Security
This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.
Authentication and access control
Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.
-
password spraying
Password spraying is a cyberattack tactic that involves a hacker using a single password to try and break into multiple target accounts.
-
encryption key management
Encryption key management is the practice of generating, organizing, protecting, storing, backing up and distributing encryption keys.
-
identity theft
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.
Compliance, risk and governance
This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.
-
electronic protected health information (ePHI)
Electronic protected health information (ePHI) is protected health information that is produced, saved, transferred or received in an electronic form.
-
cloud audit
A cloud audit is an assessment of a cloud computing environment and its services, based on a specific set of controls and best practices.
-
What is BCDR? Business continuity and disaster recovery guide
Business continuity (BC) and disaster recovery (DR) are closely related practices that support an organization's ability to remain operational after an adverse event.
Network security
Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.
-
storage security
Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks and unavailable to other entities.
-
cloud audit
A cloud audit is an assessment of a cloud computing environment and its services, based on a specific set of controls and best practices.
-
OpenSSL
OpenSSL is an open source cryptographic toolkit that facilitates secure communications between endpoints on a network.
Security Admin
Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.
-
storage security
Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks and unavailable to other entities.
-
cloud audit
A cloud audit is an assessment of a cloud computing environment and its services, based on a specific set of controls and best practices.
-
What is BCDR? Business continuity and disaster recovery guide
Business continuity (BC) and disaster recovery (DR) are closely related practices that support an organization's ability to remain operational after an adverse event.
Threat management
Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.
-
storage security
Storage security is the group of parameters and settings that make storage resources available to authorized users and trusted networks and unavailable to other entities.
-
phishing
Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication.
-
computer forensics (cyber forensics)
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law.