Kategorie: Wszystkie - malware - firewall - vulnerability - authentication

przez Usama Amin 13 lat temu

723

IT Security Terms

IT Security Terms

Securing The Enterprice and Business Continuity

IT Security Terms

Spyware Botnet

Bot Network a network of hijacked computers that are controlled remotely- typically to launch spam or spyware. Also called software rebots. Bot Networks are lined to a range of malicious activity.

Zombie

an infected computer that is controlled remotely via the internet by an unauthrized user, such as a spammer, fraduster, or hacker

DOS or DDOS

AN ATTACK IN WHICH A SYSTEM IS BOMBARDED WITH SO MANY REQUESTS FOR SERCIE OR ACCESS THAT IT CRASHES OR CANNOT RESPOND.

Spoofing

AN attack carried out using a trick, disguise , deceit or by falsifying data

Backup

Backup: a duplicate copu of data or programs kept in a secured location

Fault tolerance

the ability of an IS to continue to poerate when a failure occurs, but usually for a limited time or at a reduced level.

Intrusion detection system(IDS)

IDS: A defense tool used to monitor network traffic(packets) and provide alerts when there is suspicious traffic, or to quarntine suspicious traffic

Router

Router: Device that transfers(routers)packets between two or more networks

Public key infrastructure (PKI)

PKI: a system to identify and authenticate the sender or receiver of an Internet message or transaction.

IP Address(Internet Protocol address)

IP address: an address that uniquely identifies a specfific computer or other device on a network

Packet

Packet is a unit of data for transmission over a network with a header containing the source and destination of the packet

firewall

a method (hardware and software) of guarding a private network from a public network (internet) by analyzing data packets eneting or exiting it.

EndPoint Security

Security measuers to protect the end points, such as desktops and laptops, in the enterprise by analyzing data packets enetring or exiting it

Perimeter security

security measures to ensure that onlu authorized users gain acess to the network

Biometrics

Methods to identify a person based on a biological feature, such as a fingerprint.

Malware

Malicious software, such as a virus, worm, or Trojan horse

Authentication

Method( Usually based on Username and password) by which an IS validates or verifies that a user is really who he or she claims to be.

Ciphertext

ciphertext is encrypted text

Plaintext or clear-text

Plaintext or clear-text; readable text

Encryption

Transforing data into scrambled code to protect it from being understood by unauthorized users

Audit

The process of generating, recording, and reviewing a chronological record of systems events to ascertain their accuracy.

Countermeasure

Countermeasure: safeguard implemented to mitigate (lessen) risk.

Vulnerability

Vulnerability: weakness that threatens the confdentiality, integrity, or availability of an asset

Acess Control

Access Control: Security feature designed to restric who has access to a network, IS, or data. Access to resources on a computer is restricted using a logical or physical control desinged to protect against unauthorized entry or use.

Exploit

Exploit: A tool or technique that takes advantage of a vulnerability

Expsure

Exposure: The estimated cost, loss, or damage that can result if a threat exploits a vulnerablitity

Risk Management

Risk Management: Process of identifying,assessing, and redusing risks to an acceptable level.

CIA triad(Confidentiality, integrity, availability

The three main principles of IT Security

Risk

Risk: probability of a threat exploiting a vulnerability

Threat

Threat: someone or something that may result in harm to an asset.