Glossary of Security Terms
A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z
Access control is a function of security management that ensures only authorized users have access to resources they are entitled to.
Advanced Encryption Standard (AES)
AES is a powerful encryption standard used today in securing confidential information. AES makes use of 128-bit and 256-bit encryption keys which are extremely difficult to break and are therefore considered to be very secure.
An anti-virus program is software that has been designed to detect, isolate (quarantine) and/or remove computer viruses from an infected system. AV software uses virus signatures to recognize malicious code.
The process of validating that a user, computer, service or process is who or what it claims to be. The presentation of a username and password is the most common means of authentication used today.
Authorization is the process where a user is granted access to a particular resource or set of resources. Authorization is given via a set of rights or permissions to a particular resource (e.g. file, folder, printer, etc.)
The final third of the CIA triad, availability ensures that authorized users will have access to a resource as and when they require it.
Biometrics involves using a physical characteristic such as a fingerprint, voiceprint, or retinal pattern, in order to uniquely identify an individual. Biometrics is increasingly becoming a central component of multi-factor authentication.
Also known as Internet bots and web bots, this usually malicious software is used by an attacker to run automated tasks over the Internet. While some types of bots are used for friendly purposes, the majority are used to infect large numbers of computers for various criminal purposes that typically include infecting even more computers and launching coordinated Denial of Service attacks or phishing campaigns. Bot-infected computers are commonly referred to as "zombie computers."
Global networks of bot-infected computers. With a botnet, a malicious individual is able to control tens of thousands of computers. Most uses of botnets today involve criminal activities. Botnets largely owe their success to the vast number of unprotected or inadequately protected computers connected to the Internet.
Brute Force Attack
A method employed by cyptanalysts or hackers that uses an exhaustive procedure to try all possibilities, one by one. This process is used to gain unauthorized access to someone's account. A common objective for this type of attack is password guessing.
Back to Top ^
This acronym stands for Confidentiality, Integrity and Availability. The ultimate goal of computer and network security is to ensure that only authorized users have access to private and confidential information; that any changes to that information are made only by those authorized to do so, and that information is available to those authorized users when required.
The initial third of the CIA triad, confidentiality ensures that only authorized users have access to confidential, private information.
Denial of Service (DoS) Attack
A common type of attack where a network resource such as a server is flooded with spurious requests to the point where it is unable to respond to legitimate requests. Web servers are often the target of such attacks. The end result is that the server "crashes" and is no longer able to serve up the web pages it provides.
Distributed Denial of Service (DDoS) Attacks
A method employed by malicious individuals where DoS attacks are coordinated and launched from multiple sources in order to incapacitate the target server or servers.
A drive-by download attack can take place when a web browser automatically downloads malware from a compromised web site. This malicous software could range from rogue security software such as fake anti-virus programs, to keystroke loggers. The process of downloading and installation takes place without the knowledge or interaction of the victim.
A method of taking information that is readable and making it unreadable. Encryption uses a set of mathematical rules or algorithms to transform clear text into an unreadable format (cipher text). Encryption is an effective way of safeguarding important and confidential information.
A system designed to prevent unauthorized access to a network or computer resource. Firewalls can be hardware, software, or a combination of both. Firewalls monitor the flow of information in or out of a network and either allow or disallow passage of that information based on a set of rules. Firewalls are an important line of defense between private networks and the Internet.
Back to Top ^
In simple terms, identity is who someone is or what something is. For individuals, identity is a set of characteristics and information that uniquely identifies a person. Characteristics can include height, eye color, hair color, and skin color. Information could include name, address, date of birth, or Social Insurance number. In a network setting, identity is associated with an unique user name.
Identity theft occurs when someone uses another person's profile in order to represent themselves as that person. This usually occurs in the context of using another person's identity for fraudulent gain. Identity theft is a growning problem in our digital age. Therefore, it is more important that ever to protect personally identifiable information and prevent it from getting into the wrong hands.
The middle third of the CIA triad, integrity is the assurance that information has not been altered by anyone other than those who have been authorized to do so.
Back to Top ^
Malware (Malicious Software)
Malware is the collective name for any malicious code or program that can be inadvertantly or surrepticiously downloaded and installed. Common malware applications include viruses, worms, Trojan horses, and logic bombs. Sources of malware include email attachments, Instant Messaging, infected documents, certain applications downloaded from the Internet, and external media such as USB flash drives.
By themselves, passwords often do not provide a strong level of security. Multi-factor authentication adds extra requirements in order to provide secure access. Multi-factor authentication combines something you know (i.e. a password or PIN) with something you have (i.e. a token or smartcard) and/or something you are (i.e. a fingerprint or voiceprint).
A patch is a segment of code which vendors develop in order to fix a bug or vulnerability that has been discovered in a software program. An example of patching for Windows users is the Automatic Update feature which downloads and installs the latest security patches for Windows and internet Explorer. It is a good practice to ensure that patching is kept up to date.
Personally Identifiable Information (PII)
PII, or personally identifiable information, is information that uniquely identifies an individual. Such information can include, but is not limited to, full name, date of birth, address, Social Insurance number, credit card numbers, banking information, etc. Because identity theft is rampant in this day and age, it is extremely important to protect this type of information and prevent it from getting into the hands of malicious individuals.
A common exploit where malicious individuals use email, or more recently, compromised web sites, to misrrepresent themselves as legitimate sources to gain confidential, personally identifiable information such as credit card numbers, bank account details, etc.. Phishing relies on social engineering and, to a large extent, the gullibility of the recipient to reveal PII or to follow links that direct them to malicious web sites.
A means of gaining confidential information, or unauthorized access, by tricking or conning an individual. Social engineering is both an art and a science that malicious people employ to gain the confidence of an unsuspecting person in order to get them to reveal details such names, phone numbers, account names and passwords.
A type of malware that is concealed in otherwise seemingly desireable and/or harmless software. Trojan viruses often contain code that allows control of a computer by someone other than the computer's owner, usually for criminal related activities.
Back to Top ^
A virus is a segment of malicious code that, when downloaded, adversely affects computer systems. Once embedded in a system, the virus code is executed as per its programming. There are many different types and classes of viruses. Viruses are commonly downloaded via email and instant messaging programs. In most cases, the victim is totally unaware that they have been infected until it is too late. This is why having a good anti-virus program installed and kept up to date is so important.
A virus signature is the binary pattern or code string that uniquely identifies a particular virus. AV programs use virus signatures in order to detect the presence of known viruses.
A vulnerability is a weakness or gap in a program or system that can be exploited by malicious individuals in order to gain unauthorized access and/or to compromise computer, network, and information resources.
A mailcious segment of code that infects a computer much like a virus does. In many ways, worms are much more sophisticated than viruses and are able to replicate themselves from one system in order to infect many other systems.
Zero Day Attacks
A measurement called "latency" is the length of time between when a vulnerability is discovered and when an exploit for that vulnerability is created and distributed. In a "zero day" attack, there is no latency. In other words, a vulnerabiltiy is exploited within mere hours of its discovery.
A computer that has been compromised by a bot for the purpose of conducting automated (usually malicious) activities via the Internet.
Back to Top ^
|More URL Tips
Here are a couple of things to watch out for concerning URLs. . .
After navigating to a website, check and confirm that the URL displayed in your browser’s address bar matches the intended destination.
For example, if you were visiting the website of security vendor Sophos, the displayed address should read www.sophos.com.
If you see something else like www.sophos.badurl.com, you can be sure that you have been re-directed to some other site.
Never click on a link inside an email message.
If you believe that the link is valid, manually type the URL into the address bar of your browser.
Again, check the displayed address a second time to ensure that you have been directed to the intended site.