Dictionary Flashcards
acceptable use policy
set of wording that describes an agreement between user and org that owns the service, application or device being accessed.
Usually defines both permitted and prohibited activities.
access controls
rules and techniques used to manage and restrict entry to or exit from a physical, virtual or digital area through the use of permissions.
Permissions usually assigned to person, device or application service to ensure accountability and traceability of usage.
Secured using i) physical tokens; ii) secret information; iii) biometric information.
Advanced Persistent Threats (APTs)
tenacious and highly evolved tactics used by hackers to infiltrate networks through digital devices and leave malicious software in place for as long as possible.
Purpose to steal or corrupt org’s digital data or to extort money or disrupt operations for financial gain, brand damage or other political purpose.
Harder and more costly to resolve the further into the lifecycle the attackers are.
adware
software designed to render adverts to an end user. Considered malware if: i) advert was not consented to by user; ii) difficult to uninstall or remove; iii) provides other covert malware functions.
air gap
use some form of physical and electronic separation to ensure activities in one area cannot impact or infect activities in another.
Physical and digital isolation of sensitive or infected systems, so no possibility of interacting with any other systems and networks.
alert status
escalation flag assigned to security incident to indicate that it cannot be managed inside allowable time limits or other acceptable tolerances.
