Telecommunications

Home » Cyber Security » Cyber Security Glossary of Terms

Cyber Security Glossary of Terms

Start here

Access

The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and resources.

Active-Attack

An actual assault perpetrated by an intentional threat source that attempts to alter the a system, its resources, its data, or its operations.

Blacklist

A list of entities that are blocked or denied privileges or access.

Bot

A computer connected to the Internet that has been secretly compromised with malicious logic to perform activities under the remote command and control of a remote administrator.

Cloud Computing

A model for enabling on-demand network access to a shared pool of configurable computing capabilities or resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Critical Infrastructure

The systems and assets, whether physical or virtual, so vital to society that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters.

Cryptography

The use of mathematical techniques to provide security services, such as confidentiality, data integrity, entity authentication, and data origin authentication.

Cyber Space 

The interdependent network of information technology infrastructures that includes the Internet, telecommunications networks, computer systems, and embedded processors and controllers.

Data Breach 

The unauthorized movement or disclosure of sensitive information to a party, usually outside the organization, that is not authorized to have or see the information.

 

Digital Forensics 

The processes and specialized techniques for gathering, retaining, and analyzing system-related data (digital evidence) for investigative purposes.

 

Enterprise Risk Management 

A comprehensive approach to risk management that engages people, processes, and systems across an organization to improve the quality of decision making for managing risks that may hinder an organization’s ability to achieve its objectives.

 

Information Assurance

The measures that protect and defend information and information systems by ensuring their availability, integrity, and confidentiality.

 

Intrusion Detection 

The process and methods for analyzing information from networks and information systems to determine if a security breach or security violation has occurred.

 

Key 

The numerical value used to control cryptographic operations, such as decryption, encryption, signature generation, or signature verification.

 

Malware 

Software that compromises the operation of a system by performing an unauthorized function or process.

 

Passive Attack

 

An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system but does not attempt to alter the system, its resources, its data, or its operations.

 

Penetration Testing 

An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.

 

Phishing

A digital form of social engineering to deceive individuals into providing sensitive information.

 

Root

A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools.

 

Software Assurance 

 

The level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions in the intended manner.

 

Virus 

 

A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.

 

Whitelist

A list of entities that are considered trustworthy and are granted access or privileges.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: