glossary audit

8/9/2019 Glossary Audit

1/89

Glossary

A

Acceptable interruption window

The maximum period of time that a system can be unavailable before

compromising the achievement of the business objectives

Acceptable use policy

A policy that establishes an agreement between users and the organization,

and denes for all parties’ ranges of use that are approved before gainingaccess to a networ or the !nternet

Access controls

The processes, rules and deployment mechanisms that control access to

information systems, resources and physical access to premises

Access path

The logical route that an end user taes to access computerized information" Typically, it includes a route through the operating system,

telecommunications software, selected application software and the access

control system"

Access rights

The permission or privileges granted to users, programs or worstations to

create, change, delete or view data and les within a system, as dened by

rules established by data owners and the information security policy

Accountability

The ability to map a given activity or event bac to the responsible party

#


2/89

Action plan

A plan for the steps necessary to navigate the roadmap to achieve objectives

Ad hoc

Arbitrary approach, no formal plan or process

Administrative controls

The rules, procedures and practices dealing with operational e$ectiveness,

e%ciency and adherence to regulations and management policies

Adware

Any software pacage that automatically plays, displays or downloads

advertising material to a computer after the software is installed on it or

while the application is being used" !n most cases, this is done without any

notication to the user or without the user’s consent" The term adware may

also refer to software that displays advertisements, whether or not it does so

with the user’s consent& such programs display advertisements as an

alternative to shareware registration fees" These are classied as adware in

the sense of advertising'supported software, but not as spyware" Adware in

this form does not operate surreptitiously or mislead the user, and providesthe user with a specic service"

Advance (ncryption )tandard *A()+

The international encryption standard that replaced -()"

Algorithm

A nite set of step'by'step instructions for a problem'solving or computation

procedure, especially one that can be implemented by a computer"

.


3/89

Anomaly'/ased -etection

The process of comparing denitions of what activity is considered normal

against observed events to identify signicant deviations" This approach is

used on some intrusion detection systems"

Annual 0oss (xpectation *A0(+

The total expected loss divided by the number of years in the forecast period

yielding the average annual loss

Alert situation

The point in an emergency procedure when the elapsed time passes a

threshold and the interruption is not resolved" The organization entering into

an alert situation initiates a series of escalation steps"

Alternate facilities

0ocations and infrastructures from which emergency or bacup processes are

executed, when the main premises are unavailable or destroyed" This

includes other buildings, o%ces or data processing centers"

Alternate process

Automatic or manual processes designed and established to continue critical

business processes from point'of'failure to return'to'normal

Anonymous 1ile Transfer 2rotocol *A1T2+

A method of downloading public les using the 1ile Transfer 2rotocol *1T2+"

A1T2 does not re3uire users to identify themselves before accessing les

from a particular server" !n general, users enter the word 4anonymous5 when

the host prompts for a username" Anything can be entered for the password,such as the user’s e'mail address or simply the word 4guest"5 !n many cases,

an A1T2 site will not prompt a user for a name and password"


4/89

Antivirus software

An application software deployed at multiple points in an !T architecture" !t is

designed to detect and potentially eliminate virus code before damage is

done, and repair or 3uarantine les that have already been infected

Application 2rogramming !nterface *A2!+

An application programming interface *A2!+ is a source code'based

specication intended to be used as an interface by software components to

communicate with each other"

Application controls

The policies, procedures and activities designed to provide reasonable

assurance that objectives relevant to a given automated solution

*application+ are achieved

Application layers

!n the 6pen )ystems !nterconnection *6)!+ communications model, the

application layer provides services for an application program to ensure that

e$ective communication with another application program in a networ is

possible" The application layer is not the application that is doing thecommunication& it is a service layer that provides these services"

Application service provider *A)2+

Also nown as managed service provider *7)2+, it deploys, hosts and

manages access to a pacaged application to multiple parties from a

centrally managed facility" The applications are delivered over networs on a

subscription basis"

Architecture

-escription of the fundamental underlying design of the components of the

business system, or of one element of the business system *e"g",

8

http://en.wikipedia.org/wiki/Source_codehttp://en.wikipedia.org/wiki/Source_code


5/89

technology+, the relationships among them, and the manner in which they

support the organization9s objectives

A:2 *see also :A:2+

A:2 denes the exchanges between networ interfaces connected to an

(thernet media segment in order to map an !2 address to a lin layer address

on demand"

Assurance

The grounds for condence that the set of intended security controls in an

information system are e$ective in their application"

Assurance 2rocess !ntegration!ntegration of organizational assurance processes to achieve greater

e%ciencies and counter typical silo e$ects"

Assymetric encryption

A cryptographic ey that may be widely published and is used to enable the

operation of an asymmetric cryptography scheme" This ey is

mathematically lined with a corresponding private ey" Typically, a public

ey can be used to encrypt, but not decrypt, or to validate a signature, but

not to sign"

Attac )ignature

A specic se3uence of events indicative of an unauthorized access attempt"

Typically a characteristic byte pattern used in malicious code or an indicator,

or set of indicators that allows the identication of malicious networ

activities"

Attributes

The fundamental characteristics of something

;


6/89

Audit

!ndependent review and examination of records and activities to assess the

ade3uacy of system controls, to ensure compliance with established policies

and operational procedures, and to recommend necessary changes in

controls, policies, or procedures

Audit :eview

The assessment of an information system to evaluate the ade3uacy of

implemented security controls, assure that they are functioning properly,

identify vulnerabilities, and assist in implementation of new security controls

where re3uired" This assessment is conducted annually or whenever

signicant change has occurred and may lead to recertication of theinformation system"

Audit trail

A series of records either in hard copy or in electronic format that provide a

chronological record of user activity and other events that show the details of

user and system activity" Audit trails can be used to document when users

log in, how long they are engaged in various activities, what they were doing,

and whether any actual or attempted security violations occurred"

Authentication

The act of verifying the identity of an entity *e"g", a user, a system, a

networ node+

Authorization

Access privileges granted to a user, program, or process or the act of

granting those privileges

Automated


7/89


8/89

mining, complex event processing, business performance

management, benchmaring, text mining and predictive analytics"

/usiness intelligence aims to support better business decision'maing" Thus

a /! system can be called a decision support system *-))+

/usiness impact assessment */!A+

An analysis of an information system’s re3uirements, functions, and

interdependencies used to characterize system contingency re3uirements

and priorities in the event of a signicant disruption"

/aseline )ecurity

The minimum security controls re3uired for safeguarding an !T system based

on its identied needs for condentiality, integrity, and@or availability

protection"

/astion =ost

A special'purpose computer on a networ specically designed and

congured to withstand attacs"

/usiness continuity management */


9/89

/enchmaring

A systematic approach to comparing an organization’s performance against

peers and competitors in an e$ort to learn the best ways of conducting

business" (xamples include benchmaring of 3uality, logistical e%ciency and

various other metrics"

/usiness !mpact Assessment */!A+

An analysis of an information system’s re3uirements, functions, and

interdependencies used to characterize system contingency re3uirements

and priorities in the event of a signicant disruption"

/iometric

A measurable physical characteristic or personal behavioral trait used to

recognize the identity, or verify the claimed identity, of an applicant" 1acial

images, ngerprints, and iris scan samples are all examples of biometrics"

/it'stream image

/it'stream bacups, also referred to as mirror image bacups, involve the

bacup of all areas of a computer hard dis drive or other type of storagemedia" )uch bacups exactly replicate all sectors on a given storage device

including all les and ambient data storage areas"

/it copy

A bit copy provides an exact image of the original and is a re3uirement for

legally justiable forensics

/it The smallest unit of information storage& a contraction of the term Ebinary

digit&E one of two symbolsFEE *zero+ and E#E *one+ ' that are used to

represent binary numbers"

H


10/89

/laclisting

The process of the system invalidating a user !- based on the user’s

inappropriate actions" A blaclisted user !- cannot be used to log on to the

system, even with the correct authenticator" /laclisting and lifting of a

blaclisting are both security'relevant events" /laclisting also applies to

blocs placed against !2 addresses to prevent inappropriate or unauthorized

use of !nternet resources"

/otnet

A botnet is a large number of compromised computers that are used to

create and send spam or viruses or Iood a networ with messages as a

denial of service attac"

/oundary

2hysical or logical perimeter of a system

/rute force attac

:epeatedly trying all possible combinations of passwords or encryption eys

until the correct one is found

/usiness case

-ocumentation of the rationale for maing a business investment, used both

to support a business decision on whether to proceed with the investment

and as an operational tool to support management of the investment

through its full economic life cycle

/usiness dependency assessment

A process of identifying resources critical to the operation of a businessprocess

#


11/89

/usiness impact analysis@assessment */!A+

(valuating the criticality and sensitivity of information assets" An exercise

that determines the impact of losing the support of any resource to an

organization, establishes the escalation of that loss over time, identies the

minimum resources needed to recover, and prioritizes the recovery of

processes and supporting system" This process also includes addressingJ

income loss, unexpected expense, legal issues *regulatory compliance or

contractual+, interdependent processes, and loss of public reputation or

public condence"

/usiness 7odel for !nformation )ecurity */7!)+

/7!) is a business'oriented model for managing information security utilizingsystems thining to clarify complex relationships within an enterprise" The

four elements and six dynamic interconnections form the basis of a three

dimensional model that establish the boundaries of an information security

program and models how the program functions and reacts to internal and

external change" /7!) provides the context for framewors such as sually holds one character of information and

usually means eight bits"

<


12/89


13/89

name or ey space it represents"


14/89

the ability to identify evidence as being the exact item that was recovered or

tested" 0ac of control over evidence can lead to it being discredited"


15/89

not directly intercept the password itself, but the eavesdropper may be able

to nd the password with an o$'line password guessing attac"

#;


16/89

the chief nowledge o%cer *

security program, and ensuring appropriate condentiality, integrity and

availability of information assets"


17/89


18/89

there is unliely to be any computer e3uipment, even though the building

might well have a networ infrastructure and a room ready to act as a server

room" !n most cases, cold sites provide the physical location and basic

services"


19/89

or a


20/89


21/89


22/89


23/89


24/89


25/89

-ata


26/89

-ata lea protection *-02+

A suite of technologies and associated processes that locate, monitor and

protect sensitive information from unauthorized disclosure

-ata normalizationA structured process for organizing data into tables in a common form in

such a way that it preserves the relationships among the data

-ata warehouse

A generic term for a system that stores, retrieves and manages large

volumes of data" -ata warehouse software often includes sophisticated

comparison and hashing techni3ues for fast searches, as well as advanced

ltering"

-ecentralization

The process of distributing computer processing to di$erent locations within

an organization

-ecryption

-ecryption is the process of transforming an encrypted message into its

original plaintext"

-ecryption ey

A digital piece of information used to recover plaintext from the

corresponding ciphertext by decryption

-efense in depth

The practice of layering defenses to provide added protection" -efense in

depth increases security by raising the e$ort needed in an attac" This

strategy places multiple barriers between an attacer and an organization’s

computing and information resources"

.?


27/89

-egauss

The application of variable levels of alternating current for the purpose of

demagnetizing magnetic recording media" The process involves increasing

the alternating current eld gradually from zero to some maximum value and

bac to zero, leaving a very low residue of magnetic induction on the media"

-egauss loosely meansJ to erase"

-emilitarized zone *-7Q+

A screened *rewalled+ networ segment that acts as a bu$er zone between

a trusted and untrusted networ" A -7Q is typically used to house systems

such as web servers that must be accessible from both internal networs and

the !nternet"

-enial of service *-6)+

A denial'of'service attac *-o) attac+ is an attempt to mae a computer or

networ resource unavailable to its intended users by overloading the

system with re3uests causing it to fail"

-isruption

An unplanned event that causes the general system or major application tobe inoperable for an unacceptable length of time *e"g", minor or extended

power outage, extended unavailable networ, or e3uipment or facility

damage or destruction+"

-igital certicate

An electronic credential issued by a certicate authority *


28/89

-igital code signing

The process of digitally signing computer code to ensure its integrity

-isaster declaration

The communication to appropriate internal and external parties that the

disaster recovery plan is being put into operation

-isaster notication fee

The fee the recovery site vendor charges when the customer noties them

that a disaster has occurred and the recovery site is re3uired" The fee is

implemented to discourage false disaster notications"

-isaster recovery plan *-:2+A set of human, physical, technical and procedural resources to recover,

within a dened time and cost, an activity interrupted by an emergency or

disaster

-isaster recovery plan des checing

Typically a read'through of a disaster recovery plan without any real actions

taing place" !t generally involves a reading of the plan, discussion of the

action items and denition of any gaps that might be identied"

-isaster recovery plan wal'through

Generally a robust test of the recovery plan re3uiring that some recovery

activities tae place and are tested" A disaster scenario is often given and

the recovery teams tal through the steps they would need to tae to

recover" As many aspects of the plan should be tested as possible"

-iscretionary access control *-A


29/89

sense that a subject with a certain access permission is capable of passing

that permission *perhaps indirectly+ on to any other subject"

-is mirroring

The practice of duplicating data in separate volumes on two hard diss to

mae storage more fault tolerant" 7irroring provides data protection in the

case of dis failure because data are constantly updated to both diss"

-is !maging

Generating a bit'for'bit copy of the original media, including free space and

slac space"

-istributed denial of service *--6)+A denial'of'service attac *-o) attac+ is an attempt to mae a computer or

networ resource unavailable to its intended users by overloading the

system with re3uests from multiple sources *such as a botnet+ causing it to

fail"

-omain

A sphere of nowledge, or a collection of facts about some program entities

or a number of networ points or addresses, identied by a name" 6n the

!nternet, a domain consists of a set of networ addresses" !n the !nternet9s

domain name system, a domain is a name with which name server records

are associated that describe sub'domains or host" !n Lindows MT and

Lindows ., a domain is a set of networ resources *applications, printers,

and so forth+ for a group of users" The user need only to log in to the domain

to gain access to the resources, which may be located on a number of

di$erent servers in the networ"

.H


30/89

-omain name system *-M)+

A hierarchical database that is distributed across the !nternet that allows

names to be resolved into !2 addresses *and vice versa+ to locate services

such as web and e'mail servers

-ual control

A procedure that uses two or more entities *usually persons+ operating in

concert to protect a system resource such that no single entity acting alone

can access that resource

-ue care

The level of care expected from a reasonable person of similar competency

under similar conditions

-ue diligence

The performance of those actions that are generally regarded as prudent,

responsible and necessary to conduct a thorough and objective investigation,

review and@or analysis

-ynamic host conguration protocol *-=


31/89

system, i"e" from one trading partner to another trading partner without

human intervention"

(lectronic funds transfer *(1T+

(lectronic funds transfer *(1T+ is the electronic exchange or transfer of

money from one account to another, either within a single nancial

institution or across multiple institutions, through computer'based systems

(ncryption


32/89

external environment at the enterprise’s boundary, how they are operated to

support the enterprise mission, and how they contribute to the enterprise’s

overall security posture"

(nterprise :is 7anagement The methods and processes used by an enterprise to manage riss to its

mission and to establish the trust necessary for the enterprise to support

shared missions" !t involves the identication of mission dependencies on

enterprise capabilities, the identication and prioritization of riss due to

dened threats, the implementation of countermeasures to provide both a

static ris posture and an e$ective dynamic response to active threats& and it

assesses enterprise performance against threats and adjustscountermeasures as necessary"

(ntitlements

(ntitlements is the process business users manage the data that controls

how policies are evaluated at runtime" They can add and delete users for

applications and put those users into groups or assign them to roles" They

manage sets of actions *permissions+ that can be logically grouped for a

particular business function" They assign those sets of actions to users or to

roles dened for the application"

(thernet

The most widely'installed 0AM technology" )pecied in a standard, !(((

D.", an (thernet 0AM typically uses coaxial cable or special grades of

twisted pair wires" -evices are connected to the cable and compete for

access"

(vent

An event is an observable occurrence in a system or networ"

.


33/89

(xposure

The extent of the area exposed to a viable threat creating a ris" i"e /oth a

viable threat and a susceptible vulnerability may exist but the ris is a

function of the degree of exposure"

(xternal storage

The location that contains the bacup copies to be used in case recovery or

restoration is re3uired in the event of a disaster

(xtranet

A private networ that uses Leb technology, permitting the sharing of

portions of an enterprise’s information or operations with suppliers, vendors,

partners, customers, or other enterprises"

1

1ail )afe

Automatic protection of programs and@or processing systems when hardware

or software failure is detected"

1ailover

The capability to switch over automatically *typically without human

intervention or warning+ to a redundant or standby information system upon

the failure or abnormal termination of the previously active system"

1all'through logic

An optimized code based on a branch prediction that predicts which way a

program will branch when an application is presented

1alse 2ositive

An alert that incorrectly indicates that malicious activity is occurring


34/89

1alse Megative

A lac of or incorrect alert indicating that no malicious activity is occurring

1ederal energy regulatory commission *1(:)A

The 1ederal (nergy :egulatory


35/89

1inancial security authority *1)A+ >K

The 1inancial )ervices Authority is the regulator of the nancial services

industry in the >K"

1irewallA system or combination of systems that enforces a boundary between two

or more networs typically forming a barrier between a secure and an open

environment such as the !nternet

1irmware


36/89

1orensic examination

The process of collecting, assessing, classifying and documenting digital

evidence to assist in the identication of an o$ender and the method of

compromise

1orensic )pecialist

A professional who locates, identies, collects, analyzes, and examines data

while preserving the integrity and maintaining a strict chain of custody of

information discovered"

1orensics

The practice of gathering, retaining, and analyzing computer'related data for

investigative purposes in a manner that maintains the integrity of the data"

1ull -is (ncryption *1-(+

The process of encrypting all the data on the hard dis drive used to boot a

computer, including the computer’s operating system, and permitting access

to the data only after successful authentication with the full dis encryption

product

G

Generally accepted information security principles *GA!)2+

GA!)2 describes eight pervasive principles and fourteen practices for

information security" (ach of the principles applies to each of the practices"

Gap analysis

A process used to determine the di$erence between and what is re3uired tomove from an existing state and the desired state"

?


37/89

Guideline

A description of a particular way of accomplishing something that is less

prescriptive than a procedure

=

=ardening


38/89

=oneypot

A specially congured server, also nown as a decoy server, designed to

attract and monitor intruders in a manner such that their actions do not

a$ect production systems

=ot site

A fully operational o$site data processing facility e3uipped with hardware

and system software to be used in the event of a disaster

=ypertext 7arup 0anguage *=T70+

The set of marup symbols or codes inserted in a le intended for display on

a Lorld Lide Leb browser page"

=ypertext Transfer 2rotocol *=TT2+

A communication protocol used to connect to servers on the Lorld Lide

Leb" !ts primary function is to establish a connection with a web server and

transmit =T70, S70 or other pages to the client browsers"

=TT2)

A secure form of =TT2 using encryption

=eating, ventilation and air conditioning *=NA


39/89

units, showing their alignment with the enterprise’s mission and strategic

plans"

!A !nfrastructure

The underlying security framewor that lies beyond an enterprise’s dened

boundary, but supports its !A and !A'enabled products, its security posture

and its ris management plan"

!


40/89

used to justify the extent of safeguards that are re3uired and recovery time

frames" This analysis is the basis for establishing the recovery strategy"

!nformation communication technologies *!


41/89

!ncremental /acups

!ncremental bacups only bacup the les that have been modied since the

last bacup" !f dump levels are used, incremental bacup’s only bacup les

changed since last bacup of a lower dump level"

!nformation Assurance *!A+

7easures that protect and defend information and information systems by

ensuring their availability, integrity, authentication, condentiality, and non'

repudiation" These measures include providing for restoration of information

systems by incorporating protection, detection, and reaction capabilities"

)ynonymous with information security

!nformation security governance

The set of responsibilities and practices exercised by the board and

executive management with the goal of providing strategic direction,

ensuring that objectives are achieved, ascertaining that riss are managed

appropriately and verifying that the enterprise’s resources are used

responsibly

!nformation security program The overall combination of technical, operational and procedural measures,

and management structures implemented to provide for the condentiality,

integrity and availability of information based on business re3uirements and

ris analysis

!nformation )ecurity

The protection of information and information systems from unauthorized

access, use, disclosure, disruption, modication, or destruction in order to

provide condentiality, integrity, and availability" )ynonymous with

!nformation Assurance *!A+

8#


42/89

!nformation )ecurity Architect

!ndividual, group, or organization responsible for ensuring that the

information security re3uirements necessary to protect the organization’s

core missions and business processes are ade3uately addressed in all

aspects of enterprise architecture including reference models, segment and

solution architectures, and the resulting information systems supporting

those missions and business processes"

!ntegrity

The accuracy, completeness and validity of information

!ntellectual 2roperty

>seful artistic, technical, and@or industrial information, nowledge or ideas

that convey ownership and control of tangible or virtual usage and@or

representation" i"e" intangible property of value

!nternal controls

The policies, procedures, practices and organizational structures designed to

provide reasonable assurance that business objectives will be achieved and

undesired events will be prevented or detected and corrected

!nternal :ate of :eturn *!::+

The internal rate of return on an investment or project is the Eannualized

e$ective compounded return rateE or Erate of returnE that maes the net

present value *M2N as M(T#@*#U!::+Vyear+ of all cash Iows *both positive

and negative+ from a particular investment e3ual to zero"

!nternal rates of return are commonly used to evaluate the desirability of

investments or projects" The higher a project9s internal rate of return, the

more desirable it is to undertae the project" Assuming all projects re3uire

the same amount of up'front investment, the project with the highest !::

would be considered the best and undertaen rst"

8.

http://en.wikipedia.org/wiki/Net_present_valuehttp://en.wikipedia.org/wiki/Net_present_valuehttp://en.wikipedia.org/wiki/Net_present_valuehttp://en.wikipedia.org/wiki/Net_present_value


43/89

!nternet

A term to describe connecting multiple separate networs together"

!nternet


44/89

!ntrusion detection system *!-)+

An !-) inspects networ and host security activity to identify suspicious

patterns that may indicate a networ or system attac

!ntrusion prevention system *!2)+An !2) inspects networ and host security activity to identify suspicious

patterns that may indicate a networ or system attac and then blocs it at

the rewall to prevent damage to information resources"

!2 )ecurity *!2)ec+

A set of protocols developed by the !nternet (ngineering Tas 1orce *!(T1+ to

support the secure exchange of pacets

!)6@!(< #CCHH

6riginally released as part of the /ritish )tandard for !nformation )ecurity in

#HHH and then as the


45/89

management system" 2rior to its adoption by !)6@!(


46/89

!)6@!(< #;;8

!)6@!(< #;;8 !nformation technology O 2rocess assessment, also nown

as )2!


47/89

K

Kerberos

A widely used authentication protocol developed at the 7assachusetts

!nstitute of Technology *7!T+" !n 4classic5 Kerberos, users share a secret

password with a Key -istribution


48/89

Keystroe 7onitoring

The process used to view or record both the eystroes entered by a

computer user and the computer’s response during an interactive session"

Keystroe monitoring is usually considered a special case of audit trails"

0

0east 2rivilege

0east 2rivilege is the principle of allowing users or applications the least

amount of permissions necessary to perform their intended function"

0ielihood of 6ccurrence

!n !nformation Assurance ris analysis, a weighted factor based on a

subjective analysis of the probability that a given threat is capable of

exploiting a given vulnerability"

0ightweight -irectory Access 2rotocol *0-A2+

A software protocol for enabling anyone to locate organizations, individuals,

and other resources such as les and devices in a networ, whether on the

public !nternet or on a corporate !ntranet"

0in (ncryption

0in encryption encrypts all of the data along a communications path *e"g", a

satellite lin, telephone circuit, or T# line+" )ince lin encryption also encrypts

routing data, communications nodes need to decrypt the data to continue

routing"

0ocal area networA local area networ *0AM+ is a computer networ that interconnects

computers in a limited area such as a home, school, computer laboratory, or

o%ce building using networ media"#B The dening characteristics of 0AMs,

in contrast to wide area networs *LAMs+, include their usually higher data'

8D

http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Local_area_network#cite_note-0http://en.wikipedia.org/wiki/Wide_area_networkhttp://en.wikipedia.org/wiki/Bit_ratehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Local_area_network#cite_note-0http://en.wikipedia.org/wiki/Wide_area_networkhttp://en.wikipedia.org/wiki/Bit_rate


49/89

transfer rates, smaller geographic area, and lac of a need for leased

telecommunication lines

0ocal :egistration Authority *0:A+

A :egistration Authority with responsibility for a local community in a 2K!'

enabled environment"

0ogic /omb

A piece of code intentionally inserted into a software system that will set o$

a malicious function when specied conditions are met"

7

7A< Address

A physical address& a numeric value that uni3uely identies that networ

device from every other device on the planet"

7ail relay server

An e'mail server that relays messages so that neither the sender nor the

recipient is a local user

7alicious


50/89

7an'in'the'middle Attac *7it7+

An attac on the authentication protocol run in which the attacer positions

himself in between the claimant and verier so that he can intercept and

alter data traveling between them"

7as3ueraders

Attacers that penetrate systems by using the identity of legitimate users

and their login credentials

7aximum tolerable outages *7T6+

7aximum time the organization can support processing in alternate mode

7essage Authentication


51/89

7obile site

The use of a mobile@temporary facility to serve as a business resumption

location" They can usually be delivered to any site and can house information

technology and sta$"

7onitoring policy

:ules outlining or delineating the way in which information about the use of

computers, networs, applications and information is captured and

interpreted"

7ultipurpose internet mail extension *7!7(+

A specication for formatting non'A)

over the !nternet" 7any e'mail clients now support 7!7(, which enables

them to send and receive graphics, audio, and video les via the !nternet

mail system" !n addition, 7!7( supports messages in character sets other

than A)

Meed'To'Know

A method of isolating information resources based on a user’s need to have

access to that resource in order to perform their job but no more" The terms

Xneed'to now5 and 4least privilege5 express the same idea" Meed'to'now

is generally applied to people, while least privilege is generally applied to

processes"

;#

http://www.webopedia.com/TERM/A/ASCII.htmlhttp://www.webopedia.com/TERM/I/Internet.htmlhttp://www.webopedia.com/TERM/E/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/mime.htmlhttp://www.webopedia.com/TERM/C/character_set.htmlhttp://www.webopedia.com/TERM/A/ASCII.htmlhttp://www.webopedia.com/TERM/I/Internet.htmlhttp://www.webopedia.com/TERM/E/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/mime.htmlhttp://www.webopedia.com/TERM/C/character_set.html


52/89

Met present value *M2N+

The discounted value of an investment9s cash inIows minus the discounted

value of its cash outIows" To be ade3uately protable, an investment should

have a net present value greater than zero

Metwor address translation *MAT+

/asic MATs are used when there is a re3uirement to interconnect two !2

networs with incompatible addressing" =owever it is common to hide an

entire !2 address space, usually consisting of private !2 addresses, behind a

single !2 address *or in some cases a small group of !2 addresses+ in another

*usually public+ address space" To avoid ambiguity in the handling of returned

pacets, a one'to'many MAT must alter higher level information such as

T-2 ports in outgoing communications and must maintain a translation

table so that return pacets can be correctly translated bac

Metwor based intrusion detection *M!-s+

Metwor based intrusion detection provides broader coverage than host

based approaches but functions in the same manner detecting attacs using

either an anomaly based or signature based approach or both"

Monce

A value used in security protocols that is never repeated with the same ey"

1or example, challenges used in challenge'response authentication protocols

generally must not be repeated until authentication eys are changed, or

there is a possibility of a replay attac" >sing a nonce as a challenge is a

di$erent re3uirement than a random challenge, because a nonce is not

necessarily unpredictable"

Monintrusive monitoring

The use of transported probes or traces to assemble information, trac tra%c

and identify vulnerabilities

;.

http://en.wikipedia.org/wiki/Private_IP_addresshttp://en.wikipedia.org/wiki/Private_IP_address


53/89

Monrepudiation

The assurance that a party cannot later deny originating data& that is, it is

the provision of proof of the integrity and origin of the data and can be

veried by a third party" A digital signature can provide nonrepudiation"

6

6rganization for (conomic


54/89

user or program is at a computer e3uipped with these seven layers of

function" )o, in a given message between users, there will be a Iow of data

through each layer at one end down through the layers in that computer and,

at the other end, when the message arrives, another Iow of data up through

the layers in the receiving computer and ultimately to the end user or

program" The actual programming and hardware that furnishes these seven

layers of function is usually a combination of the computer operating system,

applications *such as your Leb browser+, T


55/89

• 0ayer 8J The transport layer"""This layer manages the end'to'end

control *for example, determining whether all pacets have arrived+

and error'checing" !t ensures complete data transfer"• 0ayer J The networ layer"""This layer handles the routing of the data

*sending it in the right direction to the right destination on outgoing

transmissions and receiving incoming transmissions at the pacet

level+" The networ layer does routing and forwarding"• 0ayer .J The data'lin layer"""This layer provides synchronization for the

physical level and does bit'stu%ng for strings of #9s in excess of ;" !t

furnishes transmission protocol nowledge and management"• 0ayer #J The physical layer"""This layer conveys the bit stream through

the networ at the electrical and mechanical level" !t provides the

hardware means of sending and receiving data on a carrier"

6perations )ecurity *62)(


56/89

2

2acet

A piece of a message transmitted over a pacet'switching networ" 6ne of

the ey features of a pacet is that it contains the destination address in

addition to the data" !n !2 networs, pacets are often called datagrams"

2acet ltering


57/89

2assword )ni%ng

2assive wiretapping, usually on a local area networ, to gain nowledge of

passwords"

2atchA patch is a small update released by a software manufacturer to x bugs in

existing programs"

2atching

2atching is the process of updating software to a di$erent version"

2atch 7anagement

The systematic notication, identication, deployment, installation, and

verication of operating system and application software code revisions"

These revisions are nown as patches, hot xes, and service pacs"

2assive response

A response option in intrusion detection in which the system simply reports

and records the problem detected, relying on the user to tae subse3uent

action

2assword cracer

A tool that tests the strength of user passwords searching for passwords that

are easy to guess by repeatedly trying words from specially crafted

dictionaries and often also by generating thousands *and, in some cases,

even millions+ of permutations of characters, numbers and symbols

2ayment card industry *2

The term is specically used to refer to the 2ayment


58/89

directives against which businesses may measure their own payment card

security policies, procedures and guidelines

2enetration testing

A live test of the e$ectiveness of security defenses through mimicing the

actions of real'life attacers

2ersonally !dentiable !nformation *2!!+

!nformation which can be used to distinguish or trace an individual9s identity,

such as their name, social security number, biometric records, etc", alone, or

when combined with other personal or identifying information which is lined

or linable to a specic individual, such as date and place of birth, mother’s

maiden name, etc"

2harming

This is a more sophisticated form of 7!T7 attac" A user’s session is

redirected to a mas3uerading website" This can be achieved by corrupting a

-M) server on the !nternet and pointing a >:0 to the mas3uerading

website’s !2" Almost all users use a >:0 lie www"worldban"com instead of

the real !2 *#H."D?"HH"#8+ of the website"

:0 can be redirected to send

tra%c to the !2 of the pseudo website" At the pseudo website, transactions

can be mimiced and information lie login credentials can be gathered" Lith

this the attacer can access the real www"worldban"com site and conduct

transactions using the credentials of a valid user on that website"

;D

http://en.wikipedia.org/wiki/PCI_DSShttp://en.wikipedia.org/wiki/PCI_DSShttp://en.wikipedia.org/wiki/PCI_DSShttp://en.wikipedia.org/wiki/PCI_DSS


59/89

2hishing

The use of e'mails that appear to originate from a trusted source to tric a

user into entering valid credentials at a fae website" Typically the e'mail and

the web site loos lie they are part of a ban the user is doing business

with"

2ort )canning

>sing a program to remotely determine which ports on a system are open

*e"g", whether systems allow connections through those ports+"

2lan'do'chec'act *2-


60/89

to each port, one at a time" The ind of response received indicates whether

the port is used and can therefore be probed for weaness"

2ost 6%ce 2rotocol, Nersion *262+

An !nternet )tandard protocol by which a client worstation can dynamically

access a mailbox on a server host to retrieve mail messages that the server

has received and is holding for the client

2rotocol

A formal specication for communicating& an !2 address the special set of

rules that end points in a telecommunication connection use when they

communicate" 2rotocols exist at several levels in a telecommunication

connection"

2rivacy

1reedom from unauthorized intrusion or disclosure of information about

individuals

2rivate Key

The secret part of an asymmetric ey pair that is typically used to digitally

sign or decrypt data in a 2K!"

2rivileged Accounts

!ndividuals who have access to set 4access rights5 for users on a given

system" )ometimes referred to as system or networ administrative

accounts"

2rocedures

A detailed description of the steps necessary to perform specic operations

in conformance with applicable standards

?


61/89

2roxy

A proxy is an application that 4breas5 the connection between client and

server" The proxy accepts certain types of tra%c entering or leaving a

networ and processes it and forwards it" This e$ectively closes the straight

path between the internal and external networs maing it more di%cult for

an attacer to obtain internal addresses and other details of the

organization’s internal networ" 2roxy servers are available for common

!nternet services& for example, a =yper Text Transfer 2rotocol *=TT2+ proxy

used for Leb access, and a )imple 7ail Transfer 2rotocol *)7T2+ proxy used

for email"

2roxy serverA server that acts on behalf of a user" Typically proxies accept a connection

from a user, mae a decision as to whether or not the user or client !2

address is permitted to use the proxy, perhaps perform additional

authentication, and then complete a connection to a remote destination on

behalf of the user"

2roximity factors

The distance from potential hazards, which can include Iooding ris from

nearby waterways, hazardous material manufacturing or storage, or other

situations that may pose a ris to the operation of a recovery

2ublic Key

The public part of an asymmetric ey pair that is typically used to verify

signatures or encrypt data in a 2K!

2ublic ey infrastructure *2K!+

The framewor and services that provide for the generation, production,

distribution, control, accounting, and destruction of public ey certicates"


62/89

and public'private ey pairs, including the ability to issue, maintain, recover,

and revoe public ey certicates"

\

\uality assurance *\A+

A process for testing to ensure specications are met

:

:ed Team

A group of people authorized and organized to emulate a potential

adversary’s attac or exploitation capabilities against an enterprise’s

security posture" The :ed Team’s objective is to improve enterprise

!nformation Assurance by demonstrating the impacts of successful attacs

and by demonstrating what wors for the defenders *i"e", the /lue Team+ in

an operational environment"

:elying 2arty

An entity that relies upon the subscriber’s credentials, typically to process atransaction or grant access to information or a system typically in a 2K!"

:emediation

The act of correcting a vulnerability or eliminating a threat" Three possible

types of remediation are installing a patch, adjusting conguration settings,

or uninstalling a software application"

:eciprocal agreement(mergency processing agreements among two or more organizations with

similar e3uipment or applications" Typically, participants promise to provide

processing time to each other when an emergency arises"

?.


63/89

:ecovery action

(xecution of a response or tas according to a written procedure

:ecovery point objective *:26+

-etermined based on the acceptable data loss in case of a disruption of

operations" !ndicates the earliest point in time to which it is acceptable to

recover data" ($ectively 3uanties the permissible amount of data loss in

case of interruption i"e" the last point of nown good data

:ecovery time objective *:T6+

The amount of time allowed for the recovery of a business function or

resource after a disaster occurs

:edundant Array of !nexpensive -iss *:A!-+

A technology that provides performance improvements and fault'tolerant

capabilities, via hardware or software solutions, by writing to a series of

multiple diss to improve performance and save large les simultaneously

:edundant site

A recovery strategy involving the duplication of ey information technology

components, including data or other ey business processes, whereby fast

recovery can tae place

:egistration Authority

A trusted entity that establishes and vouches for the identity of a subscriber

to a


64/89

through a bidding process, to submit a proposal on a

specic commodity or service" The :12 process brings structure to the

procurement decision and is meant to allow the riss and benets to be

identied clearly up front"

The :12 may dictate to varying degrees the exact structure and format of

the supplier9s response" ($ective :12s typically reIect the strategy and

short@long'term business objectives, providing detailed insight upon which

suppliers will be able to o$er a matching perspective

:eplay Attacs

An attac that involves the capture of transmitted authentication or access

control information and its subse3uent retransmission with the intent ofproducing an unauthorized e$ect or gaining unauthorized access"

:esidual ris

The remaining ris after management has implemented ris response

:esilience

The ability of a system or networ to resist failure or to recover 3uicly from

any disruption, usually with minimal recognizable e$ect

:eturn on investment *:6!+

A measure of operating performance and e%ciency, computed in its simplest

form by dividing net income by the total investment over the period being

considered

:eturn on security investment *:6)!+

An estimate of return on security investment based on how much will besaved by reduced losses divided by the investment"

?8

http://en.wikipedia.org/wiki/Biddinghttp://en.wikipedia.org/wiki/Proposal_(business)http://en.wikipedia.org/wiki/Commodityhttp://en.wikipedia.org/wiki/Service_(economics)http://en.wikipedia.org/wiki/Biddinghttp://en.wikipedia.org/wiki/Proposal_(business)http://en.wikipedia.org/wiki/Commodityhttp://en.wikipedia.org/wiki/Service_(economics)


65/89

:is

The combination of the probability of an event and its conse3uence" *!)6@!(<

C+" :is has traditionally been expressed as Threats S Nulnerabilities ] :is"

:is assessmentA process used to identify and evaluate ris and potential e$ects" :is

assessment includes assessing the critical functions necessary for an

organization to continue business operations, dening the controls in place

to reduce organization exposure and evaluating the cost for such controls"

:is analysis often involves an evaluation of the probabilities of a particular

event"

:is avoidance

The process for systematically avoiding ris, constituting one approach to

managing ris

:is mitigation

The management and reduction of ris through the use of countermeasures

and controls

:is Tolerance

The acceptable level of deviation from acceptable ris

:is transfer

The process of assigning ris to another organization, usually through the

purchase of an insurance policy or outsourcing the service

:obustness

The extent of the ability of systems to withstand attac& system strength"

The ability of an !nformation Assurance entity to operate correctly and

reliably across a wide range of operational conditions, and to fail gracefully

outside of that operational range"

?;


66/89

:ole /ased Access


67/89

)ecure =ash Algorithm *)=A+

A hash algorithm with the property that is computationally infeasible #+ to

nd a message that corresponds to a given message digest, or .+ to nd two

di$erent messages that produce the same message digest"

)ecurity Attribute

A security'related 3uality of an object" )ecurity attributes may be

represented as hierarchical levels, bits in a bit map, or numbers"


68/89

perform a variety of correlation techni3ues to integrate di$erent

sources, in order to turn data into useful information"• AlertingJ the automated analysis of correlated events and production of

alerts, to notify recipients of immediate issues"

• DashboardsJ )!(7@07 tools tae event data and turn it intoinformational charts to assist in seeing patterns, or identifying activity

that is not forming a standard pattern";B• ComplianceJ )!(7 applications can be employed to automate the

gathering of compliance data, producing reports that adapt to existing

security, governance and auditing processes"?B• RetentionJ )!(7@)!7 solutions employ long'term storage of historical

data to facilitate correlation of data over time, and to provide the

retention necessary for compliance re3uirements"

)ecurity 2osture

The security status of an enterprise’s networs, information, and systems

based on !A resources *e"g", people, hardware, software, policies+ and

capabilities in place to manage the defense of the enterprise and to react as

the situation changes"

)ensitivityA measure of the impact that improper disclosure of information may have

on an organization

)eparation of -uties

)eparation of duties is the principle of splitting privileges among multiple

individuals or systems to reduce ris of fraud or other malfeasance

)ession Key!n the context of symmetric encryption, a ey that is temporary or is used for

a relatively short period of time" >sually, a session ey is used for a dened

period of communication between two computers, such as for the duration of

a single connection or transaction set, or the ey is used in an application

?D

http://en.wikipedia.org/wiki/Security_information_and_event_management#cite_note-4http://en.wikipedia.org/wiki/Security_information_and_event_management#cite_note-5http://en.wikipedia.org/wiki/Security_information_and_event_management#cite_note-4http://en.wikipedia.org/wiki/Security_information_and_event_management#cite_note-5


69/89

that protects relatively large amounts of data and, therefore, needs to be re'

eyed fre3uently"

)ervice delivery objective *)-6+

-irectly related to business needs, )-6 is the level of services to be reached

during the alternate process mode until the normal situation is restored"

)ervice level agreement *)0A+

An agreement, preferably documented, between a service provider and the

customer*s+@user*s+ that denes minimum performance targets for a service

and how they will be measured

)hell programmingA shell script is a script written for the shell, or command line interpreter, of

an operating system" !t is often considered a simple domain'specic

programming language" Typical operations performed by shell scripts include

le manipulation, program execution and printing text" >sually, shell script

refers to scripts written for a >nix shell, while


70/89

)imming

The unauthorized use of a reader to read tags without the authorization or

nowledge of the tag’s owner or the individual in possession of the tag"

)mart


71/89

)ecure shell *))=+

)ecure )hell *))=+ is a networ protocol for secure data communication,

remote shell services or command execution and other secure networ

services between two networed computers that it connects via a secure

channel over an insecure networJ

)ecure socets layer *))0+

Transport 0ayer )ecurity *T0)+ and its predecessor, )ecure )ocets

0ayer *))0+, are cryptographic protocols that provide

communication security over the !nternet"#B T0) and ))0 encrypt the

segments of networ connections above the Transport 0ayer, using

asymmetric cryptography for ey exchange, symmetric encryption forprivacy, and message authentication codes for message integrity"

)ecurity steering group *))G+

The ))G is generally charged with incident management and response

organization and oversight"

)ingle sign'on *))6+

))6 is a process to allow access to numerous systems using one set ofauthentication credentials"

)pyware

)oftware that is secretly or surreptitiously installed into an information

system to gather information on individuals or organizations without their

nowledge& a type of malicious code"

)tructured 3uery language *)\0+)tructured \uery 0anguage+ is a programming language designed for

managing data in relational database management systems

C#

http://en.wikipedia.org/wiki/Network_protocolhttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Securityhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Secure_Socket_Layer#cite_note-0http://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Transport_Layerhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Message_authentication_codehttp://en.wikipedia.org/wiki/Programming_languagehttp://en.wikipedia.org/wiki/Relational_database_management_systemhttp://en.wikipedia.org/wiki/Network_protocolhttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Secure_channelhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Securityhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Secure_Socket_Layer#cite_note-0http://en.wikipedia.org/wiki/Encryptionhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Transport_Layerhttp://en.wikipedia.org/wiki/Public-key_cryptographyhttp://en.wikipedia.org/wiki/Symmetric-key_algorithmhttp://en.wikipedia.org/wiki/Message_authentication_codehttp://en.wikipedia.org/wiki/Programming_languagehttp://en.wikipedia.org/wiki/Relational_database_management_system


72/89

)tandard

An internal mandatory re3uirement dening allowable boundaries of people,

processes and technologies or a specication approved by a recognized

external standards organization, such as !)6

)tandard operation procedure *)62+

An )62 is a written document or instruction detailing all steps and activities

of a process or procedure" !)6 H# essentially re3uires the documentation

of all procedures used in any manufacturing process that could a$ect the

3uality of the product or service"

)teganography

The art and science of communicating in a way that hides the existence of

the communication" 1or example, a secret documentcan be hidden inside

another graphic image le, audio le, or other le format"

)upervisory control and data ac3uisition *)sually shared rather than

dedicated"

)upply


73/89

)ystem development life cycle *)-0


74/89

Threat

Anything *e"g", object, substance, human+ that is capable of acting against

an asset in a manner that can result in harm" A potential cause of an

unwanted incident" *!)6@!(< #;+

Threat agent

7ethods and things used to exploit a vulnerability" (xamples include

determination, capability, motive and resources"

Threat analysis

An evaluation of the type, scope and nature of events or actions that can

result in adverse conse3uences& identication of the threats that exist

against information assets and information technology" The threat analysis

usually also denes the level of threat and the lielihood of it materializing"

Threat event

Any event where a threat element@actor acts against an asset in a manner

that has the potential to directly result in harm

Threat Assessment

A threat assessment is the identication of types of threats that an

organization might be exposed to"

Threat 7odel

A threat model is used to describe a given threat and the harm it could to do

a system if it has a vulnerability"

Threat Nector

The method a threat uses to get to the target"

Transport 0ayer )ecurity *T0)+

Transport 0ayer )ecurity *T0)+ and its predecessor, )ecure )ocets

0ayer *))0+, are cryptographic protocols that provide

C8

http://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Cryptographic_protocol


75/89

communication security over the !nternet"#B T0) and ))0 encrypt the

segments of networ connections above the Transport 0ayer, using

asymmetric cryptography for ey exchange, symmetric encryption for

privacy, and message authentication codes for message integrity"

Toen

)omething that the claimant possesses and controls *typically a ey or

password+ used to authenticate the claimant’s identity"

Toen'/ased Access


76/89

Transmission control protocol *T


77/89

Tunneling

Technology enabling one networ to send its data via another networ’s

connections" Tunneling wors by encapsulating a networ protocol within

pacets carried by the second networ"

>

>nauthorized Access

A person gains logical or physical access without permission to a networ,

system, application, data, or other !T resource" Any access that violates the

stated security policy"

>nauthorized -isclosure

An event involving the exposure of information to entities not authorized

access to the information"

>niform :esource 0ocator *>:0+

The global address of documents and other resources on the Lorld Lide

Leb" The rst part of the address indicates what protocol to use, and the

second part species the !2 address or the domain name where the resourceis located" 1or example, httpJ@@www"pcwebopedia"com@index"html"

>nix

A popular multi'user, multitasing operating system developed at /ell 0abs

in the early #HCs" nix was

designed to be a small, Iexible system used exclusively by programmers"

>ser datagram protocol *>-2+ The >ser -atagram 2rotocol *>-2+ is one of the core members of the !nternet

2rotocol )uite, the set of networ protocols used for the !nternet" Lith >-2,

computer applications can send messages, in this case referred to

as datagrams, to other hosts on an !nternet 2rotocol *!2+ networ without

CC

http://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Datagramhttp://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Internet_Protocol_Suitehttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Datagramhttp://en.wikipedia.org/wiki/Internet_Protocol


78/89

re3uiring prior communications to set up special transmission channels or

data paths"

>ninterruptable power supply *>2)+

>2) is typically battery power converted to standard A< operating current

using an inverter" !t is designed to automatically supply power in the event

the primary source fails"

N

Nalidation

The process of demonstrating that the system under consideration meets in

all respects the specication of that system"

Nalue at ris *NA:+

NA: computes the probability of the maximum loss at a H; or HH^ certainty

over a dened period based on historical information and exercising all the

variables using 7onte


79/89

Nirus signature les

The le of virus patterns that are compared with existing les to determine if

they are infected with a virus or worm

Noice over !2 *N6!2+Noice over !2 *No!2+ commonly refers to the communication protocols,

technologies, methodologies, and transmission techni3ues involved in the

delivery of voice communications and multimedia sessions over !nternet

2rotocol *!2+ networs, such as the !nternet

Nulnerability

A weaness in the design, implementation, operation or internal controls in a

process that could be exploited to violate system security

Nulnerability analysis

2rocess of identifying and classifying vulnerabilities

L

Larm site

A warm site is similar to a hot site& however, a warm site is not fully

e3uipped with all necessary hardware needed

for recovery"

Leb hosting

The business of providing the e3uipment and services re3uired to host and

maintain les for one or more web sites, and provide fast !nternet

connections to those sites" 7ost hosting is 4shared,5 which means that websites of multiple companies are on the same server to share@reduce costs"

CH

http://en.wikipedia.org/wiki/Communication_protocolhttp://en.wikipedia.org/wiki/Voice_communicationhttp://en.wikipedia.org/wiki/Multimediahttp://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Internethttp://en.wikipedia.org/wiki/Communication_protocolhttp://en.wikipedia.org/wiki/Voice_communicationhttp://en.wikipedia.org/wiki/Multimediahttp://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Internet


80/89

Leb server

>sing the client'server model and the Lorld Lide Leb’s =ypertext Transfer

2rotocol *=TT2+, Leb server is a software program that serves web pages to

users"

Lide area networ *LAM+

A Lide Area Metwor *LAM+ is a telecommunication networ that covers a

broad area *i"e", any networ that lins across metropolitan, regional, or

national boundaries+"

Lii

Leb applications or similar tools that allow identiable users to add content

*as in an !nternet forum+ and allow anyone to edit that content collectively"

Lired (3uivalent 2rivacy *L(2+

A security protocol, specied in the !((( D."## standard, that is designed to

provide a L0AM with a level of security and privacy comparable to what is

usually expected of a wired 0AM" L(2 is no longer considered a viable

encryption mechanism due to nown weanesses"

Lireless Access 2oint *LA2+

A device that acts as a conduit to connect wireless communication devices

together to allow them to communicate and create a wireless networ"

Lorm

A programmed networ attac in which a self'replicating program does not

attach itself to programs, but rather spreads independently of users’ actions

Li'1i 2rotected Access . *L2A.+

The follow on security method to L2A for wireless networs that provides

stronger data protection and networ access control" !t provides enterprise

and consumer Li'1i users with a high level of assurance that only authorized

D


81/89

users can access their wireless networs" /ased on the ratied !((( D."##i

standard, L2A. provides government grade security by implementing the

Mational !nstitute of )tandards and Technology *M!)T+ 1!2) #8'. compliant

A() encryption algorithm and D."#S'based authentication

D#


82/89

Acronyms

The

Acronym

Description


83/89

A) niversity


84/89


85/89

1!2) 1ederal !nformation 2rocessing )tandards *>)A+1!)7A 1ederal !nformation )ecurity 7anagement Act *>)A+1)A 1inancial )ecurity Authority *>)A+GA!)2 Generally Accepted !nformation )ecurity 2rinciplesGA) Generalized audit softwareGA))2 Generally Accepted )ecurity )ystem 2rinciplesG0/A Gramm'0each'/liley Act *>)A+G7! Governance 7etrics !nternational=-'-N- =igh denition@high density'digital video disc=!-) =ost'based intrusion detection system=!2AA =ealth !nsurance 2ortability and Accountability Act *>)A+=!26 =ierarchy !nput'2rocess'6utput=: =uman resources=TT2 =ypertext Transfer 2rotocol

=TT2) )ecure =ypertext Transfer 2rotocol=NA< =eating, ventilating and air conditioning!RA !dentication and Authentication!@6 !nput@output!


86/89

!))A !nformation )ystem )ecurity Association!))(A !nternational )ystem )ecurity (ngineering Association!TG! !T Governance !nstitute [


87/89

2

)71 )ystem management facility)62 )tandard operating procedure)2! )ecurity 2arameter !ndex)2!


88/89

)\0 )tructured \uery 0anguage))G )ecurity steering group))= )ecure )hell))0 )ecure )ocets 0ayer))6 )ingle sign'on T)/ >niversal )erial /usNA: Nalue at risNo!2 Noice'over !2N2M Nirtual private networLAM Lide area networS/:0 (xtensible /usiness :eporting 0anguage

DD


89/89

glossary audit

Documents