definition
Private Branch Exchange
A PBX is a telephone exchange or switching system that serves a private organization and permits sharing of central office trunks between internally installed telephones, and provides intercommunication between those internal telephones within the organization without the use of external lines. |
|
|
Term
|
Definition
Packet Capture
Packet capture is a method network and VoIP technicians use to view the packets of data sent by one or more machines. The data can then be inspected for troubleshooting purposes. |
|
|
Term
|
Definition
Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. |
|
|
Term
|
Definition
Power Distribution Unit
A power distribution unit (PDU) is a device for controlling electrical power in a data center. The most basic PDUs are large power strips without surge protection. They are designed to provide standard electrical outlets for data center equipment and have no monitoring or remote access capabilities. |
|
|
Term
|
Definition
Portable Executable
The Portable Executable format is the standard file format for executables, object code and Dynamic Link Libraries (DLLs) used in 32- and 64-bit versions of Windows operating systems. |
|
|
Term
|
Definition
Protected Extensible Authentication Protocol
PEAP (Protected Extensible Authentication Protocol) provides a method to transport securely authentication data, including legacy password-based protocols, via 802.11 Wi-Fi networks. PEAP accomplishes this by using tunneling between PEAP clients and an authentication server. |
|
|
Term
|
Definition
Portable Electronic Device
These devices are typically consumer electronic devices, capable of communications, data processing and/or computing. Examples are laptop computers, tablets, e-readers, smartphones, MP3 players, drones and electronic toys. |
|
|
Term
|
Definition
Privacy Enhanced Mail
Privacy-enhanced mail (PEM) is defined in a sequence of RfCs (Request for Comments) specifying methods and formats for securing the authenticity and confidentiality of emails. The term “privacy-enhanced mail” is also used as a synonym for secure email in general. |
|
|
Term
|
Definition
Perfect Forward Security
Perfect Forward Secrecy (PFS), also called forward secrecy (FS), refers to an encryption system that changes the keys used to encrypt and decrypt information frequently and automatically. This ongoing process ensures that even if the most recent key is hacked, a minimal amount of sensitive data is exposed. |
|
|
Term
|
Definition
Pretty Good Privacy
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991. |
|
|
Term
|
Definition
Personal Health Information
Protected health information (PHI), also referred to as personal health information, is the demographic information, medical histories, test and laboratory results, mental health conditions, insurance information and other data that a healthcare professional collects to identify an individual and determine appropriate treatment and medications. |
|
|
Term
|
Definition
Personally Identifiable Information
Personally identifiable information (PII) includes information that can be used to distinguish or trace an individual's identity either directly or indirectly through linkages with other information. |
|
|
Term
|
Definition
Personal Identification Number
A numeric secret that a cardholder memorizes and uses as part of authenticating their identity. A secret that a claimant memorizes and uses to authenticate his or her identity. |
|
|
Term
|
Definition
Personal Identity Verification
A PIV credential is a U.S. federal government-wide credential used to access federally controlled facilities and information systems at the appropriate security level.
PIV credentials have certificates and key pairs, pin numbers, biometrics like fingerprints and pictures, and other unique identifiers. When these items are put together in a PIV credential, the credential provides the capability to implement multifactor authentication for networks, applications, and buildings. |
|
|
Term
|
Definition
Public Key Cryptography Standards
Public key cryptography standards are a set of protocols that facilitate the use of public key infrastructure in data exchange. Public key cryptography standards (PKCS) are defined as a set of protocols that provide structure to the various aspects of using public key infrastructure to exchange information. |
|
|
Term
|
Definition
Public Key Infrastructure
The Public key infrastructure (PKI) is the set of hardware, software, policies, processes, and procedures required to create, manage, distribute, use, store, and revoke digital certificates and public-keys. |
|
|
Term
|
Definition
Proof of Concept
A proof of concept (POC) is a demonstration of a product in which work is focused on determining whether an idea can be turned into a reality. |
|
|
Term
|
Definition
Post Office Protocol
The Post Office Protocol (POP3) is an Internet standard protocol used by local email software clients to retrieve emails from a remote mail server over a TCP/IP connection. |
|
|
Term
|
Definition
Plain Old Telephone Service
Plain Old Telephone Service (POTS) refers to the traditional, analog voice transmission phone system implemented over physical copper wires (twisted pair). |
|
|
Term
|
Definition
Point to Point Protocol
Point-to-Point Protocol (PPP) is a TCP/IP protocol that is used to connect one computer system to another. Computers use PPP to communicate over the telephone network or the Internet. A PPP connection exists when two systems physically connect through a telephone line. You can use PPP to connect one system to another. |
|
|
Term
|
Definition
Point to Point Tunneling Protocol
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks. |
|
|
Term
|
Definition
Pre Shared key
In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. |
|
|
Term
|
Definition
Pan Tilt Zoom
PTZ is an abbreviation that stands for pan-tilt-zoom. The term "pan" refers to the horizontal movement of the lens, "tilt" refers to the vertical movement of the lens, and "zoom" refers to the adjustment of the focal length of the lens.
PTZ cameras Honey Optics
A Modern PTZ camera
PTZ cameras are robotic devices that are made up of mechanical pieces that enable them to pan from left to right, tilt up and down, and zoom in and out of the picture. PTZ cameras may also zoom in and out of the image. They are often positioned at guard posts where active employees may manage them using a remote camera controller. |
|
|
Term
|
Definition
Potentially Unwanted Program
A potentially unwanted program (PUP) is a program that may be unwanted, despite the possibility that users consented to download it. PUPs include spyware, adware and dialers, and are often downloaded in conjunction with a program that the user wants. |
|
|
Term
|
Definition
Quality Assurance
Quality assurance (QA) is any systematic process of determining whether a product or service meets specified requirements. |
|
|
Term
|
Definition
Quality of Service
Quality of service (QoS) is the use of mechanisms or technologies that work on a network to control traffic and ensure the performance of critical applications with limited network capacity. It enables organizations to adjust their overall network traffic by prioritizing specific high-performance applications. |
|
|
Term
|
Definition
Registration Authority
An entity authorized by the certification authority system (CAS) to collect, verify, and submit information provided by potential Subscribers which is to be entered into public key certificates. |
|
|
Term
|
Definition
Rapid Application Development
Rapid application development is an agile software development approach that focuses more on ongoing software projects and user feedback and less on following a strict plan. As such, it emphasizes rapid prototyping over costly planning. |
|
|
Term
|
Definition
Remote Authentication Dial-In User Service
Remote authentication allows users to authenticate to the system using credentials stored on an external authentication service. When you configure remote authentication, you do not need to configure users on the system or assign additional passwords. |
|
|
Term
|
Definition
Redundant Array of Inexpensive Disks
A redundant array of independent disks (RAID) is a common system for high-volume data storage at the server level. RAID systems use many small-capacity disk drives to store large amounts of data and to provide increased reliability and redundancy. Such an array appears to the computer as a single logical unit consisting of multiple disk drives. |
|
|
Term
|
Definition
Random Access Memory
RAM (random access memory) is a computer's short-term memory, where the data that the processor is currently using is stored. |
|
|
Term
|
Definition
Remote Access Server
A remote access server (RAS) is a type of server that provides a suite of services to remotely connected users over a network or the Internet. It operates as a remote gateway or central server that connects remote users with an organization's internal local area network (LAN). |
|
|
Term
|
Definition
Remote Access Trojan
Remote access trojans (RATs) are malware designed to allow an attacker to remotely control an infected computer. Once the RAT is running on a compromised system, the attacker can send commands to it and receive data back in response. |
|
|
Term
|
Definition
Rivest Cipher version 4
It is a Stream Ciphers. Stream Ciphers operate on a stream of data byte by byte. RC4 stream cipher is one of the most widely used stream ciphers because of its simplicity and speed of operation. It is a variable key-size stream cipher with byte-oriented operations. It uses either 64 bit or 128-bit key sizes. It is generally used in applications such as Secure Socket Layer (SSL), Transport Layer Security (TLS), and also used in IEEE 802.11 wireless LAN std. |
|
|
Term
|
Definition
Rich Communication Services
Rich Communications Services is an advanced messaging feature developed by Google for Android devices that significantly upgrades basic SMS text messaging. It is more commonly thought of as the “chat” function with capabilities that include group chats, video, audio, and images. |
|
|
Term
|
Definition
Radio Frequency Identification
Radio Frequency Identification (RFID) refers to a wireless system comprised of two components: tags and readers. The reader is a device that has one or more antennas that emit radio waves and receive signals back from the RFID tag. |
|
|
Term
|
Definition
RACE Integrity Primitives Evaluation Message Digest
RIPEMD (RACE Integrity Primitives Evaluation Message Digest) is an N-bit message digest algorithm and cryptographic hash function. |
|
|
Term
|
Definition
Return on Investment
Return on investment (ROI) is calculated by dividing the profit earned on an investment by the cost of that investment. For instance, an investment with a profit of $100 and a cost of $100 would have an ROI of 1, or 100% when expressed as a percentage. |
|
|
Term
|
Definition
Recovery Point Objective
Recovery point objective (RPO) is the maximum acceptable amount of data loss after an unplanned data-loss incident, expressed as an amount of time. |
|
|
Term
|
Definition
Rivest, Shamir, & Adleman
RSA encryption, in full Rivest-Shamir-Adleman encryption, type of public-key cryptography widely used for data encryption of e-mail and other digital transactions over the Internet. |
|
|
Term
|
Definition
Remotely Triggered Black Hole
Remotely triggered black hole (RTBH) filtering is a technique that provides the ability to drop undesirable traffic before it enters a protected network. |
|
|
Term
|
Definition
Recovery Time Objective
The overall length of time an information system's components can be in the recovery phase before negatively impacting the organization's mission or mission/business processes. |
|
|
Term
|
Definition
Real Time Operating System
A real-time operating system (RTOS) is an operating system (OS) (often a lightweight OS) that runs multi-threaded applications and can meet real-time deadlines. Most RTOSes include a scheduler, resource management, and device drivers. Note that when we talk about “deadlines,” we do not necessarily mean “fast.” Instead, meeting deadlines indicates a level of determinism, meaning we can figure out when certain tasks will execute prior to runtime. |
|
|
Term
|
Definition
Real-time Transport Protocol
A protocol is designed to handle real-time traffic (like audio and video) of the Internet, is known as Real Time Transport Protocol (RTP). |
|
|
Term
|
Definition
Secure/Multipurpose Internet Mail Extensions
Definition(s): A set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard and describes a protocol for adding cryptographic security services through MIME encapsulation of digitally signed and encrypted objects. |
|
|
Term
|
Definition
Software as a Service
Software-as-a-Service (SaaS), is a cloud based software delivery model that allows end users to access software applications over the internet. |
|
|
Term
|
Definition
Simultaneous Authentication of Equals
n cryptography, Simultaneous Authentication of Equals (SAE) is a password-based authentication and password-authenticated key agreement method. |
|
|
Term
|
Definition
Security Assertions Mockup Language
Security Assertion Markup Language (SAML) is an open federation standard that allows an identity provider (IdP) to authenticate users and then pass an authentication token to another application known as a service provider (SP). |
|
|
Term
|
Definition
Supervisory Control And Data Acquisition
SCADA is a computer-based system for gathering and analyzing real-time data to monitor and control equipment that deals with critical and time-sensitive materials or events. |
|
|
Term
|
Definition
Security Content Authentication Protocol
Security Content Automation Protocol (SCAP) is a security-centric methodology that enables organizations to automate software vulnerability management, measure and evaluate the policy compliance levels based on specific, industry standards, and opt-in for extra security padding, if necessary. SCAP is a collection of community-accepted security standards, hosted in open-source, online repositories. |
|
|
Term
|
Definition
Simple Certificate Enrollment Protocol
Simple Certificate Enrollment Protocol (SCEP) is an open source protocol that is widely used to make digital certificate issuance at large organizations easier, more secure, and scalable. Using this protocol, SCEP servers issue a one-time password (OTP) to the user transmitted out-of-band (OOB). |
|
|
Term
|
Definition
Software Development Kit
An SDK, devkit, or software development kit is a program designed by manufacturers of operating systems, hardware platforms, program languages, software, or applications. It provides developers with a set of tools that help them build apps more efficiently and effectively. |
|
|
Term
|
Definition
Software Development Life Cycle
The Software Development Life Cycle (SDLC) is a structured process that enables the production of high-quality, low-cost software, in the shortest possible production time. The goal of the SDLC is to produce superior software that meets and exceeds all customer expectations and demands. |
|
|
Term
|
Definition
Software Development Lifecycle Methodology
The SDLC process involves several distinct stages, including planning, analysis, design, building, testing, deployment and maintenance. |
|
|
Term
|
Definition
Software Defined Networking
Software-Defined Networking (SDN) is an approach to networking that uses software-based controllers or application programming interfaces (APIs) to communicate with underlying hardware infrastructure and direct traffic on a network. This model differs from that of traditional networks, which use dedicated hardware devices (i.e., routers and switches) to control network traffic. SDN can create and control a virtual network – or control a traditional hardware – via software. |
|
|
Term
|
Definition
Service Delivery Platform
SDP is a foundation for the creation, deployment, provision, control, charging, and management of telecommunication services provided to the end users. |
|
|
Term
|
Definition
Software Defined Visibility
Software-Defined Visibility is to a visibility infrastructure what Software- Defined Networking is to a network infrastructure. SDV combines the pervasive reach of visibility with an automation framework. |
|
|
Term
|
Definition
Self Encrypting Drives
Self-encrypting drives (SEDs) encrypt data as it is written to the disk. Each disk has a disk encryption key (DEK) that is set at the factory and stored on the disk. The disk uses the DEK to encrypt data as it writes, and then to decrypt the data as it is read from disk. |
|
|
Term
|
Definition
Structured Exception Handling
SEH can be described as a generalized error handling mechanism supported by the Windows OS. It is an Operating System feature and not tied to any programming language. It forms part of the Windows Application Binary Interface (ABI) so it’s a contract between an application and the Windows OS. |
|
|
Term
|
Definition
SSH File Transfer Protocol
Designed by the Internet Engineering Task Force as an extension of Secure Shell (SSH), SFTP enables access, transfer and management of files over a network. |
|
|
Term
|
Definition
Secure Hashing Algorithm
SHA is a modified version of MD5 and used for hashing data and certificates. A hashing algorithm shortens the input data into a smaller form that cannot be understood by using bitwise operations, modular additions, and compression functions. |
|
|
Term
|
Definition
Security Information and Event Management
Security information and event management (SIEM) offers real-time monitoring and analysis of events as well as tracking and logging of security data for compliance or auditing purposes. Put simply, SIEM is a security solution that helps organizations recognize potential security threats and vulnerabilities before they have a chance to disrupt business operations. |
|
|
Term
|
Definition
Subscriber Identity Module
A SIM card (full form: Subscriber Identity Module or Subscriber Identification Module) is an integrated circuit (IC) intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices (such as mobile phones and laptops). |
|
|
Term
|
Definition
Session Initiation Protocol
The Session Initiation Protocol (SIP) is a signaling protocol used for initiating, maintaining, and terminating communication sessions that include voice, video and messaging applications. SIP is used in Internet telephony, in private IP telephone systems, as well as mobile phone calling over LTE (VoLTE). |
|
|
Term
|
Definition
Service Level Agreement
A service-level agreement (SLA) is a contract between a service provider and its customers that documents what services the provider will furnish and defines the service standards the provider is obligated to meet. |
|
|
Term
|
Definition
Single Loss Expectancy
Single-loss expectancy (SLE) is the monetary value expected from the occurrence of a risk on an asset. It is related to risk management and risk assessment. Where the exposure factor is represented in the impact of the risk over the asset, or percentage of asset lost. |
|
|
Term
|
Definition
Server Message Block
The Server Message Block (SMB) Protocol is a Microsoft Windows protocol that allows users to share files, printers, and serial ports across a network. |
|
|
Term
|
Definition
Secure/Multipurpose Internet Mail Extensions
A set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard and describes a protocol for adding cryptographic security services through MIME encapsulation of digitally signed and encrypted objects. |
|
|
Term
|
Definition
Short Message Service
Short message service (SMS) is a facility developed as part of the GSM standard that enables a mobile device to send, receive and display messages of up to 160 characters in Roman text and variations for non-Roman character sets. Messages received are stored in the network if the subscriber device is inactive and are relayed when it becomes active. SMS has become available increasingly in CDMA networks and in some fixed networks. |
|
|
Term
|
Definition
Code Division Multiple Access
CDMA (Code-Division Multiple Access) refers to any of several protocols used in second-generation (2G) and third-generation (3G) wireless communications. |
|
|
Term
|
Definition
Simple Mail Transfer Protocol
Simple Mail Transfer Protocol (SMTP) is a TCP/IP protocol used in sending and receiving e-mail. It is typically used with POP3 or Internet Message Access Protocol to save messages in a server mailbox and download them periodically from the server for the user. |
|
|
Term
|
Definition
Simple Mail Transfer Protocol Secure
SMTPS (Simple Mail Transfer Protocol Secure) is a method for securing the SMTP using transport layer security. It is intended to provide authentication of the communication partners, as well as data integrity and confidentiality. SMTPS is not a proprietary protocol and not an extension of SMTP. |
|
|
Term
|
Definition
Simple Network Management Protocol
Simple Network Management Protocol (SNMP) is an application-layer protocol for monitoring and managing network devices on a local area network (LAN) or wide area network (WAN). |
|
|
Term
|
Definition
Simple Object Access Protocol
The Simple Object Access Protocol (SOAP) is a way to pass information between applications in an XML format. SOAP messages are transmitted from the sending application to the receiving application, typically over an HTTP session. |
|
|
Term
|
Definition
Security Orchestration, Automation, Response
Security orchestration, automation and response, or SOAR, is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance. |
|
|
Term
|
Definition
System on Chip
A system on a chip or system-on-chip is an integrated circuit that integrates most or all components of a computer or other electronic system. |
|
|
Term
|
Definition
Security Operations Center
Simply put, a security operations center (SOC – pronounced “sock”) is a team of experts that proactively monitor an organization's ability to operate securely. |
|
|
Term
|
Definition
Sender Policy Framework
Sender Policy Framework (SPF) is an email authentication method that helps to identify the mail servers that are allowed to send email for a given domain. By using SPF, ISPs can identify email from spoofers, scammers and phishers as they try to send malicious email from a domain that belongs to a company or brand. |
|
|
Term
|
Definition
Spam Over Instant Messaging
SPIM is a term used to designate unsolicited bulk messages that target Instant Messaging (IM) services. SPIM is perpetuated by bots (short for “robot”, a computer program that runs automatically) that harvest IM screen names off of the Internet and simulate a human user by sending SPAM to the screen names via an IM. The SPIM typically contains a message or link to a Web site that the ‘Spimmer’ (the individual or organization responsible for sending the SPIM) is trying to market. |
|
|
Term
|
Definition
Structured Query Language
Structured query language (SQL) is a programming language for storing and processing information in a relational database. A relational database stores information in tabular form, with rows and columns representing different data attributes and the various relationships between the data values. |
|
|
Term
|
Definition
Structured Query Language injection
SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details. |
|
|
Term
|
Definition
Secure Real-time Transport Protocol
STRP stands for Secure Real-time Transport Protocol. An extension of Real-time Transport Protocol (RTP) that features enhanced security measures. |
|
|
Term
|
Definition
Solid State Drive
A solid-state drive (SSD) is a solid-state storage device that uses integrated circuit assemblies to store data persistently, typically using flash memory, and functioning as secondary storage in the hierarchy of computer storage. |
|
|
Term
|
Definition
Secure Shell
The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. |
|
|
Term
|
Definition
Service Set Identifier
A service set identifier (SSID) is a sequence of characters that uniquely names a Wi-Fi network. An SSID is sometimes referred to as a network name. |
|
|
Term
|
Definition
Secure Sockets Layer
SSL encrypts the link between a web server and a browser which ensures that all data passed between them remain private and free from attack. Transport Layer Security, or TLS, has replaced SSL. |
|
|
Term
|
Definition
Single Sign On
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. |
|
|
Term
|
Definition
Structured Threat Information eXpression
STIX (Structured Threat Information eXpression) is a standardized XML programming language for conveying data about cybersecurity threats in a common language that can be easily understood by humans and security technologies. |
|
|
Term
|
Definition
Shielded Twisted Pair
Shielded twisted pair cabling acts as a conducting shield by covering the four pairs of signal-carrying wires as a means to reduce electromagnetic interference. |
|
|
Term
|
Definition
Secure Web Gateway
A secure web gateway is an on-premise or cloud-delivered network security service. Sitting between users and the Internet, secure web gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible. |
|
|
Term
|
Definition
Terminal Access Controller Access Control System
Terminal access controller access control system (TACACS) is an authentication protocol used for remote communication with any server housed in a UNIX network. TACACS provides an easy method of determining user network access via remote authentication server communication. The TACACS protocol uses port 49 by default. |
|
|
Term
|
Definition
Trusted Automated eXchange of Intelligence Information
Trusted Automated eXchange of Intelligence Information (TAXII) is the format through which threat intelligence data is transmitted. TAXII is a transport protocol that supports transferring STIX (Structured Threat Information eXpression) insights over Hyper Text Transfer Protocol Secure (HTTPS). |
|
|
Term
|
Definition
Ticket Granting Ticket
A Ticket Granting Ticket or Ticket to Get Tickets. are files created by the key distribution center (KDC) portion of the Kerberos authentication protocol. |
|
|
Term
|
Definition
Temporal Key Integrity Protocol
The Temporal Key Integrity Protocol (TKIP) is a security protocol used in wireless networks. TKIP uses a per-packet key to encrypt each data packet, making it more secure than the previous WEP encryption standard. TKIP is now considered obsolete, as it has been replaced by the stronger AES encryption protocol. |
|
|
Term
|
Definition
Transport Layer Security
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. |
|
|
Term
|
Definition
Time-based One Time Password
A Time-Based One-Time Password (TOTP, or OTP) is a string of dynamic digits of code, whose change is based on time. Often, these appear as sic-digit numbers that regenerate every 30 seconds. TOTPs are derived from a secret seed password given at user registration in the form of QR code or in plaintext. |
|
|
Term
|
Definition
Trusted Platform Module
TPM (Trusted Platform Module) is a computer chip (microcontroller) that can securely store artifacts used to authenticate the platform (your PC or laptop). |
|
|
Term
|
Definition
Transaction Signature
A transaction signature refers to the digital information used in cryptocurrency transactions to verify the identity of its participants. |
|
|
Term
|
Definition
Tactics, Techniques, and Procedures
Tactics, Techniques and Procedures (TTPs) is a cybersecurity term used to describe three components in a process used by actors—malicious or benign—to develop threats and plan cyberattacks. Tactics represent the “why” of an ATT&CK technique or sub-technique. |
|
|
Term
|
Definition
User Acceptance Testing
User acceptance testing (UAT), also called application testing or end-user testing, is a phase of software development in which the software is tested in the real world by its intended audience. |
|
|
Term
|
Definition
User Datagram Protocol
User Datagram Protocol (UDP) is a communications protocol for time-sensitive applications like gaming, playing videos, or Domain Name System (DNS) lookups. The User Datagram Protocol (UDP) is simplest Transport Layer communication protocol available of the TCP/IP protocol suite. It involves minimum amount of communication mechanism. UDP is said to be an unreliable transport protocol but it uses IP services which provides best effort delivery mechanism. In UDP, the receiver does not generate an acknowledgement of packet received and in turn, the sender does not wait for any acknowledgement of packet sent. This shortcoming makes this protocol unreliable as well as easier on processing. |
|
|
Term
|
Definition
User and Entity Behavior Analytics
User and entity behavior analytics (UEBA) is a cybersecurity solution that uses algorithms and machine learning to detect anomalies in the behavior of not only the users in a corporate network but also the routers, servers, and endpoints in that network. |
|
|
Term
|
Definition
Unified Extensible Firmware Interface
The Unified Extensible Firmware Interface (UEFI), like BIOS (Basic Input Output System), is a firmware that runs when the computer is booted. It initializes the hardware and loads the operating system into the memory. However, being the more modern solution and overcoming various limitations of BIOS, UEFI is all set to replace the former. |
|
|
Term
|
Definition
Unified Endpoint Management
Unified Endpoint Management (UEM) allows IT to manage, secure, and deploy corporate resources and applications on any device from a single console. Unified endpoint management is a step beyond traditional mobile device management. |
|
|
Term
|
Definition
Uninterruptible Power Supply
Uninterruptible power supplies provide backup power, protecting equipment from damage in the event of grid power failure. An uninterruptible power supply (UPS) is a type of device that powers equipment, nearly instantaneously, in the event of grid power failure, protecting the equipment from damage. |
|
|
Term
|
Definition
Uniform Resource Identifier
A URI or a uniform resource identifier is a string of characters that generally identifies any web resource by using a name, a location, or both. A uniform resource locator (URL) and a uniform resource name (URN) are the two types of a URI. |
|
|
Term
|
Definition
Uniform Resource Locator
Just as buildings and houses have a street address, webpages also have unique addresses to help people locate them. On the Internet, these addresses are called URLs (Uniform Resource Locators). |
|
|
Term
|
Definition
Universal Serial Bus
A Universal Serial Bus (USB) is a common interface that enables communication between devices and a host controller such as a personal computer (PC) or smartphone. It connects peripheral devices such as digital cameras, mice, keyboards, printers, scanners, media devices, external hard drives and flash drives. |
|
|
Term
|
Definition
USB On The Go
(USB On-The-Go) An enhancement to the Universal Serial Bus (USB) that enables portable devices to be cabled directly together (no computer required). OTG devices operate in "dual-role" mode and can be identified as either a host or a peripheral. |
|
|
Term
|
Definition
Unified Threat Management
Unified threat management (UTM) refers to when multiple security features or services are combined into a single device within your network. Using UTM, your network's users are protected with several different features, including antivirus, content filtering, email and web filtering, anti-spam, and more. |
|
|
Term
|
Definition
Unshielded Twisted Pair
Unshielded twisted pair (UTP) cables are widely used in the computer and telecommunications industry as Ethernet cables and telephone wires. In an UTP cable, conductors which form a single circuit are twisted around each other in order to cancel out electromagnetic interference (EMI) from external sources. |
|
|
Term
|
Definition
Visual Basic for Applications
Visual Basic for Applications (VBA) is part of Microsoft Corporation's legacy software Visual Basic. VBA is used to write programs for the Windows operating system and runs as an internal programming language in Microsoft Office (MS Office, Office) applications such as Access, Excel, PowerPoint, Publisher, Word, and Visio. VBA allows users to customize beyond what is normally available with MS Office host applications. |
|
|
Term
|
Definition
Virtual Desktop Environment
A virtual desktop environment is the workstation where users can access their dashboard, data, and files. The virtual desktop environment can be accessed on devices such as computers, smartphones, and tablets. The virtual PCs are managed from a centralized cloud server. |
|
|
Term
|
Definition
Virtual Desktop Infrastructure
Virtual Desktop Infrastructure (VDI) is a cutting-edge technology that utilizes virtual machines to manage and provide virtual desktops. Rather than being confined to a specific physical device, a virtual desktop is a preconfigured image of an operating system and its applications can be accessed from any compatible device. With VDI, desktop environments can be hosted on a centralized server and deployed to end-users on demand. |
|
|
Term
|
Definition
Virtual Local Area Network
A virtual local area network (VLAN) is a virtualized connection that connects multiple devices and network nodes from different LANs into one logical network. |
|
|
Term
|
Definition
Variable Length Subnet Masking
Variable Length Subnet Mask (VLSM) is a subnet -- a segmented piece of a larger network -- design strategy where all subnet masks can have varying sizes. This process of "subnetting subnets" enables network engineers to use multiple masks for different subnets of a single class A, B or C network. |
|
|
Term
|
Definition
Virtual Machine
A virtual machine (VM) is a digital version of a physical computer. Virtual machine software can run programs and operating systems, store data, connect to networks, and do other computing functions, and requires maintenance such as updates and system monitoring. |
|
|
Term
|
Definition
Voice Over Internet Protocol
Voice over Internet Protocol (VoIP) is a technology for communicating using "Internet protocol" instead of traditional analog systems. Some VoIP services need only a regular phone connection, while others allow you to make telephone calls using an Internet connection instead. |
|
|
Term
|
Definition
Virtual Private Cloud
A virtual private cloud (VPC) is a secure, isolated private cloud hosted within a public cloud. VPC customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but the private cloud is hosted remotely by a public cloud provider. |
|
|
Term
|
Definition
Virtual Private Network
A VPN (virtual private network) is a service that creates a safe, encrypted online connection. Internet users may use a VPN to give themselves more privacy and anonymity online or circumvent geographic-based blocking and censorship. |
|
|
Term
|
Definition
Video Teleconferencing
Video teleconferencing: A live, visual connection that uses the internet to transmit crystal-clear audio with full-motion images between various locations. |
|
|
Term
|
Definition
Web Application Firewall
A web application firewall (WAF) protects web applications from a variety of application layer attacks such as cross-site scripting (XSS), SQL injection, and cookie poisoning, among others. |
|
|
Term
|
Definition
Wireless Access Point
An access point is a device that creates a wireless local area network, or WLAN, usually in an office or large building. An access point connects to a wired router, switch, or hub via an Ethernet cable, and projects a WiFi signal to a designated area. |
|
|
Term
|
Definition
Wired Equivalent Privacy
Wired Equivalent Privacy (WEP) used to be the standard form of encryption, but it's no longer secure, because computing power has improved and hackers can now crack it easily. WEP security encrypts with a static key — one of the biggest reasons it's no longer considered secure. |
|
|
Term
|
Definition
Wireless Intrusion Detection System
In computing, a wireless intrusion prevention system (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points (intrusion detection), and can automatically take countermeasures (intrusion prevention). |
|
|
Term
|
Definition
Wireless Intrusion Prevention System
A wireless intrusion prevention system (WIPS) operates at the Layer 2 (data link layer) level of the Open Systems Interconnection model. WIPS can detect the presence of rogue or misconfigured devices and can prevent them from operating on wireless enterprise networks by scanning the network’s RFs for denial of service and other forms of attack. |
|
|
Term
|
Definition
Write Once Read Many
In computer and information technology, a WORM device (write once, read many) is a type of data storage that allows data to be written to a storage medium only one time. Once it is recorded, the data cannot be erased, modified, or re-encrypted. |
|
|
Term
|
Definition
WiFi Protected Access
Wi-Fi Protected Access (WPA) is a security standard for computing devices equipped with wireless internet connections. WPA was developed by the Wi-Fi Alliance to provide more sophisticated data encryption and better user authentication than Wired Equivalent Privacy (WEP), the original Wi-Fi security standard. |
|
|
Term
|
Definition
WiFi Protected Setup
What is Wi-Fi Protected Setup (WPS)? Wi-Fi Protected Setup (WPS) lets you add WiFi devices to your router's secure WiFi network without selecting your network name (SSID) and entering your password on each device. |
|
|
Term
|
Definition
Anything as a Service
“Anything as a service” (XaaS) describes a general category of services related to cloud computing and remote access. It recognizes the vast number of products, tools, and technologies that are now delivered to users as a service over the internet. |
|
|
Term
|
Definition
eXtensible Markup Language
XML stands for Extensible Markup Language. It is a text-based markup language derived from Standard Generalized Markup Language (SGML). XML tags identify the data and are used to store and organize the data, rather than specifying how to display it like HTML tags, which are used to display the data. |
|
|
Term
|
Definition
eXclusive OR
Exclusive or (XOR, EOR or EXOR) is a logical operator which results true when either of the operands are true (one is true and the other one is false) but both are not true and both are not false. In logical condition making, the simple “or” is a bit ambiguous when both operands are true. |
|
|
Term
|
Definition
Cross-Site Request Forgery
Cross site request forgery (CSRF) is a vulnerability where an attacker performs actions while impersonating another user. For example, transferring funds to an attacker's account, changing a victim's email address, or they could even just redirect a pizza to an attacker's address! |
|
|
Term
|
Definition
Cross Site Scripting
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. |
|
|
