|
Glossary of Terms|
|
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
24 x 7 Support
Support is available every day of the week for every hour of the day.
Acceptable Use
Computer systems, equipment, devices, networks and communications systems are used responsibly, effectively, safely, ethically and lawfully for the purposes of performing business activities on behalf of, and for the benefit of, The Fake Chicken Company.
Acceptance Testing
Software developments are tested by the users to ensure it performs adequately in the real world.
Backup
A copy. Should include all corporate information, operating system configurations, user authentication information and any other information that enables a full restore of systems in the event of a disaster/outage.
Batch File
An electronic file containing data and instructions which is run during a specific process. In transaction processing a batch file containing the new data will be created each time, but in other processes, such as backups, the same batch file is run repeatedly.
Change Control Procedure
A documented quality control process for making changes that ensures each step of the process has been signed off.
Computer Forensic Specialist
Someone expert in recovering information from a computer system.
Data
A collection of numbers, alphabetical characters or graphics which may be collated as information, a document, form, spreadsheet, graphic, sound file, picture, drawing, email, note, memo, calendar or diary entry, presentation, html, asp or php page, help file, video, etc and stored in any application, database, directory or drive on any device, portable drive, flash card, phone, zip disk, floppy disk, CD, DVD, tape or any other form of backup media.
Database
An electronic repository for storing data.
The use of electronic communications technologies, including the internet as an alternative channel to conducting business on behalf of The Fake Chicken Company.
Email Account
The mailbox which is unique to a particular user and is accessible once the users identity has been confirmed by entering a user name and password.
Feedback
An explanation.
File
A collection of information or data saved as one entity.
File Format
The application in which the data is saved will determine the file format. Microsoft word will save the file in the .doc format, a graphic can be saved in the .gif or .bmp or .tif format and in Adobe Photoshop a .psd file is created. File formats can be proprietary and may only be able to be read by a specific application.
Games
Computer programs that entertain as opposed to programs which facilitate business activities.
Group User ID
A name and password which is shared by several people.
Hard Copy
Information in a physical format - eg printed out on paper.
Hard Disk Drive
The part of the computer responsible for data storage.
Induction Training
Site specific training given to a new staff member to ensure they are competent to undertake the job they have been employed to do.
Industry Standard
A proven and tested standard for a specific component. Eg IEEE802.3 Ethernet standard, the IEEE802.11g wireless standard, EAL4+ standard for security that meets the military requirements of Defence.
Job Sharing
Were two different people share the same job, the same desk and the same computer at different times of the day.
LAN
Local Area Network which encompasses the internal network.
Live Information
Usually relates to financial transactions or production systems where real time data is updated to systems that are critical to the organisation.
Executable code or applications designed to deliberately compromise systems or security of an organisation or a website, which are typically downloaded when users visit websites while connected to the internet. Malware is the internet equivalent of a trojan received via email.
Master Key
The key which enables an encryption algorithm to be deciphered.
Network
Physical wires (or wireless), connection points, wall outlets, patch panel, wiring closet, hub, router, firewall, switch and any other device that makes up the communications infrastructure of the network.
Network Diagram
A pictorial representation of the network including access points, wires, switches, servers, routers, hubs, external connections, firewalls, gateways, etc.
Object Code
A computer program which has been compiled and does not reveal the source code.
Objectionable
Anything that anyone may find distasteful or offensive.
Packet Spoofing
The practice of redirecting network packets to a chosen location on the network.
Password
The secret code which activates the User ID and grants the predefined access rights to the computer systems.
Password Guessing Attack
Where a person seeks to gain unauthorised access by "guessing" a valid user's password. These attacks are very sophisticated and use tools which can process thousands of alpha and numeric combinations per second.
Real Time
At the time it actually happens. For example a transaction is updated as soon as it is processed would be "real time" as opposed to a transaction that is batch processed then updated later. Monitoring software use "real time" is where the system provides a report of what software is in use at this moment.
Reboot
Where a computer is shutdown and restarted.
Scanned Signature
A hand written signature is scanned, saved as a picture file and appended to an electronic document as identification of the writer.
Security Breach
The situation where the computer systems and networks may have been compromised. In a major breach there may be evidence of unauthorised access, data discrepancy, theft or loss, denial of service, malfunction and even physical loss of equipment. In a minor incident there may be no evidence, but the situation could be potentially risky. For example, a users password may have been divulged inadvertently or a door pass lost.
Technical Controls
A technical protection mechanism for securing information including encryption, tamper resistant hardware, authentication systems, firewalls, intrusion detection systems, etc.
Technological Obsolescence
Where old archived data cannot be recovered because the format of the data is unable to be read or the equipment or application required to access it has been replaced by a more modern version and is no longer available.
Telnet
A TCP/IP text based terminal application. Mainly used with UNIX systems or for remote management of network devices.
Unauthorised Access
Gaining access to computer systems or parts of the computer system without approval. Achieved by using someone else's User ID, by circumventing access controls or by hacking.
UPS
Uninterrupted Power Supply unit which supplies battery power in the event of a power outage that allows a computer or device to keep running.
Variations and exceptions to Policies
All variations and exceptions to these policies must be in writing and approved by the Group General Manager IT or his delegate.
Virus
A program that piggybacks on other executable programs. When the program that the virus is attached to is executed the virus code is also executed and performs its actions which may be to spread itself to other programs or systems, delete files or cause systems to become unusable.
WAN
Wide area network which contains connections to remote locations such as branch offices.
Weak Passwords
Passwords that do not conform with the password policy and are easy to guess or crack.
© 2004 Kaon Security Ltd