Security

   

 

0-9   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

access

Definition: The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions.
From: CNSSI 4009

access control mechanism

Definition: Security measures designed to detect and deny unauthorized access and permit authorized access to an information system or a physical facility.
Adapted from: CNSSI 4009

Allowlist

A list of entities that are considered trustworthy and are granted access or privileges.
Related Term(s): Blocklist
Adapted from: DHS personnel

antispyware software

A program that specializes in detecting and blocking or removing forms of spyware.
Related Term(s): spyware
Adapted from: NCSD Glossary

antivirus software

A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralizing the malicious code.
Adapted from: NCSD Glossary

attack

 An attempt to gain unauthorized access to system services, resources, or information, or an attempt to compromise system integrity.
Extended Definition: The intentional act of attempting to bypass one or more security services or controls of an information system.
Related Term(s): active attack, passive attack
From: NCSD Glossary. NTSSI 4009 (2000), CNSSI 4009

attack method

 The manner or technique and means an adversary may use in an assault on information or an information system.
Adapted from: DHS Risk Lexicon, NCSD Glossary

attack path

The steps that an adversary takes or may take to plan, prepare for, and execute an attack.
Adapted from: DHS Risk Lexicon, NCSD Glossary

attack pattern

Similar cyber events or behaviors that may indicate an attack has occurred or is occurring, resulting in a security violation or a potential security violation.
Extended Definition: For software, descriptions of common methods for exploiting software systems.
Related Term(s): attack signature
Adapted from: Oak Ridge National Laboratory Visualization Techniques for Computer Network Defense, MITRE's CAPEC web site

attack signature

 A characteristic or distinctive pattern that can be searched for or that can be used in matching to previously identified attacks.
Extended Definition: An automated set of rules for identifying a potential threat (such as an exploit or the presence of an attacker tool) and possible responses to that threat.
Related Term(s): attack pattern
Adapted from: NCSD Glossary, CNSSI 4009, ISSG V1.2 Database

Display #