Security

This cyber security glossary explains the meaning of terms about different types of computer security threats as well as words about application security, access control, network intrusion detection, security awareness training and computer forensics.

Authentication and access control

Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • What is acceptable use policy (AUP)?

    An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to or use of a corporate network, the internet or other computing resources.

  • What is identity governance and administration (IGA)?

    Identity governance and administration (IGA) is the collection of processes and practices used to manage user digital identities and their access throughout the enterprise.

  • What is two-factor authentication (2FA)?

    Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.

View All Authentication and access control Definitions

Compliance, risk and governance

This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.

  • What is records management?

    Records management is the supervision and administration of digital or paper records, regardless of format.

  • What is OPSEC (operations security)?

    OPSEC (operations security) is an analytical process that military, law enforcement, government and private organizations use to prevent sensitive or proprietary information from being accessed inappropriately.

  • What is PHI (protected or personal health information)?

    Protected health information (PHI), also referred to as 'personal health information,' is the demographic information, medical histories, test and laboratory results, physical and mental health conditions, insurance information and other data that a healthcare professional collects to identify an individual and determine appropriate care.

View All Compliance, risk and governance Definitions Back to Top

Network security

Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • What is a spam trap?

    A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers.

  • What is unified threat management (UTM)?

    Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.

  • What is two-factor authentication (2FA)?

    Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves.

View All Network security Definitions Back to Top

Security Admin

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

  • What is a spam trap?

    A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers.

  • What is acceptable use policy (AUP)?

    An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to or use of a corporate network, the internet or other computing resources.

  • What is unified threat management (UTM)?

    Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.

View All Security Admin Definitions Back to Top

Threat management

Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • What is a whaling attack (whaling phishing)?

    A whaling attack, also known as 'whaling phishing' or a 'whaling phishing attack,' is a specific type of phishing attack that targets high-profile employees, such as the chief executive officer (CEO) or chief financial officer, to steal sensitive information from a company.

  • What is machine identity management?

    Machine identity management focuses on the machines connected to and accessing resources on a network.

  • What is unified threat management (UTM)?

    Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks.

View All Threat management Definitions Back to Top