Secure Sockets Layer (SSL)

A protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a public key to encrypt data that's transferred over the SSL connection.

Security Policy

A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.

Server

A system entity that provides a service in response to requests from other system entities called clients.

Sniffing

A synonym for "passive wiretapping."

Social Engineering

A euphemism for non-technical or low-technology means - such as lies, impersonation, tricks, bribes, blackmail, and threats - used to attack information systems.

Software

Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution.

Spoof

Attempt by an unauthorized entity to gain access to a system by posing as an authorized user.

SQL Injection

SQL injection is a type of input validation attack specific to database-driven applications where SQL code is inserted into application queries to manipulate the database

Threat

A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.

Threat Assessment

A threat assessment is the identification of types of threats that an organization might be exposed to.

Threat Model

A threat model is used to describe a given threat and the harm it could to do a system if it has a vulnerability.

Token-Based Access Control

Token based access control associates a list of objects and their privileges with each user. (The opposite of list based.)

Token-Based Devices

A token-based device is triggered by the time of day, so every minute the password changes, requiring the user to have the token with them when they log in.

Uniform Resource Locator (URL)

The global address of documents and other resources on the World Wide Web. The first part of the address indicates what protocol to use, and the second part specifies the IP address or the domain name where the resource is located. For example, http://www.pcwebopedia.com/index.html .

Unix

A popular multi-user, multitasking operating system developed at Bell Labs in the early 1970s. Created by just a handful of programmers, Unix was designed to be a small, flexible system used exclusively by programmers

Virtual Private Network (VPN)

A restricted-use, logical (i.e., artificial or simulated) computer network that is constructed from the system resources of a relatively public, physical (i.e., real) network (such as the Internet), often by using encryption (located at hosts or gateways), and often by tunneling links of the virtual network across the real network. For example, if a corporation has LANs at several different sites, each connected to the Internet by a firewall, the corporation could create a VPN by (a) using encrypted tunnels to connect from firewall to firewall across the Internet and (b) not allowing any other traffic through the firewalls. A VPN is generally less expensive to build and operate than a dedicated real network, because the virtual network shares the cost of system resources with other users of the real network.

Virus

A hidden, self-replicating section of computer software, usually malicious logic, that propagates by infecting - i.e., inserting a copy of itself into and becoming part of - another program. A virus cannot run by itself; it requires that its host program be run to make the virus active.

Voice Firewall

A physical discontinuity in a voice network that monitors, alerts and controls inbound and outbound voice network activity based on user-defined call admission control (CAC) policies, voice application layer security threats or unauthorized service use violations.

Voice Intrusion Prevention System (IPS)

Voice IPS is a security management system for voice networks which monitors voice traffic for multiple calling patterns or attack/abuse signatures to proactively detect and prevent toll fraud, Denial of Service, telecom attacks, service abuse, and other anomalous activity.

Vulnerability

A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy.

WAN Acceleration

WAN acceleration improves network application performance by speeding access to resources such as e-mail, CRM databases, and Web servers. It overcomes network latency, protocol chattiness, and other issues that arise when using WAN links (such as the Internet) to access applications possibly written for a LAN environment.

Web application firewall (WAF)

A Web application firewall protects Web servers from malicious traffic and blocks attempts to compromise the system.

It prevents targeted attacks that include cross-site scripting, SQL injection, forceful browsing, cookie poisoning and invalid input.

Web Server

A software process that runs on a host computer connected to the Internet to respond to HTTP requests for documents from client web browsers.

Wireless Application Protocol

A specification for a set of communication protocols to standardize the way that wireless devices, such as cellular telephones and radio transceivers, can be used for Internet access, including e-mail, the World Wide Web, newsgroups, and Internet Relay Chat

World Wide Web ("the Web", WWW, W3)

The global, hypermedia-based collection of information and services that is available on Internet servers and is accessed by browsers using Hypertext Transfer Protocol and other information retrieval mechanisms.

Worm

A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively.