Mostly Used Terms Related to Digital and Internet Security

terms internet security techhyme

The number of threats is rising daily, yet the time window to deal with them is rapidly shrinking.

Also Read:

Traditionally, security has been defined as a process to prevent unauthorized access, use, alteration, theft, or physical damage to an object through maintaining high confidentiality and integrity of information about the object and making information about the object available whenever needed.

1. Access Control

A security service that prevents the unauthorized use of information system resources.

2. Access Control List

Mechanism implementing discretionary and/or mandatory access control between subjects and objects.

3. Accountability

The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity. This supports non repudiation, deterrence, fault isolation, intrusion detection and prevention, and after-action recovery and legal action.

4. Application-Level Firewall

A firewall system in which service is provided by processes that maintain complete TCP connection state and sequencing; application level firewalls often re-address traffic so that outgoing traffic appears to have originated from the firewall, rather than the internal host. In contrast to packet filtering firewalls, this firewall must have knowledge of the Application Data Transfer Protocol and often has rules about what may be transmitted and what may not be transmitted.

5. Application Program Interface

A set of standard software interrupts, calls, and data formats that application programs use to initiate contact with network services, mainframe communications programs, telephone equipment, or program-to-program communications.

6. Authentication

Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual’s eligibility to receive specific categories of information.

7. Authorization

The process of determining what types of activities are permitted; usually, authorization is in the context of authentication: once you have authenticated a user, they may be authorized different types of access or activity.

8. Availability

The property of being accessible and usable upon demand by an authorized entity.

9. Banner Grabbing

The process of capturing banner information, such as application type and version that is transmitted by a remote port when a connection is initiated.

10. Certification & Accreditation

Certification is the comprehensive evaluation of the technical and nontechnical security features of an intermediate system (IS) and other safeguards, made in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified requirements.

11. Challenge/Response

An authentication technique whereby a server sends an unpredictable challenge to the user, who computes a response using some form of an authentication token.

12. Common Criteria

The Common Criteria for Information Technology Security Evaluation is a catalog of security functional and assurance requirements and has a central role in the National Information Assurance Program.

13. Confidentiality

A security service that prevents unauthorized disclosure of information residing on a computer, transiting a local network, or flowing over a public Internet.

14. Covert Channel

Any communication channel that can be exploited by a process to transfer information in a manner that violates the system’s security policy.

15. Covert Testing

Testing performed using covert methods and without the knowledge of the organization’s information technology (IT) staff but with full knowledge and permission of upper management.

16. Defense in Depth

The security approach whereby layers of protection are needed to establish an adequate security posture for the system; strategy is based on the concept that attacks must penetrate multiple protections that have been placed throughout the system to be successful.

17. Digital Certificate

A structure for binding a principal’s identity to its public key. A certification authority (CA) issues and digitally signs a digital certificate.

18. Discretionary Access Control

A non policy-based method of restricting access to a system’s files and objects based on the decision of the resource’s owner.

19. Due Diligence

Prudence and caution required during the performance of an act (such as penetration testing).

20. Encapsulating Security Payload

This message header is designed to provide a mix of security services that provides confidentiality, data origin authentication, connectionless integrity, an anti replay service, and limited traffic flow confidentiality.

21. External Security Testing

Security testing conducted from outside the organization’s security perimeter.

22. False Negative

An absence of an alert when vulnerability is present.

23. False Positive

An alert that incorrectly indicates that vulnerability is present.

24. Firewall

A system or combination of systems that enforces a boundary between two or more networks.

25. Hash

Value computed on data to detect error or manipulation.

26. Host-Based Security

The technique of securing an individual system from attack; host-based security is operating system and version dependent.

27. Identification & Authentication

The identification of an entity with some level of assurance.

28. Insider Attack

An attack originating from inside a protected network.

29. Integrity

The security goal that generates the requirement for protection against either intentional or accidental attempts to violate data integrity or system integrity.

30. Intrusion Detection

Detection of break-ins or break-in attempts either manually or through software expert systems that operate on logs or other information available on the network.

31. Intrusion Detection System

A system that detects and identifies unauthorized or unusual activity on the hosts and networks; this is accomplished by the creation of audit records and checking the audit log against the intrusion thresholds.

32. Intrusion Prevention

Interception of break-ins or break-in attempts through software expert systems that operate on information available on the network.

33. Malware

Malicious software intended to compromise or deny access to a system.

34. Mandatory Access Control

Policy-based control methods of restricting access to a system’s file/objects in which the administrators, not the resource owners, make access decisions that bear on or derive from access control policy.

35. Network Discovery

The process of discovering active and responding hosts on a network, identifying weaknesses, and learning how the network operates.

36. Network Sniffing

A passive technique that monitors network communication, decodes protocols, and examines headers and payloads for information of interest. It is both a review technique and a target identification and analysis technique.

37. OS Fingerprinting

Analyzing characteristics of packets sent by a target, such as packet headers or listening ports, to identify the operating system in use on the target.

38. Overt Testing

Security testing performed with the knowledge and consent of the organization’s information technology (IT) staff.

39. Parity

Bits used to determine whether a block of data has been altered.

40. Passive Security Testing

Security testing that does not involve any direct interaction with the targets, such as sending packets to a target.

41. Password Cracking

The process of recovering secret passwords stored in a computer system or transmitted over a network.

42. Penetration Testing

Security testing in which evaluators mimic real-world attacks in an attempt to identify ways to circumvent the security features of an application, system, or network. Penetration testing often involves issuing real attacks on real systems and data, using the same tools and techniques used by actual attackers. Most penetration tests involve looking for combinations of vulnerabilities on a single system or multiple systems that can be used to gain more access than could be achieved through a single vulnerability.

43. Perimeter-Based Security

The technique of securing a network by controlling accesses to all entry
and exit points of the network.

44. Phishing

A digital form of social engineering that uses authentic-looking e-mails to request information from users or direct them to a fake Web site that requests information.

45. Port Scanner

A program that can remotely determine which ports on a system are open, and whether the system allows connection on these ports.

46. Proxy

A software agent that acts on behalf of a user. Typically proxies accept a connection from a user, make a decision as to whether or not the user or client Internet Protocol (IP) address is permitted to use the proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote destination.

47. Rogue Device

An unauthorized node on the network.

48. Rules of Engagement

Detailed guidelines and constraints regarding the execution of information security testing. The Rules of Engagement are established before the start of a security test, and gives the test team authority to conduct defined activities without the need for additional permissions.

49. Sanitization

The changing of content information to meet the requirements of the sensitivity level of the network to which the information is being sent.

50. Social Engineering

An attack based on deceiving users or administrators at the target site; the attacks are typically carried out by an adversary telephoning users or operators, and pretending to be an authorized user, to attempt to gain illicit access to systems.

51. Trojan Horse

A software entity that appears to do something normal but in fact contains a trapdoor or attack program.

52. Virtual Machine

Software that allows a single host to run one or more guest operating systems.

53. Virus

A self-replicating code segment; viruses may or may not contain attack programs or trapdoors.

54. Worm

Propagates itself through memory or networks without necessarily modifying programs. A worm is similar to a virus because it has the capability to replicate, but differs from a virus in that it does not seek a host.