<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML+RDFa 1.0//EN" "http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" version="XHTML+RDFa 1.0" dir="ltr" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/terms/" xmlns:foaf="http://xmlns.com/foaf/0.1/" xmlns:og="http://ogp.me/ns#" xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" xmlns:sioc="http://rdfs.org/sioc/ns#" xmlns:sioct="http://rdfs.org/sioc/types#" xmlns:skos="http://www.w3.org/2004/02/skos/core#" xmlns:xsd="http://www.w3.org/2001/XMLSchema#"> <head profile="http://www.w3.org/1999/xhtml/vocab"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="Generator" content="Drupal 7 (http://drupal.org)" /> <link rel="canonical" href="/glossary-20" /> <link rel="shortlink" href="/node/61" /> <link rel="shortcut icon" href="https://datasecurity.ucsf.edu/profiles/ucsf_b1gfoot/themes/ucsf_b1gfoot_theme/favicon.ico" type="image/vnd.microsoft.icon" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /> <meta property="og:image" content="https://datasecurity.ucsf.edu/profiles/ucsf_b1gfoot/themes/ucsf_b1gfoot_theme/img/img-metatag.jpg" /> <meta property="og:image:width" content="940" /> <meta property="twitter:image" content="https://datasecurity.ucsf.edu/profiles/ucsf_b1gfoot/themes/ucsf_b1gfoot_theme/img/img-metatag.jpg" /> <meta property="twitter:card" content="summary" /> <meta property="og:site_name" content="FAS Data Security Compliance Program" /> <meta property="twitter:url" content="https://datasecurity.ucsf.edu/glossary-20" /> <meta property="og:url" content="https://datasecurity.ucsf.edu/glossary-20" /> <meta property="twitter:title" content="Glossary 2.0 | FAS Data Security Compliance Program" /> <meta property="og:title" content="Glossary 2.0" /> <title>Glossary 2.0 | FAS Data Security Compliance Program</title> <link type="text/css" rel="stylesheet" href="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/css/css_kShW4RPmRstZ3SpIC-ZvVGNFVAi0WEMuCnI0ZkYIaFw.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/css/css_jVP-avRIcwSWPF-1IJSmQT0nIFbNRJmb8lM03RkeKAY.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/css/css_rV3Wod_e6ST6El0CA65NgFrvcFHnCpm1z0SGwM9reQg.css" media="all" /> <style type="text/css" media="all"> <!--/*--><![CDATA[/*><!--*/ .cke_toolgroup > .cke_button__quote{display:none}.cke_toolgroup > .cke_button__twocolumn{display:none}.cke_toolgroup > .cke_button__threecolumn{display:none}.cke_toolgroup > .cke_button__featuredcontent{display:none}.cke_toolgroup > .cke_button__collapseitem{display:none} /*]]>*/--> </style> <link type="text/css" rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/hopscotch/0.2.5/css/hopscotch.min.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/css/css_-5KGL3kpG9BJtjhjan_sSs2LNKUh8DXr0FbFKbHMQxM.css" media="all" /> <link type="text/css" rel="stylesheet" href="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/css/css_47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU.css" media="print" /> <link type="text/css" rel="stylesheet" href="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/css/css_ApJ4vsstzpdaC9vzq_-8Klb3MFGflA25_mW2L7Z7vog.css" media="all" /> <script type="text/javascript" src="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/js/js_Pt6OpwTd6jcHLRIjrE-eSPLWMxWDkcyYrPTIrXDSON0.js"></script> <script type="text/javascript" src="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/js/js_onbE0n0cQY6KTDQtHO_E27UBymFC-RuqypZZ6Zxez-o.js"></script> <script type="text/javascript" src="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/js/js_gHk2gWJ_Qw_jU2qRiUmSl7d8oly1Cx7lQFrqcp3RXcI.js"></script> <script type="text/javascript" src="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/js/js_xe_uRFgIncjVWm4-Oa-ayIcSuU7G-5paEa2xC6Asbdg.js"></script> <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/hopscotch/0.2.5/js/hopscotch.min.js"></script> <script type="text/javascript" src="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/js/js_7PbaJTSu-LxJaTVbKUqW3Gf_NGEIE3gHP-pkSD63kK8.js"></script> <script type="text/javascript"> <!--//--><![CDATA[//><!-- var sliderSecondary ='slider-secondary-no-image';var sliderPrimary ='slider-no-image'; //--><!]]> </script> <script type="text/javascript" src="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/js/js_3KU2G0XuUwThidq7lpTBQghUO1g1ty4dEdv-co66Xqw.js"></script> <script type="text/javascript" src="https://datasecurity.ucsf.edu/sites/g/files/tkssra1931/f/js/js__pev76oqunwyHrozBOUwthVLhzUZgLLfKlmOonOmdkg.js"></script> <script type="text/javascript"> <!--//--><![CDATA[//><!-- jQuery.extend(Drupal.settings, {"basePath":"\/","pathPrefix":"","setHasJsCookie":0,"ajaxPageState":{"theme":"ucsf_b1gfoot_theme","theme_token":"NZaKYmK4nQ7C6N7TFNdIVEzetcoEg3bbt04W9TRTbtM","js":{"profiles\/ucsf_b1gfoot\/modules\/contrib\/jquery_update\/replace\/jquery\/1.12\/jquery.min.js":1,"misc\/jquery-extend-3.4.0.js":1,"misc\/jquery-html-prefilter-3.5.0-backport.js":1,"misc\/jquery.once.js":1,"misc\/drupal.js":1,"profiles\/ucsf_b1gfoot\/modules\/contrib\/jquery_update\/js\/jquery_browser.js":1,"misc\/form-single-submit.js":1,"profiles\/ucsf_b1gfoot\/modules\/contrib\/entityreference\/js\/entityreference.js":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_admin_menu\/js\/ucsf_b1gfoot_admin_menu.js":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_eds_profiles\/ucsf_eds_profiles_tweaks.js":1,"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/hopscotch\/0.2.5\/js\/hopscotch.min.js":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/y3ti_help\/js\/y3ti_help.js":1,"0":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_sitewizard\/js\/ucsf_b1gfoot_sitewizard.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/slick\/slick.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/icheck.min.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/build\/main.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/responsive-nav\/responsive-nav.min.js":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/script.js":1},"css":{"modules\/system\/system.base.css":1,"modules\/system\/system.messages.css":1,"modules\/system\/system.theme.css":1,"modules\/aggregator\/aggregator.css":1,"modules\/book\/book.css":1,"modules\/comment\/comment.css":1,"modules\/field\/theme\/field.css":1,"modules\/node\/node.css":1,"modules\/search\/search.css":1,"modules\/user\/user.css":1,"profiles\/ucsf_b1gfoot\/modules\/contrib\/views\/css\/views.css":1,"profiles\/ucsf_b1gfoot\/modules\/contrib\/ckeditor\/css\/ckeditor.css":1,"profiles\/ucsf_b1gfoot\/modules\/contrib\/ctools\/css\/ctools.css":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_admin_menu\/css\/ucsf_b1gfoot_admin_menu.css":1,"profiles\/ucsf_b1gfoot\/modules\/b1gfoot\/ucsf_b1gfoot_sitewizard\/css\/ucsf_b1gfoot_sitewizard.css":1,"0":1,"https:\/\/cdnjs.cloudflare.com\/ajax\/libs\/hopscotch\/0.2.5\/css\/hopscotch.min.css":1,"https:\/\/maxcdn.bootstrapcdn.com\/font-awesome\/4.4.0\/css\/font-awesome.min.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/js\/vendor\/slick\/slick.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/screen.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/print.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/colors\/primary\/primary-navy.css":1,"profiles\/ucsf_b1gfoot\/themes\/ucsf_b1gfoot_theme\/css\/colors\/secondary\/secondary-grey.css":1}},"urlIsAjaxTrusted":{"\/glossary-20":true}}); //--><!]]> </script> </head> <body class="html not-front not-logged-in page-node page-node- page-node-61 node-type-page slider-secondary ucsf-b1gfoot font--header--helveticaneue slider-secondary-no-image profile--grid no-sidebar no-sidebar--right" > <div id="skip-link"> <a href="#main-content" class="element-invisible element-focusable">Skip to main content</a> </div> <div id="page-wrapper"> <div id="page"> <div class="ucsf-top-header row-full-width no-logo"> <div class="inside"> <ul class="menu"> <li class="first"><a href="https://www.ucsf.edu">University of California San Francisco</a></li> <li><a href="https://www.ucsfhealth.org/">UCSF Health</a></li> <li><a href="https://www.ucsf.edu/search" title="">Search UCSF</a></li> <li><a href="https://www.ucsf.edu/about">About UCSF</a></li> </ul> </div> </div> <div id="header" class="row-full-width"> <div class="inside clearfix"> <h1 id="site-name"> <a href="/" title="Home" rel="home"> FAS Data Security Compliance Program </a> </h1> <div class="region region-header"> <div id="block-search-form" class="block block-search"> <div class="content"> <form onsubmit="if(this.search_block_form.value==&#039;Search&#039;){ alert(&#039;Please enter a search&#039;); return false; }" action="/glossary-20" method="post" id="search-block-form" accept-charset="UTF-8"><div><div class="container-inline"> <h2 class="element-invisible">Search form</h2> <div class="form-item form-type-textfield form-item-search-block-form"> <label class="element-invisible" for="edit-search-block-form--2">Search... </label> <input title="Enter the terms you wish to search for." placeholder="Search..." class="text-input fa fa-search form-text" aria-hidden="" type="text" id="edit-search-block-form--2" name="search_block_form" value="" size="40" maxlength="128" /> </div> <div class="form-actions form-wrapper" id="edit-actions"><input type="submit" id="edit-submit" name="op" value="" class="form-submit" /></div><input type="hidden" name="form_build_id" value="form-z7Yhnp8-J9A31_2SKQIH0dfxvvDYxiXsRfwosQu9pO0" /> <input type="hidden" name="form_id" value="search_block_form" /> </div> </div></form> </div> </div> <div id="block-ucsf-b1gfoot-tweaks-header-socialmedia" class="block block-ucsf-b1gfoot-tweaks"> <div class="content"> <div class="nav-social"></div> </div> </div> <div id="block-menu-block-1" class="block block-menu-block"> <div class="content"> <div class="menu-block-wrapper menu-block-1 menu-name-main-menu parent-mlid-0 menu-level-1"> <ul class="menu"><li class="first leaf menu-mlid-1381"><a href="/">Home</a></li> <li class="expanded menu-mlid-1896"><a href="/about-fas-dscp">About</a><ul class="menu"><li class="first last leaf menu-mlid-1906"><a href="/dscp-meetings">DSCP Meetings</a></li> </ul></li> <li class="leaf menu-mlid-1796"><a href="/news">News</a></li> <li class="expanded menu-mlid-3651"><a href="/fas-internal-application-survey">FAS Internal Application Survey</a><ul class="menu"><li class="first last leaf menu-mlid-3656"><a href="/dscp-risk-management-cycle">Dashboards</a></li> </ul></li> <li class="leaf menu-mlid-1901"><a href="/processes-procedures">Processes &amp; Procedures</a></li> <li class="leaf menu-mlid-3291"><a href="/reports">Reports</a></li> <li class="last expanded active-trail menu-mlid-2016"><a href="/resources" class="active-trail">Resources</a><ul class="menu"><li class="first leaf menu-mlid-4696"><a href="/faq-fas-risk-assessment">FAQ for FAS Risk Assessment</a></li> <li class="last leaf active-trail active menu-mlid-3246"><a href="/glossary-20" class="active-trail active">Glossary 2.0</a></li> </ul></li> </ul></div> </div> </div> </div> </div> </div> <div id="breadcrumb" class="row-full-width"><div class="inside"><h2 class="element-invisible">You are here</h2><div class="breadcrumb"><a href="/">Home</a> > <a href="/resources">Resources</a> > <span class="breadcrumb-page-title">Glossary 2.0</span></div></div></div> <div class="content-top"> </div> <div id="main-wrapper"> <div id="main" class="clearfix"> <div id="content" class="column"> <div class="inside"> <a id="main-content"></a> <div class="tabs"></div> <div class="region region-content"> <div id="block-system-main" class="block block-system"> <div class="content"> <div id="node-61" class="node node-page slider-secondary clearfix" about="/glossary-20" typeof="sioc:Item foaf:Document"> <span property="dc:title" content="Glossary 2.0" class="rdf-meta element-hidden"></span><span property="sioc:num_replies" content="0" datatype="xsd:integer" class="rdf-meta element-hidden"></span> <div class="content"> <div class="field field-name-field-body field-type-text-long field-label-hidden"><div class="field-items"><div class="field-item even"><h1><a id="security_glossary" name="security_glossary"><span style="color: rgb(0, 0, 0);">Glossary 2.0</span></a></h1> <p>Below are frequently used terms. Included are definitions and examples for these terms.</p> <p> </p> <hr /> <p> </p> <div class="container"> <p style="bottom: -20px; position: fixed;"><button class="button-glossary" onclick=" window.open('/node/61/#A','_self')">A</button><button class="button-glossary" onclick=" window.open('/node/61/#B','_self')">B</button><button class="button-glossary" onclick=" window.open('/node/61/#C','_self')">C</button><button class="button-glossary" onclick=" window.open('/node/61/#D','_self')">D</button><button class="button-glossary" onclick=" window.open('/node/61/#E','_self')">E</button><button class="button-glossary" onclick=" window.open('/node/61/#F','_self')">F</button><button class="button-glossary" onclick=" window.open('/node/61/#G','_self')">G</button><button class="button-glossary" onclick=" window.open('/node/61/#H','_self')">H</button><button class="button-glossary" onclick=" window.open('/node/61/#I','_self')">I</button><button class="button-glossary" onclick=" window.open('/node/61/#J','_self')">J</button><button class="button-glossary" onclick=" window.open('/node/61/#K','_self')">K</button><button class="button-glossary" onclick=" window.open('/node/61/#L','_self')">L</button><button class="button-glossary" onclick=" window.open('/node/61/#M','_self')">M</button><button class="button-glossary" onclick=" window.open('/node/61/#N','_self')">N</button><button class="button-glossary" onclick=" window.open('/node/61/#O','_self')">O</button><button class="button-glossary" onclick=" window.open('/node/61/#P','_self')">P</button><button class="button-glossary" onclick=" window.open('/node/61/#Q','_self')">Q</button><button class="button-glossary" onclick=" window.open('/node/61/#R','_self')">R</button><button class="button-glossary" onclick=" window.open('/node/61/#S','_self')">S</button><button class="button-glossary" onclick=" window.open('/node/61/#T','_self')">T</button><button class="button-glossary" onclick=" window.open('/node/61/#U','_self')">U</button><button class="button-glossary" onclick=" window.open('/node/61/#V','_self')">V</button><button class="button-glossary" onclick=" window.open('/node/61/#W','_self')">W</button><button class="button-glossary" onclick=" window.open('/node/61/#X','_self')">X</button><button class="button-glossary" onclick=" window.open('/node/61/#Y','_self')">Y</button><button class="button-glossary" onclick=" window.open('/node/61/#Z','_self')">Z</button><button class="button-glossary" onclick=" window.open('/node/61/##','_self')">#</button></p> </div> <h2><a id="A" name="A">A</a></h2> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>acceptable use policies</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Agreed-upon principles set forth by a company to govern how the employees of that company may use resources such as computers and Internet access.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>access control</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The means of giving or restricting user access to network resources. Access control can be accomplished through the use of an access control list (ACL).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>access control list (ACL)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A table or data file that specifies whether a user or group has access to a specific resource on a computer or network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>access point (AP)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The point at which access to a network is accomplished. This term is often used in relation to a wireless access point (WAP).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>accountability statement</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A policy that provides information to the reader about who to contact if a problem is discovered.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>active response</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A response generated in real time.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>activity</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any action a user undertakes.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Address Resolution Protocol (ARP)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Protocol used to map known IP addresses to unknown physical addresses.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Address Resolution Protocol (ARP) poisoning</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack that convinces the network that the attacker’s MAC address is the one associated with an allowed address so that traffic is wrongly sent to attacker’s machine.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>administrative control</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A control implemented through administrative policies or procedures.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>administrator</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The user who is accountable and responsible for the network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Advanced Encryption Standard (AES)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A Federal Information Processing Standards (FIPS) publication that specifies a cryptographic algorithm for use by the U.S. government.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>adware</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Software that gathers information to pass on to marketers or that intercepts personal data such as credit card numbers and makes them available to third parties.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>AES256</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An implementation of Advanced Encryption Standard (AES) that uses 256-bit encryption.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>alarm</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A notification that an unusual condition exists and should be investigated.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>alert</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A notification that an unusual condition exists and should be investigated.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>all-in-one appliance</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An appliance that performs multiple functions.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>analyzer</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The component or process that analyzes the data collected by the sensor.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>annual loss expectancy (ALE)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A calculation used to identify risks and calculate the expected loss each year.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>annualized rate of occurrence (ARO)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A calculation of how often a threat will occur. For example, a threat that occurs once every five years has an annualized rate of occurrence of 1/5, or 0.2.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>anomalies</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Variations from normal operations.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>anomaly-detection IDS (AD-IDS)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An anomaly-detection intrusion detection system works by looking for deviations from a pattern of normal network traffic.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>antivirus software</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Software that identifies the presence of a virus and is capable of removing or quarantining the virus.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Anything as a Service (XaaS)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A cloud computing model that can work with a combination of other models: SaaS, IaaS, or PaaS.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>appliance</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A freestanding device that operates in a largely self-contained manner.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>application</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An application has both a user interactive front-end and a back-end where the data resides.  Front-ends can be a web page, a mobile app, or a desktop fat client.  An application generally supports multiple users, requires a login, and goes through a software development lifecycle (SDLC). </p> <p>Applications are the software elements that are directly touched and felt by end users.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Application Administrator</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Individual or group responsible for the administration of the application. This role is similar to a System Administrator.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Application layer</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The seventh layer of the Open Systems Interconnection (OSI) model. This layer deals with how applications access the network and describes application functionality, such as file transfer and messaging.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Application Manager</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>UCSF employee responsible for routine management of application, may also perform application administrator functions, such as adding/deleting users.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>application programming interfaces (APIs)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An abstract interface to the services and protocols provided by an operating system.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>application-level proxy</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A device or software that recognizes application-specific commands and offers granular control over them.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>arbitrary code execution</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Accepting commands unrelated to a program and running them on the host machine within a shell, or command interpreter.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>architectural approach</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An approach to security that involves using a control framework to focus on the foundational infrastructure.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>armored virus</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A virus that is protected in a way that makes disassembling it difficult. The difficulty makes it “armored” against antivirus programs that have trouble getting to, and understanding, its code.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>ARP spoofing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>More commonly known as ARP poisoning, this involves the MAC (Media Access Control) address of the data being faked.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>asymmetric algorithm </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An algorithm that uses two keys.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>asymmetric encryption </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Encryption in which two keys must be used. One key is used to encrypt data, and the other is needed to decrypt the data. Asymmetric encryption is the opposite of symmetric encryption, where a single key serves both purposes.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any unauthorized intrusion into the normal operations of a computer or computer network. The attack can be carried out to gain access to the system or any of its resources.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>attack surface </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The area of an application that is available to users—those who are authenticated and, more importantly, those who are not.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>attack surface reduction (ASR) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Minimizing the possibility of exploitation by reducing the amount of code and limiting potential damage.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>audit </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of tracking resource usage by users.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>authentication </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The means of verifying that someone is who they say they are.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Authentication Header (AH) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A header used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Authenticode </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of certificate technology that allows ActiveX components to be validated by a server.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Automated System Recovery (ASR) disk </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A utility used with Windows 7 and 8 for creating a copy of the configuration settings necessary to reach the present state after a disaster.</p> </div> </div> <hr /> <h2><a id="B" name="B">B</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>backdoor </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An opening left in a program application (usually by the developer) that allows additional access to data. Typically, a backdoor is created for debugging purposes and is not documented. Before the product ships, the backdoors are closed; when they aren’t closed, security loopholes exist.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>backout </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A reversion, or roll back to a previous state, from a change that had negative consequences.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>backup </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A usable copy of data made to media. Ideally, the backup is made to removable media and stored for recovery should anything happen to the original data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>backup generator </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A generator that can supply power in the event the primary provider is unable to deliver it.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>backup plan </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A documented plan governing backup situations. It can include alternate or secondary plans as well.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>backup policy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A written policy detailing the frequency of backups and the location of storage media.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>banner grabbing</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Looking at the banner, or the header information messages sent with data, to find out about a system(s).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>baselining </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Comparing performance to a historic metric.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>bastion host </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A host with multiple network interface cards so that it can reside on multiple networks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>best practices </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A set of rules governing basic operations.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Big Data analysis </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Data that is too large to be dealt with by traditional database management means.</p> <p> </p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>birthday attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A probability method of finding collision in hash functions.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>BitLocker </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A Microsoft utility used to encrypt a drive.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>block cipher </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of encryption that processes blocks of data rather than streams.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Blowfish </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of symmetric block cipher created by Bruce Schneier.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>bluejacking </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The sending of unsolicited messages over a Bluetooth connection.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>bluesnarfing</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The gaining of unauthorized access through a Bluetooth connection.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>border router </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A router used to translate from LAN framing to WAN framing.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>bot </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An automated software program (network robot) that collects information on the Web. In the malicious form, a bot is a compromised computer being controlled remotely.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>bridge trust model </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A trust model in which a peer-to-peer relationship exists among the root certificate authorities.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>brute-force attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of attack that relies purely on trial and error and tries all possible combinations.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>buffer overflow </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of denial-of-service (DoS) attack that occurs when more data is put into a buffer than it can hold, thereby overflowing it (as the name implies).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>business continuity planning (BCP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>the creation and validation of a practiced plan for how an organization will recover and restore partially or completely interrupted critical (urgent) functions within a predetermined time after a disaster or extended disruption.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>business impact analysis (BIA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A study of the possible impact if a disruption to a business’s vital resources were to occur.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Business Owner </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>UCSF employee responsible for business purpose of application, typically a senior manager or faculty member.</p> </div> </div> <hr /> <h2><a id="C" name="C">C</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cable lock </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A physical security deterrent used to protect a computer.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>captive portal </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An access point that requires users to agree to some condition before they use the network or Internet.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>CAST</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of symmetric block cipher defined by RFC 2144.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>certificate </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A digital entity that establishes who you are and is often used with e-commerce. It contains your name and other identifying data and usually includes the public key in PKI.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>certificate authority (CA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An issuer of digital certificates (which are then used for digital signatures or key pairs). A certificate authority is occasionally referred to as a certification authority.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Certificate Management Protocol (CMP)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A messaging protocol used between PKI entities. This protocol is used in some PKI environments.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Certificate Practice Statement (CPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The principles and procedures employed in the issuing and managing of certificates.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>certificate revocation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of making a certificate invalid.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>certificate revocation list (CRL) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A list of digital certificate revocations that must be regularly downloaded to stay current.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Challenge Handshake Authentication Protocol (CHAP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol that challenges a system to verify identity. CHAP is an improvement over Password Authentication Protocol (PAP), in which one-way hashing is incorporated into a three-way handshake.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>change management </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Management included in the making of a change in the scope of any particular item.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cipher </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An algorithm, also known as a cryptographic algorithm, used to encrypt and decrypt data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>CISO </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A role responsible for security functions throughout a Location, including assisting in the interpretation and application of UCOP IS-3.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>client </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The part of a client-server network where the computing is usually done. In a typical setting, a client uses the server for remote storage, backups, or security (such as a firewall).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>closed-circuit television (CCTV) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A surveillance camera used for physical-access monitoring.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cloud bursting </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Moving the execution of an application to the cloud on an as-needed basis.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cloud computing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>clustering </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of balancing loads and providing fault tolerance.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>code escrow </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The storage and conditions for release of source code provided by a vendor, partner, or other party.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>code review </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Looking at all custom written code for holes that may exist.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cold aisles </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Server room aisles that blow cold air from the floor.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cold site </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A physical site that can be used if the main site is inaccessible (destroyed) but that lacks all the resources necessary to enable an organization to use it immediately. Commonly, plans call for turning to a cold site within a certain number of hours after the loss of the main site.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>collusion </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An agreement between individuals to commit fraud or deceit.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Common Access Card (CAC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A standard identification card used by the Department of Defense (DoD) and other employers. It is used for authentication as well as identification.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Common Criteria (CC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A document of specifications detailing security evaluation methods for IT products and systems.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>community cloud </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Cloud delivery model in which the infrastructure is shared by organizations with something in common.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>companion virus </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A virus that creates a new program that runs in place of an expected program of the same name.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>compensating controls </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Gap controls that fill in the coverage between other types of vulnerability mitigation techniques (where there are holes in coverage, we compensate for them).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>compliance risk</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>If audited or investigated, gaps in compliance could expose UCSF to regulatory fines and administrative action from the Office for Civil Rights(OCR). These can include areas such as undocumented policies and procedures, lack of recurring training programs, or lack of encryption for systems hosting ePHI. To be fully compliant to HIPAA, FERPA, &amp; SB1386, all controls must be implemented.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Computer Security Incident Response Team (CSIRT) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A formalized or an ad hoc team you can call upon to respond to an incident after it arises.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>connection-oriented protocol </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Type of communications between two hosts that have a previous session established for synchronizing sent data. The receiving PC acknowledges the data. This method allows for guaranteed delivery of data between PCs. Within the TCP/IP suite, TCP is used for connection-oriented communications.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>contingency plan </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A plan that allows a business to keep running in the event of a disruption to vital resources.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>control </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Processes or actions used to respond to situations or events.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>control types </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Technical or administrative measures in place to assist with resource management.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cookie </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A plain-text file stored on your machine that contains information about you (and your preferences) and is used by a server.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A wrapper that uses 128-bit AES encryption with a 48-bit initialization vector.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>critical business functions (CBF) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Functions on which the livelihood of the company depends.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Cross-Site Request Forgery (XSRF) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A form of web-based attack in which unauthorized commands are sent from a user that a website trusts.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cross-site scripting (XSS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Running a script routine on a user’s machine from a website without their permission.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cryptanalysis </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The study and practice of finding weaknesses in ciphers.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cryptanalyst </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A person who does cryptanalysis.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cryptographer </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A person who participates in the study of cryptographic algorithms.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cryptographic algorithm </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An algorithm, also known as a cipher, used to encrypt and decrypt data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>cryptography </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The field of mathematics focused on encrypting and decrypting data.</p> </div> </div> <hr /> <h2><a id="D" name="D">D</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>data disposal </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Getting rid of/destroying media no longer needed.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Data Encryption Standard (DES)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The primary standard used in government and industry until it was replaced by AES.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>data loss prevention (DLP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any systems that identify, monitor, and protect data to prevent it from unauthorized use, modification, or destruction.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>data policy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A policy dealing with some aspect of data (usage, destruction, retention, etc.).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>data loss risk</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>while the gaps above may result in fines if identified, it is more critical to the organization to be aware that lack of security controls could result in loss of data and additional penalties or cost for notification and remediation. Typically from a HIPAA perspective, organizations are investigated by OCR only if they have reported a breach or have had a whistleblower inform OCR of possible non-compliant actions. Therefore, as a good steward of data and to present a proactive stance to prevent data loss, additional actions may be recommended.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>deception active response </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A response that fools the attacker into thinking that the attack is succeeding while the system monitors the activity and potentially redirects the attacker to a system that is designed to be broken.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>demilitarized zone (DMZ) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An area for placing web and other servers outside the firewall. The purpose for so doing is not specifically to protect them but to protect the internal network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>denial-of-service (DoS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of attack that prevents any users—even legitimate ones—from using a system.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>design review </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Reviewing the security design, including examining the ports and protocols used, the rules, segmentation, and access control.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>detective control</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Controls that are intended to identify and characterize an incident in progress (for example, sounding the alarm and altering the administrator).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>dictionary attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of attempting to crack passwords by testing them against a list of dictionary words. With today’s powerful computers, an attacker can combine one of many available automated password-cracking utilities with several large dictionaries or “wordlists” and crack huge numbers of passwords in a matter of minutes. Any password based on any dictionary word is vulnerable to such an attack.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>differential backup </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of backup that includes only new files or files that have changed since the last full backup. Differential backups differ from incremental backups in that they don’t clear the archive bit upon their completion.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Diffie-Hellman key exchange </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An asymmetric standard for exchanging keys. This cryptographic algorithm is used primarily to send secret keys across public networks. The process isn’t used to encrypt or decrypt messages; it’s used merely for the transmission of keys in a secure manner.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>digital signature </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An asymmetrically encrypted signature whose sole purpose is to authenticate the sender.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>directory traversal attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack that involves navigating to other directories and gaining access to files/directories that would be otherwise restricted.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>disaster recovery </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of recovering data following a disaster that has destroyed it.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>disaster-recovery plan </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A plan outlining the procedure by which data is recovered after a disaster.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Discretionary Access Control (DAC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of restricting access to objects based on the identity of the subjects or the groups to which they belong. The user can assign permissions to data and assets at their discretion.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>disk duplexing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Technology that uses two controllers and two disks to keep identical copies of data to prevent the loss of data if one disk fails.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>disk mirroring </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Technology that keeps identical copies of data on two disks to prevent the loss of data if one disk fails.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>disk striping </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Technology that enables writing data to multiple disks simultaneously in small portions called stripes. These stripes maximize use by having all of the read/write heads working constantly. Different data is stored on each disk and isn’t automatically duplicated. (This means that disk striping in and of itself doesn’t provide fault tolerance.)</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>disk striping with parity </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A fault-tolerance solution of writing data across a number of disks and recording the parity on another (also known as disk striping with a parity disk). In the event that any one disk fails, the data on it can be re-created by looking at the remaining data and computing parity to figure out the missing data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>distributed denial-of-service (DDoS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A derivative of a DoS attack in which multiple hosts in multiple locations all focus on one target to reduce its availability to the public. This can be accomplished through the use of compromised systems, botnets, etc.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>DNS poisoning </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack method in which a daemon caches DNS reply packets, which sometimes contain other information (data used to fill the packets). The extra data can be scanned for information useful in a break-in or man-in-the-middle attack.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>DNS spoofing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The DNS server is given information about a name server that it thinks is legitimate when it isn’t.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Domain Name System (DNS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The network service used in TCP/IP networks that translates hostnames to IP addresses.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>dual-homed firewall </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A host that resides on more than one network and possesses more than one physical network card.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>dumpster diving </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Looking through trash for clues—often in the form of paper scraps—to find users’ passwords and other pertinent information.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Dynamic Host Configuration Protocol (DHCP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol used on a TCP/IP network to send client configuration data, including IP address, default gateway, subnet mask, and DNS configuration, to clients. DHCP uses a four-step process: Discover, Offer, Request, and Acknowledgment.</p> </div> </div> <hr /> <h2><a id="E" name="E">E</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>EAP over LAN (EAPOL) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The IEEE standard that defines port-based security for wireless network access control. It offers a means of authentication and defines the Extensible Authentication Protocol (EAP) over IEEE 802, and it is often known as 802.1x.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>elasticity </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Dynamic provisioning of resources as needed.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>electromagnetic interference (EMI) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The interference that can occur during transmissions over copper cable because of electromagnetic energy outside the cable. The result is degradation of the signal.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>electronic wallet </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A device that identifies you electronically in the same way as the cards you carry in your wallet.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Elliptic Curve Cryptography (ECC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of public key cryptosystem that requires a shorter key length than many other cryptography systems (including the de facto industry standard, RSA).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Encapsulating Security Payload (ESP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A header used to provide a mix of security services in IPv4 and IPv6. ESP can be used alone or in combination with the IP Authentication Header (AH).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>encapsulation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of enclosing data in a packet.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>encryption </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of converting data into a form that makes it less likely to be usable to anyone intercepting it if they can’t decrypt it.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>encryption key </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A string of alphanumeric characters used to decrypt encrypted data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>enticement </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of luring someone.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>entrapment </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of encouraging an attacker to perform an act, even if they don’t want to do it.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>ephemeral key </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A key that exists only for that session.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>escalation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of moving something up in priority. Often, when an incident is escalated, it’s brought to the attention of the next-highest supervisor.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>evaluation assurance levels (EALs) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A level of assurance, expressed as a numeric value, based on standards set by the Common Criteria Recognition Agreement (CCRA).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>event </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any noticeable action or occurrence.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>exception statement </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A statement that differs from the norm.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Extensible Authentication Protocol (EAP)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An authentication protocol used in wireless networks and point-to-point connections.</p> </div> </div> <hr /> <h2><a id="F" name="F">F</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>failover </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of reconstructing a system or switching over to other systems when a failure is detected.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>false negative </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An event that should be flagged but isn’t.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>false positive </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A flagged event that isn’t really an event and has been falsely triggered.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Faraday cage </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An electrically conductive wire mesh or other conductor woven into a “cage” that surrounds a room and prevents electromagnetic signals from entering or leaving the room through the walls.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>fault tolerance </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The ability to withstand a fault (failure) without losing data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>FCoE (Fibre Channel over Ethernet) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A networking protocol that is not routable at the IP layer and thus cannot work across large networks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Federal Information Processing Standard (FIPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A set of guidelines for U.S. federal government information systems.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>federated identity </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A means of linking a user’s identity with their privileges in a manner that can be used across business boundaries.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>federation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A collection of computer networks that agree on standards of operation, such as security standards.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Fibre Channel </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A high-speed networking technology.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>File Allocation Table (FAT) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Microsoft’s earliest filesystem.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>File Transfer Protocol (FTP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>TCP/IP and software that permit transferring files between computer systems and use cleartext passwords. Because FTP has been implemented on numerous types of computer systems, files can be transferred between disparate computer systems.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>fire suppression </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of stopping a fire and preventing it from spreading.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Firewall</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A combination of hardware and software that protects a network from attack by hackers who could gain access through public networks, including the Internet.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>five nines availability </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A system that is up and running at least 99.999 percent of the time.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>footprinting </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of systematically identifying the network and its security posture. This is typically a passive process.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>forensics </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>In terms of security, the act of looking at all the data at your disposal to try to figure out who gained unauthorized access and the extent of that access.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>forward secrecy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A property of any key exchange system that ensures that if one key is compromised, subsequent keys will not also be compromised.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>FTP over SSL (FTPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A secure form of FTP.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Full Archival method</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A concept that works on the assumption that any information created on any system is stored forever.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>full backup </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A backup that copies all data to the archive medium.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>full distribution </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An information classification stating that the data so classified is available to anyone.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>fuzzing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A technique of penetration testing. It can include providing unexpected values as input to an application in order to make it crash.</p> </div> </div> <hr /> <h2><a id="G" name="G">G</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>gap in the WAP </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Vulnerability possible when the interconnection between the WAP server and the Internet isn’t encrypted and packets between the devices may be intercepted.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Grandfather, Father, Son method </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>One of the most popular methods of backup tape rotation. Three sets of tapes are rotated in this method. The most recent backup after the full backup is the Son. As newer backups are made, the Son becomes the Father, and the Father, in turn, becomes the Grandfather. At the end of each month, a full backup is performed on all systems. This backup is stored in an offsite facility for a period of one year. Each monthly backup replaces the monthly backup from the previous year. Weekly or daily incremental backups are performed and stored until the next full backup occurs. This full backup is then stored offsite, and the weekly or daily backup tapes are reused.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>guests </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Virtual machines running on a physical machine.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>guidelines </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Rules, policies, or procedures that are advisory or nonmandatory.</p> </div> </div> <hr /> <h2><a id="H" name="H">H</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hardening </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of making certain that an entity (such as an operating system or application) is as secure as it can be.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>heuristic system </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A system that bases actions on the heuristics it observes. It is used in intrusion detection and prevention systems and coupled with if-then analysis.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hierarchical storage management (HSM) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A newer backup type that provides continuous online backup by using optical or tape jukeboxes. It appears as an infinite disk to the system, and it can be configured to provide the closest version of an available real-time backup.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hierarchical trust model </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A trust model, also known as a tree, in which a root CA at the top provides all of the information.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>high availability (HA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A clustering solution to provide resource reliability and availability.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>HMAC (Hash-Based Message Authentication Code) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>“A mechanism for message authentication using cryptographic hash functions,” per the draft of the Federal Information Processing Standard (FIPS) publication. Addressed in RFC 2104.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hoax </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Typically an email message warning of something that isn’t true, such as an outbreak of a new virus. A hoax can send users into a panic and cause more harm than the virus.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>honeypot </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A bogus system set up to attract and slow down a hacker. A honeypot can also be used to learn about the hacking techniques and methods that hackers employ.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>host </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any network device with a TCP/IP network address or physical machines running virtual machines.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>host-based IDS (HIDS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An intrusion detection system that is host based. An alternative is an intrusion detection system that is network based.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hot aisles </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A server room aisle that removes hot air.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hot site </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A location that can provide operations within hours of a failure.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hotfix </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Another word for a patch. When Microsoft rolls a bunch of hotfixes together, they become known as a service pack.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>HSM (Hardware Security Module) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A cryptoprocessor chip (or circuit mounted within the computer) that can be used to enhance security and is commonly used with PKI systems.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>HTTP Secure (HTTPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A combination of HTTP with Secure Sockets Layer (SSL) that results in a secure connection. It uses port 443 by default.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hybrid attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A password attack that uses a combination of dictionary entries and brute force.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hybrid cloud </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Cloud delivery model that combines other types.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hybrid trust model </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A trust model that can use the capabilities of any or all of the structures of other trust models.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Hypertext Markup Language (HTML) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A set of codes used to format text and graphics that will be displayed in a browser. The codes define how data will be displayed.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Hypertext Transfer Protocol (HTTP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The protocol used for communication between a web server and a web browser.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Hypertext Transport Protocol over SSL (HTTPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Also known as HTTPS and HTTP Secure. A combination of HTTP with Secure Sockets Layer (SSL) to make for a secure connection. It uses port 443 by default.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>hypervisor </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The software that allows virtual machines to exist.</p> </div> </div> <hr /> <h2><a id="I" name="I">I</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>identity proofing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of proofing invoked when a person claims that they are the user but cannot be authenticated, such as when they lose their password.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>impersonation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Pretending to be another to gain information.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>implicit deny </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A condition that states that unless otherwise given, the permission will be denied.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>incident </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attempt to violate a security policy, a successful penetration, a compromise of a system, or unauthorized access to information.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>incident response </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>How an organization responds to an incident.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>incident response plan (IRP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A policy that defines how an organization will respond to an incident.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>incremental backup </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of backup in which only new files or files that have changed since the last full backup or the last incremental backup are included. Incremental backups clear the archive bit on files upon their completion.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>information classification </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of determining what information is accessible to what parties and for what purposes.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Infrastructure as a Service (IaaS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A model of cloud computing that utilizes virtualization; clients pay an outsourcer for the resources used.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>instant messaging (IM) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Immediate communication that can be sent back and forth between users who are currently logged on. From a security standpoint, there are risks associated with giving out information via IM that can be used in social engineering attacks; in addition, attachments sent can contain viruses.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Institute of Electrical and Electronics Engineers (IEEE) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An international organization that sets standards for various electrical and electronics issues.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Institutional Information </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A term that broadly describes all data and information created, received and/or collected by UC.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>integer overflow </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Putting too much information into too small of a space that has been set aside for numbers.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>interference </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An obstruction to the signal.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>internal information </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An information classification stating that the data so classified is limited to internal employees only.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>International Data Encryption Algorithm (IDEA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An algorithm that uses a 128-bit key. This product is similar in speed and capability to Digital Encryption Standard (DES), but it’s more secure. IDEA is used in Pretty Good Privacy (PGP).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>International Telecommunications Union (ITU) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Organization responsible for communications standards, spectrum management, and the development of communications infrastructures in underdeveloped nations.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet Assigned Numbers Authority (IANA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The organization responsible for governing IP addresses; its website is www.iana.org.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet Control Message Protocol (ICMP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A message and management protocol for TCP/IP. The Ping utility uses ICMP.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet Engineering Task Force (IETF) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An international organization that works under the Internet Architecture Board to establish standards and protocols relating to the Internet.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet layer </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The network layer responsible for routing, IP addressing, and packaging.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet Message Access Protocol (IMAP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol with a store-and-forward capability. It can also allow messages to be stored on an email server instead of downloaded to the client.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet Protocol (IP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The protocol in the TCP/IP suite responsible for network addressing.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet Protocol Security (IPSec)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A set of protocols that enable encryption, authentication, and integrity over IP. IPSec is commonly used with virtual private networks (VPNs) and operates at Layer 3.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Internet Society (ISOC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A professional membership group composed primarily of Internet experts. It oversees a number of committees and groups, including the Internet Engineering Task Force (IETF).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>intrusion </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of entering a system without authorization to do so.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>intrusion detection system (IDS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Tools that identify and respond to attacks using defined rules or logic. An IDS can be network based or host based.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>intrusive tests</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Penetration-type testing that involves trying to break into the network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>IP spoofing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Making the data look as if it came from a trusted host when it didn’t (thus spoofing the IP address of the sending host).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>iSCSI (Internet Small Computer Systems Interface) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol that enables the creation of storage area networks (SANs) and is used in sending storage-related commands over IP networks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>IT Resources </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A term that broadly describes IT infrastructure, software and/or hardware with computing and networking capability. These include, but are not limited to: personal and mobile computing systems and devices, mobile phones, printers, network devices, industrial control systems (SCADA, etc.), access control systems, digital video monitoring systems, data storage systems, data processing systems, backup systems, electronic and physical media, biometric and access tokens and other devices that connect to any UC network. This includes both UC-owned and personally owned devices while they store Institutional Information, are connected to UC systems, are connected to UC Networks or used for UC business.</p> </div> </div> <p>+</p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>IV attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack that involves looking at repeated results in order to crack the WEP secret key.</p> </div> </div> <hr /> <h2><a id="J" name="J">J</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>jamming </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Purposely obstructing or interfering with a signal.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>job rotation policy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A policy of rotating employees through various jobs.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>journaling </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The ability of a filesystem to use a log file of all changes and transactions that have occurred within a set period of time (for example, the last few hours). If a crash occurs, the operating system can look at the log files to see what transactions have been committed and which ones have not.</p> </div> </div> <hr /> <h2><a id="K" name="K">K</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Kerberos </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An authentication scheme that uses tickets (unique keys) embedded within messages. Named after the three-headed guard dog that stood at the gates of Hades in Greek mythology.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Kerckhoffs’s principle </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A principle that states that the security of an algorithm should depend only on the secrecy of the key and not on the secrecy of the algorithm itself.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>key distribution center (KDC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An organization or facility that generates keys for users and is a part of Kerberos.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>key escrow agency </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An agency that stores keys for the purpose of law-enforcement access.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Key Exchange Algorithm (KEA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of offering mutual authentication and establishing data encryption keys.</p> <p> </p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>key generation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of creating keys for use by users.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>key suspension </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The temporary deferment of a key for a period of time (such as for a leave of absence).</p> </div> </div> <hr /> <h2><a id="L" name="L">L</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>latency </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The wait time between the call for an action or activity and the actual execution of that action.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>lattice-based control </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The concept that access differs at different levels. Often used in discussion with various access models as well as with cryptography to differentiate between security levels based on user/group labels.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Layer 2 Forwarding (L2F) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A tunneling protocol often used with virtual private networks (VPNs). L2F was developed by Cisco.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Layer 2 Tunneling Protocol (L2TP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A tunneling protocol that adds functionality to the Point-to-Point Protocol (PPP). This protocol was created by Microsoft and Cisco, and it is often used with virtual private networks (VPNs).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>LDAP injection attack</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Exploiting weaknesses in LDAP (Lightweight Directory Access Protocol) implementations by not properly filtering input. The result can be executed commands, modified content, or results returned to unauthorized queries.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>least privilege </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A permission method in which users are granted only the privileges necessary to perform their job function.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>least privilege policy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The policy of giving a user only the minimum permissions needed to do the work that must be done.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Lightweight Directory Access Protocol (LDAP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A set of protocols that was derived from X.500 and operates at port 389.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Lightweight Extensible Authentication Protocol (LEAP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An authentication protocol created by Cisco as an extension to EAP. LEAP is being phased out in favor of PEAP.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>likelihood </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Assigning a quantitative number to the chance that something will occur.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>limited distribution </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Describes information that isn’t intended for release to the public. This category of information isn’t secret, but it’s private.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Link Control Protocol (LCP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The protocol used to establish, configure, and test the link between a client and the PPP host.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>load balancing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Dividing a load for greater efficiency of management among multiple devices.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>local registration authority (LRA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An authority used to identify or establish the identity of an individual for certificate issuance.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>location </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A discrete organization or entity governed by the Regents of the University of California. Locations include, but are not limited to: campuses, laboratories, medical centers and health systems, as well as satellite offices, affiliates or other offices in the United States controlled by the Regents of the University of California.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>logic bomb </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any code that is hidden within an application and causes something unexpected to happen based on some criteria being met. For example, a programmer could create a program that always makes sure her name appears on the payroll roster; if it doesn’t, then key files begin to be erased.</p> </div> </div> <hr /> <h2><a id="M" name="M">M</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>MAC filtering</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Limiting network access to a list of the MAC addresses associated with known users’ computers.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>macro virus </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A software exploitation virus that works by using the macro feature included in many applications, such as Microsoft Office.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>malicious code </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any code that is meant to do harm.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>malicious insider threat </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A threat from someone inside the organization intent on doing harm.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Mandatory Access Control </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A security policy in which labels are used to identify the sensitivity of objects. When a user attempts to access an object, the label is checked to see if access should be allowed (that is, whether the user is operating at the same sensitivity level). This policy is “mandatory,” because labels are automatically applied to all data (and can be changed only by administrative action), as opposed to “discretionary” policies that leave it up to the user to decide whether to apply a label.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>mandatory vacation policy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A policy requiring earned vacation time be used or lost.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>man-in-the-middle </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack that occurs when someone/something that is trusted intercepts packets and retransmits them to another party. Man-in-the-middle attacks have also been called TCP/IP hijacking in the past.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>mantrap </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A device, such as a small room, that limits access to one or a few individuals. Mantraps typically use electronic locks and other methods to control access.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>mean time between failures (MTBF) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The measurement of the anticipated incidence of failure of a system or component.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>mean time to failure (MTTF) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The measurement of the average of how long it takes a system or component to fail.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>mean time to restore (MTTR) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The measurement of how long it takes to repair a system or component once a failure occurs.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Media Access Control (MAC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A sublayer of the Data Link layer of the Open Systems Interconnection (OSI) model that controls the way multiple devices use the same media channel. It controls which devices can transmit and when they can transmit.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>mesh trust model </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A trust model that expands the concepts of the bridge model by supporting multiple paths and multiple root certificate authorities.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Message Authentication Code (MAC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A common method of verifying integrity. The MAC is derived from the message and a secret key.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>message digest </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The cryptographic hash containing a string of digits within a message.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>middle-tier server </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>In a three-tier database model, this server accepts requests from clients, evaluates them, and then sends them on to the database server for processing.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>misuse-detection IDS (MD-IDS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An intrusion detection system that works by detecting misuse.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>multihomed </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Residing on more than one network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>multipartite virus </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A virus that attacks a system in more than one way.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>mutual authentication </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Whenever two or more parties authenticate each other.</p> </div> </div> <hr /> <h2><a id="N" name="N">N</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>National Institute of Standards and Technology (NIST) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An agency (formerly known as the National Bureau of Standards [NBS]) that has been involved in developing and supporting standards for the U.S. government for over 100 years. NIST has become involved in cryptography standards, systems, and technology in a variety of areas. It’s primarily concerned with governmental systems, where it exercises a great deal of influence.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>National Security Agency (NSA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The U.S. government agency responsible for protecting U.S. communications and producing foreign intelligence information. It was established by presidential directive in 1952 as a separately organized agency within the Department of Defense (DoD).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>National Software Reference Library (NSRL) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An organization with the purpose of collecting “known, traceable software applications” through their hash values and storing them in a Reference Data Set (RDS) for law enforcement.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>near field communication (NFC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Technology that requires a user to bring the client close to the AP in order to verify (often through RFID or Wi-Fi) that the device is present.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>NetBIOS </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An early networking protocol from Microsoft.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>network access control (NAC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The set of standards defined by the network for clients attempting to access it. Usually, NAC requires that clients be virus free and adhere to specified policies before allowing them on the network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Network Address Translation (NAT) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A server that acts as a go-between for clients accessing the Internet. All communications look as if they originated from a proxy server because the IP address of the user making a request is hidden.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Network Control Protocol (NCP)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The protocol Point-to-Point Protocol (PPP) employs for encapsulating network traffic.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>network intrusion prevention system (NIPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An intrusion prevention system that is network based.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>network lock </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Another term for MAC filtering.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>network-based IDS (NIDS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An approach to an intrusion detection system (IDS), it attaches the system to a point in the network where it can monitor and report on all network traffic.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>nonintrusive tests</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Penetration/vulnerability testing that takes a passive approach rather than actually trying to break into the network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>nonrepudiation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Making sure the sender can’t repudiate (dispute) sending the data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>NoSQL database </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database that is not a relational database and does not use SQL. These databases are less common than relational databases.</p> </div> </div> <hr /> <h2><a id="O" name="O">O</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>offsite storage </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Storing data off the premise, usually in a secure location.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>omnidirectional </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An antenna type that receives a signal from all directions.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>one-tier model </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database model in which the database and the application exist on a single system.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>one-time pad </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of encryption in which plain text is paired with secret keys and then encrypted. This greatly increases the difficulty of cracking.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Online Certificate Status Protocol (OCSP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A real-time protocol that replaces CRLs to immediately verify a certificate’s authenticity.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>onsite storage </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Storing backup data at the same site as the servers on which the original data resides.</p> </div> </div> <hr /> <h2><a id="P" name="P">P</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>packet filtering </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A firewall technology that accepts or rejects packets based on their content.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>packet sniffing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of looking through message packets to find data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>parity information </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The computation of parity for a given set of data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>PASS method </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The correct method of extinguishing a fire with an extinguisher: pull, aim, squeeze, and sweep.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>passive response </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A nonactive response, such as logging. Passive response is the most common type of response to many intrusions. In general, passive responses are the easiest to develop and implement.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>password attacks </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Attempting to ascertain a password that you should not know.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>patch </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A fix for a known software problem.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>PBKDF2 </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Password-Based Key Derivation Function 2 applies some function (like a hash or HMAC) to the password or passphrase along with Salt to produce a derived key.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>perimeter security </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Security set up on the outside of the network or server to protect it.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Personal Identity Verification (PIV) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Card required of federal employees and contractors to gain access (physical and logical) to government resources.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>personally identifiable information (PII) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Information that can be uniquely used to identify, contact, or locate a single person. Examples include Social Security number, driver’s license number, fingerprints, and handwriting.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>phage virus </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A virus that modifies and alters other programs and databases.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>pharming </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A form of redirection in which traffic intended for one host is sent to another.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>phishing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A form of social engineering in which you simply ask someone for a piece of information that you are missing by making it look as if it is a legitimate request. Commonly sent via email.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>ping of death </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A large Internet Control Message Protocol (ICMP) packet sent to overflow the remote host’s buffer. A ping of death usually causes the remote host to reboot or hang.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>plain-old telephone service (POTS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Standard telephone service, as opposed to other connection technologies like Digital Subscriber Line (DSL).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Platform as a Service (PaaS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A cloud service model wherein the consumer can deploy but does not manage or control any of the underlying cloud infrastructure.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>pod slurping </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>When portable data storage devices (such as an iPod) are plugged directly into a machine and used to bypass the network security measures and illicitly download confidential data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Point-to-Point Protocol (PPP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A full-duplex line protocol that supersedes Serial Line Internet Protocol (SLIP). It’s part of the standard TCP/IP suite and is often used in dial-up connections.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Point-to-Point Tunneling Protocol (PPTP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An extension to Point-to-Point Protocol (PPP) that is used in virtual private networks (VPNs). An alternative to PPTP is L2TP.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>policies </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Rules or standards governing usage. These are typically high level in nature.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>polymorphic </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attribute of some viruses that allows them to mutate and appear differently each time they crop up. The mutations make it harder for virus scanners to detect (and react) to the viruses.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Port Address Translation (PAT) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A means of translating between ports on a public and private network. Similar to Network Address Translation (NAT), which translates addresses between public and private.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>port scanning </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Scanning a server for open ports that can be taken advantage of by sending messages to ports to see which ones are available and which ones aren’t.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>ports </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Connections available within TCP/IP.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Post Office Protocol (POP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An email access program that can be used to retrieve email from an email server.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Post Office Protocol Version 3 (POP3) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The protocol used to download email from an SMTP email server to a network client.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>postmortem</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Anything that occurs “after the fact,” such as an audit or review.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>preventive controls </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Controls intended to prevent attacks or intrusions.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>privacy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A state of security in which information isn’t seen by unauthorized parties without the express permission of the party involved.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>privacy filters </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Screens that restrict viewing of monitors to only those sitting in front of them.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>private cloud </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A cloud delivery model owned and managed internally.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>private key </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An asymmetric encryption technology in which both the sender and the receiver have different keys. A public key is used to encrypt messages and the private key is used to decrypt them. See also public key.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>privilege escalation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The result when a user obtains access to a resource they wouldn’t normally be able to access. Privilege escalation can be done inadvertently, by running a program with Set User ID (SUID) or Set Group ID (SGID) permissions or by temporarily becoming another user (via su or sudo in Unix/Linux or RunAs in Windows). It can also be done purposefully by an attacker seeking full access.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>probability </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The likelihood of something occurring.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>promiscuous mode </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A mode wherein a network interface card (NIC) intercepts all traffic crossing the network wire and not just the traffic intended for it.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>protected distribution system (PDS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A network in which physical network security has been substituted for encryption security.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Protected Extensible Authentication Protocol (PEAP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An authentication protocol that replaces LEAP and for which there is native support in Windows.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>protocol analyzer </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A software and hardware troubleshooting tool that is used to decode protocol information to try to determine the source of a network problem and to establish baselines.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>proximity cards </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Cards that can be read by being near a reader.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>proximity readers </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Readers capable of working with proximity cards.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>proxy </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of system that prevents direct communication between a client and a host by acting as an intermediary.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>proxy firewall </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A proxy server that also acts as a firewall, blocking network access from external networks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>proxy server </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of server that makes a single Internet connection and services requests on behalf of many users.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>PTZ</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Cameras that can pan, tilt, and zoom.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>public cloud </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A cloud delivery model available to others.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>public key </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A technology that facilitates encryption using two keys—a public key and a private key—to facilitate communication. The public key is used to encrypt a message to a receiver. See also private key.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Public-Key Cryptography Standards (PKCS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A set of voluntary standards created by RSA security and industry security leaders.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>public-key infrastructure (PKI) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A two-key encryption system wherein messages are encrypted with a private key and decrypted with a public key.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Public-Key Infrastructure X.509 (PKIX) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The Internet Engineering Task Force (IETF) working group developing standards and models for the Public Key Infrastructure (PKI) environment. The most current version is v3.</p> </div> </div> <hr /> <h2><a id="Q" name="Q">Q</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>QoS (quality of service) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A collection of technologies that provide the ability to balance network traffic and prioritize workloads.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>qualitative </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Used in risk management, it involves measuring the quality of something (as opposed to the quantity).</p> <p> </p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>quantitative </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Numerically measuring the quantity of something (as opposed to the quality).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>quantum cryptography </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Cryptography based on changing the polarity of a photon. Quantum cryptography makes the process of interception difficult because any attempt to intercept the message changes the value of the message.</p> </div> </div> <hr /> <h2><a id="R" name="R">R</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>radio frequency interference (RFI) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The byproduct of electrical processes, similar to electromagnetic interference. The major difference is that RFI is usually projected across a radio spectrum.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>rainbow table </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A table of hashed phrases/words that can be used in a password attack.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>ransomware </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Software that demands payment before restoring the data or system infected.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>recommendations (short term, mid-term, long term)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p><i>Short Term Recommendations</i><br /> Items associated with this period are typically risks where remediation can be addressed quickly with current staffing levels. Examples include defining and documenting security policies &amp; procedures, user training, and continuation of assessment processes.</p> <p><i>Mid-Term Recommendations</i><br /> Items associated with this period are typically risks where remediation will require additional staffing or minor technology investments. These include expansion of the risk management program to include assessments of technologies or organizations that were not included in this scope or with new and expanded techniques. Examples include web application testing, mobile code analysis, complete network vulnerability analysis, and external penetration testing.<br /> Additionally, process improvements or integrations with other organizations such as procurement will require discussion, collaboration on defining workflow, and improving staffing levels to support new services. Examples include implementing vendor risk assessment into the procurement lifecycle.</p> <p><i>Long Term Recommendations</i><br /> Items associated with this period are typically risks where remediation will require significant staffing or technology investments. Remediation activities will likely require a funded project, enterprise collaboration and involvement, and only occur after the next full capital funding cycle.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>recovery point objective (RPO) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Within business continuity planning, this is the point of maximum tolerable loss for a system due to a major incident.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>recovery time objective (RTO) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Redundant Array of Independent Disks (RAID) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A configuration of multiple hard disks used to provide fault tolerance should a disk fail. Different levels of RAID exist.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>registration authority (RA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An organization that offloads some of the work from a certificate authority (CA). An RA system operates as a middleman in the process. The RA can distribute keys, accept registrations for the CA, and validate identities. The RA doesn’t issue certificates; that responsibility remains with the CA.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>relational database </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database technology that allows data to be viewed in dynamic ways based on the user’s or administrator’s needs.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Remote Access Services (RAS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A computer that has one or more connections installed to enable remote connections to the network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Remote Authentication Dial-In User Service (RADIUS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A networking protocol that allows authentication of dial-in and other network connections. RADIUS is commonly used by Internet service providers (ISPs) and in the implementation of virtual private networks (VPNs).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Remote Desktop Protocol (RDP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol used to allow remote desktop connections.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Remote Procedure Call (RPC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A programming interface that allows a remote computer to run programs on a local machine.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>remote wipe </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of sending a command to remotely clear data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>replay attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack that captures portions of a session to play back later to convince a host that it is still talking to the original connection.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>repository </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database or database server where the certificates are stored.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Request for Comments (RFC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A document-creation process and a set of practices that originated in 1969 and is used for proposed changes to Internet standards.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>restricted information </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Information that isn’t made available to all and to which access is granted based on some criteria.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>retrovirus </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A virus that attacks or bypasses the antivirus software installed on a computer.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk acceptance </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A strategy of dealing with risk in which it is decided the best approach is simply to accept that the risk exists.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk analysis </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An evaluation of each risk that can be identified. Each risk should be outlined, described, and evaluated on the likelihood of it occurring.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk assessment </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An evaluation of how much risk you and your organization are willing to take. An assessment must be performed before any other actions—such as how much to spend on security in terms of dollars and manpower—can be decided.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk avoidance </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A strategy of dealing with risk in which it is decided that the best approach is to avoid the risk.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk calculation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of calculating the risks that exist.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk deterrence</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A strategy of dealing with risk in which it is decided that the best approach is to discourage potential attackers from engaging in the behavior that leads to the risk.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk mitigation </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A strategy of dealing with risk in which it is decided that the best approach is to lessen the risk.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>risk transference </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A strategy of dealing with risk in which it is decided that the best approach is to offload some of the risk.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>rogue access points </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An unauthorized wireless access point on a network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>rogueware </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A form of malware that tries to convince the user to pay for a fake threat.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Role-Based Access Control (RBAC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A type of control wherein the levels of security closely follow the structure of an organization. The role the person plays in the organization (accountant, salesman, and so on) corresponds to the level of security access they have to data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>rootkit </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Software program that has the ability to obtain root-level access and hide certain things from the operating system.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>router </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A device that connects two or more networks and allows packets to be transmitted and received between them. A router determines the best path for data packets from source to destination.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Routing and Remote Access Services (RRAS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The current Microsoft server service for Windows-based clients that offers the ability to connect to remote systems.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>RSA </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>One of the providers of cryptography systems to industry and government. RSA stands for the initials of the three founders of RSA Security Inc.: Rivest, Shamir, and Adleman. RSA maintains a list of standards for Public Key Cryptography Standards (PKCS).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Rule-Based Access Control (RBAC) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Access control method that uses the settings in preconfigured security policies to make all decisions.</p> </div> </div> <hr /> <h2><a id="S" name="S">S</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>SAN (storage area network) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A separate network set up to appear as a server to the main organizational network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>sandboxing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Isolating applications to keep users of them from venturing to other data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>scareware </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Software that tries to convince unsuspecting users that a threat exists.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>scope and purpose </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The section of a guideline that provides an overview and statement of the guideline’s intent.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>scope statement </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The portion of the policy outlining what it intends to accomplish and which documents, laws, and practices the policy addresses.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Secure Copy (SCP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A replacement for FTP that allows secure copying of files from one host to another.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Secure Electronic Transaction (SET) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol developed by Visa and MasterCard for secure credit card transactions. The protocol is becoming an accepted standard by many companies. SET provides encrypted credit card numbers over the Internet, and it’s most suited to small amounts of data transmission.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Secure Hash Algorithm (SHA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A one-way hash algorithm designed to ensure the integrity of a message.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Secure Hypertext Transport Protocol (S-HTTP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol used for secure communications between a web server and a web browser.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Secure Multipurpose Internet Mail Extensions (S/MIME) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol used for secure communications between email servers.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Secure Shell (SSH) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A replacement for rlogin in Unix/Linux that includes security. rlogin allowed one host to establish a connection with another with no real security being employed; SSH replaces it with slogin and digital certificates.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Secure Sockets Layer (SSL) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol that secures messages by operating between the Application layer (HTTP) and the Transport layer.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>security control testing (SCT) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Looking for weaknesses through interviews, examinations, and testing of systems.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>security policies </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Policies related to security.</p> <p> </p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>security token </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A piece of data that contains the rights and access privileges of the token bearer as part of the token.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>security zone </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of isolating a system from other systems or networks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>sensor </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The IDS component that collects data from the data source and passes it to the analyzer for analysis.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>service pack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Operating system updates from Microsoft.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>service provider </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>UC groups or organizations providing specific IT services to a Unit.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>service-level agreement (SLA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An agreement that specifies performance requirements for a vendor. This agreement may use mean time before failure (MTBF) and mean time to repair (MTTR) as performance measures in the SLA.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>shielding </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Protective coating around wiring often intended to protect it from interference.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>shoulder surfing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Watching someone when they enter their username, password, or sensitive data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>shunning </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The process of ignoring an attack.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>signature-based system </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A system that acts based on the digital signature it sees.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Simple Mail Transfer Protocol (SMTP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol for sending email between SMTP servers.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Simple Network Management Protocol (SNMP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The management protocol created for sending information about the health of the network-to-network management consoles.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>single loss expectancy (SLE) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The cost of a single loss when it occurs. This loss can be a critical failure, or it can be the result of an attack.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>single point of failure (SPOF) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A weakness that brings a system down.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>single sign-on (SSO) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A relationship between the client and the network wherein the client is allowed to log on one time, and all resource access is based on that logon (as opposed to needing to log on to each individual server to access the resources there).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>single-factor authentication (SFA) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Authentication based on a single factor (a password, for example).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>single-tier environment </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database model in which the database and the application exist on a single system.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>site survey </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A generic site survey involves listening in on an existing wireless network using commercially available technologies. A wireless site survey, or wireless survey, is the process of planning and designing a wireless network, in particular an 802.11 network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>smart card </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A physical card used for access control and security purposes. The card itself usually contains a small amount of memory that can be used to store permissions and access information.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>smurf attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack in which large volumes of ICMP echo requests (pings) are broadcast to all other machines on the network and in which the source address of the broadcast system has been spoofed to appear as though it came from the target computer. When all of the machines that received the broadcast respond, they flood the target with more data than it can handle.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>snapshot </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Image of a virtual machine at a moment in time.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>sniffer </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A physical device that listens in (sniffs) on network traffic and looks for items it can make sense of. There is a legitimate purpose for these devices: Administrators use them to analyze traffic. However, when they’re used by sources other than the administrator, they become security risks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>sniffing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Analyzing data to look for passwords and anything else of value. Sniffing is also known as wiretapping, eavesdropping, packet sniffing, and network sniffing, among other terms.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>social engineering </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack that uses others by deceiving them. It does not directly target hardware or software but instead targets and manipulates people.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Software as a Service (SaaS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A model of cloud computing in which the consumer can use the provider’s applications but they do not manage or control any of the underlying cloud infrastructure.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>spam </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Unwanted, unsolicited email sent in bulk.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>spam filters </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Filters that try to eliminate unwanted, unsolicited email sent in bulk.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>spear phishing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A form of phishing in which the message is made to look as if it came from someone you know and trust as opposed to an informal third party.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>spoofing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attempt by someone or something to masquerade as someone/something else.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>spyware </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Software programs that work—often actively—on behalf of a third party.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>SSH File Transfer Protocol (SFTP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A replacement for FTP that allows secure copying of files from one host to another.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>SSID broadcast </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An access point’s broadcasting of the network name.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Standard</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Derived from policies, a standard deals with specific issues or aspects of a business.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>stateful inspection </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Inspections that occur at all levels of the network and provide additional security using a state table that tracks every communications channel.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>stealth virus </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A virus that attempts to avoid detection by masking itself from applications.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>steganography </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The science of hiding information within other information, such as a picture.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>stream cipher </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of encryption that encrypts streams of data rather than blocks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Structured Query Language (SQL) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database language that allows queries to be configured in real time and passed to database servers.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>subnetting </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Using subnet values to divide a network into smaller segments.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>substitution cipher </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of encryption in which one letter or item is substituted for another.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>succession planning </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An outline of those internal to the organization who have the ability to step into positions when they open.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>supplier </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An external, third-party entity that provides goods or services to UC.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>switches </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A network device that can replace a router or hub in a local network and get data from a source to a destination. Switching allows for higher speeds.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>symmetrical keys </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The keys used when the same key encrypts and decrypts data.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>system image </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A snapshot of what exists.</p> </div> </div> <hr /> <h2><a id="T" name="T">T</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>tabletop exercise </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An exercise that involves individuals sitting around a table with a facilitator discussing situations that could arise and how best to respond to them.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Tailgating</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Following someone through an entry point.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>technical controls </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Controls that rely on technology.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Telnet </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol that functions at the Application layer of the OSI model, providing terminal emulation capabilities.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Temporal Key Integrity Protocol (TKIP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A wrapper that works with wireless encryption to strengthen WEP implementations. It was designed to provide more secure encryption than the notoriously weak Wired Equivalent Privacy (WEP).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Terminal Access Controller Access-Control System (TACACS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An authentication system that allows credentials to be accepted from multiple methods, including Kerberos. The TACACS client-server process occurs in the same manner as the Remote Authentication Dial-In User Service (RADIUS) process.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>threat vector </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any perceivable risk’s area of attack.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>three-tier model </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database model that effectively isolates the end user from the database by introducing a middle server.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>transitive access </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A form of trust relationship often used between domains.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>transitive trusts </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Trust gained because one party (A) trusts another party (B), which then trusts another party (C). Since (B) trusts (C), then a relationship can exist where the first party (A) also may trust the third party (C).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Transmission Control Protocol (TCP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The protocol found at the Host-to-Host layer of the Department of Defense (DoD) model. This protocol breaks data packets into segments, numbers them, and sends them in order. The receiving computer reassembles the data so that the information is readable for the user. In the process, the sender and the receiver confirm that all data has been received; if not, it’s resent. TCP is a connection-oriented protocol. See also connection-oriented protocol.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Transport Layer Security (TLS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A protocol whose purpose is to verify that secure communications between a server and a client remain secure. Defined in RFC 2246. </p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>transposition cipher </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An encryption method that involves transposing or scrambling the letters in a certain manner.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Triple-DES (3DES) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A symmetric block cipher algorithm used for encryption.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Trivial File Transfer Protocol (TFTP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A UDP-based protocol similar to FTP that doesn’t provide the security or error-checking features of FTP.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Trojan horse </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any application that masquerades as one thing in order to get past scrutiny and then does something malicious. One of the major differences between Trojan horses and viruses is that Trojan horses tend not to replicate themselves.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>trusted operating system (TOS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any operating system that meets the government’s requirements for security.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Trusted Platform Module (TPM) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A method of using encryption and storing the passwords on a chip. The hardware holding the chip is then needed to unencrypt the data and make it readable.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>tunneling </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The act of sending data across a public network by encapsulating it into other packets.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>two-factor authentication </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Using two access methods as a part of the authentication process.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>two-tier model </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A database model in which the client workstation or system runs an application that communicates with the database that is running on a different server.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Type I hypervisor </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Virtualization method that is independent of the operating system and boots before the OS.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Type II hypervisor </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Virtualization method that is dependent on the operating system.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>typo squatting </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Creating domains that are based on the misspelling of another.</p> </div> </div> <hr /> <h2><a id="U" name="U">U</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>uninterruptible power supply (UPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A device that can provide short-term power, usually by using batteries.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>unit </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A point of accountability and responsibility that results from creating/collecting or managing/possessing Institutional Information or installing/managing IT Resources. A Unit is typically a defined organization or set of departments.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>unit head </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A generic term for dean, vice chancellor or person in a similarly senior role who has the authority to allocate budget and is responsible for Unit performance and administration. At a particular Location or in a specific situation, the following senior roles may also be Unit Heads: department chairs, assistant/associate vice chancellor (AVC), principal investigators, directors or senior managers.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Unit Information Security Lead (UISL) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A term for the Workforce Member(s) assigned responsibility for tactical execution of information security activities including, but not limited to: implementing security controls; reviewing and updating Risk Assessments and Risk Treatment Plans; devising procedures for the proper handling, storing and disposing of electronic media within the Unit; and reviewing access rights. These activities are performed in consultation with the Unit Head.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>URL hijacking </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Registering domains that are similar to those for a known entity but based on a misspelling or typographical error.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>User Datagram Protocol (UDP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The protocol at the Host-to-Host layer of the TCP/IP Department of Defense (DoD) model, which corresponds to the Transport layer of the OSI model. Packets are divided into datagrams, given numbers, sent, and put back together at the receiving end. UDP is a connectionless protocol.</p> </div> </div> <hr /> <h2><a id="V" name="V">V</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Van Eck phreaking </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Eavesdropping on CRT and LCD displays by detecting their electromagnetic emissions.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Vigenère cipher </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A multialphabet substitution cipher.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>virtual local area network (VLAN) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A local area network (LAN) that allows users on different switch ports to participate in their own network, separate from but still connected to the other stations on the same or a connected switch.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>virtual private network (VPN) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A system that uses the public Internet as a backbone for a private interconnection (network) between locations.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>virtualization </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Emulating one or more physical computers on the same host.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>virus </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A program intended to damage a computer system.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>vishing </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Combining phishing with Voice over IP (VoIP).</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>volatility </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The amount of time that you have to collect certain data before a window of opportunity is gone.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>vulnerability scanning </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Identifying specific vulnerabilities in your network.</p> </div> </div> <hr /> <h2><a id="W" name="W">W</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>war chalking </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Markings left, often written in chalk, by those who discover a vulnerability that provides a way into the wireless network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>war driving </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Driving around with a laptop looking for open wireless access points with which to communicate.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>warm site </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A site that provides some capabilities in the event of a disaster. The organization that wants to use a warm site will need to install, configure, and reestablish operations on systems that might already exist in the warm site.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>watering hole attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Identifying a site that is visited by those that they are targeting, poisoning that site, and then waiting for the results.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>web application firewall (WAF) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A firewall that can look at every request between a web client and a web server and identify possible attacks.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>wetware </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Another term for social engineering.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>whaling </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Phishing only large accounts.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Wi-Fi </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A wireless network operating in the 2.4 GHz or 5 GHz range.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Wi-Fi Protected Access 2 (WPA2) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The second version of WPA.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Wi-Fi Protected Setup (WPS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An authentication process that requires the user to do something in order to complete the enrollment process. Examples include pressing a button on the router within a short time period, entering a PIN, or bringing the new device close.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Windows Sockets (Winsock) API </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A Microsoft API used to interact with TCP/IP.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Wired Equivalent Privacy (WEP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A security protocol for 802.11b (wireless) networks that attempts to establish the same security for them as would be present in a wired network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>wireless access point </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A connection device used for clients in a radio frequency (RF) network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Wireless Application Protocol (WAP) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Technology designed for use with wireless devices.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Wireless Markup Language (WML) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Language used for Internet displays. WAP-enabled devices can also respond to scripts using WMLScript.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Wireless Transport Layer Security (WTLS)</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The security layer of the Wireless Applications Protocol (WAP). WTLS provides authentication, encryption, and data integrity for wireless devices.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>workforce manager</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A person who supervises/manages other personnel or approves work or research on behalf of the University.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>workforce member</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An employee, faculty, staff, volunteer, contractor, researcher, student worker, student supporting/performing research, medical center staff/personnel, clinician, student intern, student volunteer or person.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>working copy backup </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The copy of the data currently in use on a network.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>World Wide Web Consortium (W3C) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An association concerned with interoperability, growth, and standardization of the World Wide Web (WWW). This group is the primary sponsor of XML and other web-enabled technologies.</p> </div> </div> <hr /> <h2><a id="X" name="X">X</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>X.509 </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The working group formed by the IETF to develop standards and models for the PKI environment.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>Xmas attack </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An advanced attack that tries to get around detection and send a packet with every single option enabled.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>XML Key Management Specification (XKMS) </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>A specification designed to allow XMLbased programs access to PKI services.</p> </div> </div> <hr /> <h2><a id="Y" name="Y">Y</a></h2> <p> </p> <hr /> <h2><a id="Z" name="Z">Z</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>zero-day exploit </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>An attack that begins the very day an exploit is discovered.</p> </div> </div> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>zombie </strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>Any system taking directions from a master control computer. Zombies are often used in distributed denial-of-service (DDoS) and botnet attacks.</p> </div> </div> <hr /> <h2><a id="#" name="#">#</a></h2> <p> </p> <div class="wysiwyg_twocols layout--20-80"> <div class="wysiwyg_twocols--first bg--transparent"> <p><strong>802.1x</strong></p> </div> <div class="wysiwyg_twocols--second bg--transparent"> <p>The IEEE standard that defines port-based security for wireless network access control.</p> </div> </div> </div></div></div> <div class="paragraphs-items paragraphs-items-field-paragraph-sections paragraphs-items-field-paragraph-sections-full paragraphs-items-full"> <div class="field field-name-field-paragraph-sections field-type-paragraphs field-label-hidden"><div class="field-items"><div class="field-item even"><div class="entity entity-paragraphs-item paragraphs-item-textarea"> <div class="content"> <div class="field field-name-field-pg-textarea-text field-type-text-long field-label-hidden"><div class="field-items"><div class="field-item even"><style type="text/css"> <!--/*--><![CDATA[/* ><!--*/ .button-glossary { border: 1px solid #007cbe; border-radius: 5px; outline: 0; display: inline-block; padding: 2px; color: #007cbe; font-size: 18px; background-color: #ffffff; text-align: center; cursor: pointer; width: 45px; height: 45px; } .button-glossary:hover { background-color: #007cbe; color: #ffffff; } .button-top { border: 1px solid #007cbe; border-radius: 5px; outline: 0; display: inline-block; padding: 2px; color: #fff; font-size: 16px; background-color: #007cbe; text-align: center; cursor: pointer; width: 84px; height: 42px; } /*--><!]]>*/ </style> <p> </p> </div></div></div> </div> </div> </div></div></div></div> </div> </div> </div> </div> </div> </div> </div> <div id="sidebar" class="column"> </div> </div></div> <div id="footer"> <div class="section"> <div class="region region-footer"> <div id="block-block-6" class="block block-block"> <div class="content"> <p style="text-align:center"><a href="https://datasecurity.ucsf.edu/content/report-new-application" target="_blank"><img alt="Click this image to report your application to the FAS DSCP." height="62" src="/sites/g/files/tkssra1931/f/wysiwyg/ReportYourApptoDSCP.png" width="500" /></a></p> </div> </div> </div> <div class="footer-bottom"> <nav aria-label="Footer Navigation" class="footer--navigation"> <ul> <li><a href="https://www.ucsf.edu/accessibility-resources">Accessibility</a></li> <li><a href="https://www.ucsf.edu/website-privacy-policy">Privacy Policy</a></li> <li><a href="https://websites.ucsf.edu/website-terms-use">Terms of Use </a></li> <li><a href="https://websites.ucsf.edu/azlist">A-Z Website List</a></li> </ul> </nav> <div class="footer--copyright"> <p>&copy; 2024 The Regents of the University of California</p> </div> </div> </div> </div> </div> </div> <script type="text/javascript"> /*<![CDATA[*/ (function() { var sz = document.createElement('script'); sz.type = 'text/javascript'; sz.async = true; sz.src = '//siteimproveanalytics.com/js/siteanalyze_8343.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(sz, s); })(); /*]]>*/ </script> </body> </html>