GLOSSARY
- Application Layer
- Architecture
- Asset
- Asymmetric Key (Public Key)
- Attack
- Attack Vector
- Attack Mechanism
- Authentication
- Authenticity
- Availability
- Acceptable UsePolicy
- Access Control List (ACL)
- Access Point
- Access Profile
- Access Rights
- Access Type
- Account Management (user)
- Accountability
- Active Security Testing
- Ad Hoc Network
- Administrative Safeguards
- Advanced Encryption Standard (AES)
- Advanced Penetration Testing
- Advanced Persistent Threat (APT)
- Adversary
- Adware
- Alert Situation
- Anti-Malware
- Anti-Virus Software
- App Attack
- Criticality Analysis
- Cross-Site Scripting (XSS)
- Cryptography
- Cryptosystem
- Cyber Espionage
- Cyber Security
- Cyber Security Architecture
- Cyberwarfare
- Cleartext
- Cloud Computing
- Cold Site
- Collision
- Common Access Card (CAC)
- Common Attack Pattern Enumeration and Classification (CAPEC)
- Compartmentalization
- Compliance
- Compliance Documents
- Computer Emergency Response Team (CERT)
- Computer Forensics
- Confidentiality
- Configuration Management
- Consumerization
- Containment
- Content Filtering
- Control
- Countermeasure
- Critical Infrastructure
- Criticality
- Certificate Authority (CA)
- Certificate Management
- Certification Revocation List
- Chain of Custody
- Chain of Evidence
- Challenge Response Protocol
- Checksum
- Chief Information Security Officer
- Chief Security Officer
- Cipher
- Cipher Text
- Decryption Key
- Defense-in-Depth
- Demilitarized Zone
- Denial of Service Attack
- Digital Certificate
- Digital Evidence
- Digital Forensics
- Digital Signature
- Disaster
- Disaster Recovery Plan
- Discretionary Access Control
- Disk Imaging
- Disruption
- Distributed Denial of Service (DDoS)
- Domain Name System
- Domain Name Systems (DNS) Exfiltration
- Due Diligence
- Dynamic Ports
- Data Asset
- Data Classification
- Data Custodian
- Data Element
- Data Encryption Standard
- Data Flow Control
- Data Leakage
- Data Owner
- Data Retention
- Database
- Decentralization
- Decryption
- Enterprise Architecture
- Eradication
- Event
- Evidence
- Exploit
- Exploit Code
- Exploitable Channel
- External Network
- External Security Testing
- E-Commerce
- E-Government
- Egress
- Egress Filtering
- Electronic Key Management System
- Electronic Key Entry
- Electronically Generated Key
- Elliptical Curve Cryptography (ECC)
- Embedded Cryptographic System
- Embedded Cryptography
- Encapsulation Security Payload
- Encipher
- Encryption
- Encryption Algorithm
- Encryption Certificate
- Encryption Key
- End Cryptographic Unit
- End-to-End Encryption
- Enterprise
- Enterprise Risk Management
- Easter Egg
- Eavesdropping
- Firewall Control Proxy
- Firmware
- Flooding
- Focused Testing
- Forensic Copy
- Forensic Examination
- Forensic Specialist
- Forensically Clean
- Forensics
- Freeware
- Full Disk Encryption (FDE)
- Fail Safe
- Fail Soft
- Failover
- False Positive
- Federal Public Key Infrastructure Policy Authority (FPKI PA)
- File Encryption
- File Name Anomaly
- File Protection
- File Security
- File Transfer Protocol (FTP)
- Firewall
- HoneyClient
- Honeymonkey
- Honeypot
- Hops
- Host
- Host-Based Intrusion Detection System (HIDS)
- Hot Site
- HTTP Proxy
- HTTPS
- Hybrid Attack
- Hybrid Encryption
- Hybrid Security Control
- Hypertext Transfer Protocol (HTTP)
- Hacker
- Handshaking Procedures
- Hard Copy Key
- Hardening
- Hardware
- Hardwired Key
- Hash Function
- Hash Functions
- Hash Total
- Hash Value
- Hash-based Message Authentication Code (HMAC)
- Hashing
- Header
- High Assurance Guard (HAG)
- High Availability
- High Impact
- High Impact System
- Hijack Attack
- Hijacking
- Internet
- Internet Control Message Protocol (ICMP)
- Internet Engineering Task Force (IETF)
- Internet Message Access Protocol (IMAP)
- Internet Protocol Security (IPsec)
- Internet Protocol (IP)
- Internet Standard
- Interrupt
- Intranet
- Intrusion Detection (ID)
- IP Address
- IP Flood
- IP Forwarding
- IP Spoofing
- ISO
- Identity
- Incident
- Incident Handling
- Incremental Backups
- Information Warfare
- Input Validation Attacks
- Integrity
There are currently no terms available under this letter.
- Public-Key Forward Secrecy (PFS)
- Password Sniffing
- Patch
- Patching
- Payload
- Penetration
- Penetration Testing
- Personal Firewall
- Phishing
- Ping of Death
- Ping Scan
- Ping Sweep
- Plaintext
- Port
- Port Scan
- Private Addressing
- Promiscuous Mode
- Proxy Server
- Public Key
- Public Key Encryption
- Public Key Infrastructure (PKI)
- Packet
- Packet Switched Network (PSN)
- Password Cracking
There are currently no terms available under this letter.
- Sniffing
- Social Engineering
- SOCKS
- Source Port
- Spam
- Spanning Port
- Spoof
- SQL Injection
- Steganalysis
- Steganography
- SYN Flood
- Syslog
- System Security Officer (SSO)
- Security Objective
- Security Perimeter
- Security Plan
- Security Policy
- Security Posture
- Security Requirements
- Security Requirements Baseline
- Security Target
- Security Testing
- Sensitive Information
- Separation of Duties
- Session Hijacking
- Session Key
- SHA1
- Shadow Password Files
- Shell
- Signature
- Simple Network Management Protocol (SNMP)
- Smurf Attack
- Sniffer
- Secure communication
- Secure Communication Protocol
- Secure Hash Algorithm (SHA)
- Secure Shell (SSH)
- Secure Sockets Layer (SSL)
- Secure Subsystyem
- Security
- Security Assertion Markup Language (SAML)
- Security Attribute
- Security Banner
- Security Category
- Security Controls
- Security Controls Baseline
- Security Domain
- Security Fault Analysis (SFA)
- Security Features Users Guide
- Security Functions
- Security Goals
- Security Information and Event Management (SIEM) Tool
- Security Label
- Salt
- Sandboxing
- Sanitization
- Scanning
- Secret Key
There are currently no terms available under this letter.
There are currently no terms available under this letter.
Business Impact Analysis/Assessment
This is the process of identifying,evaluating and classifying any risks that might affect the continuity of a business in case of a disaster.
SHARE