Packet Sniffing: This technique is used to appropriate valid TCP/IP network addresses by reading packets (units of data). Malicious code can then be labeled with the trusted network address and sent through the network unquestioned.

Packet-filtering firewall: This type of firewall monitors packets on a network and grants or denies packet access based on a predetermined set of rules. If the packet is denied passage, it is removed from the network.

Penetration test: A prearranged test used to simulate an attack on a computer system to determine vulnerabilities on servers, routers and network devices.

Platform for Privacy Preferences (P3P): A project of the World Wide Web Consortium (W3C) that will give consumers an easy way to learn about and react to the way Web sites may be using personal information. Essentially, a P3P-enabled Web site would generate a snapshot of how it handles personal information. That snapshot would be compared automatically to preferences set by a consumer using a P3P-enabled browser.

Provisioning: In the telecommunications industry, provisioning indicates services and all associated transmission wiring and equipment. Provisioning can also be used to indicate the control of employee access rights to applications and intellectual property. This includes providing employees with user names and passwords, resetting passwords when users forget them and removing user accounts.

Proxy firewall: Unlike its packet-filtering cousin, this type of firewall does more than simply block port access. Instead it acts as a proxy server; processing access requests on behalf of the network on which is it located. This protects individual computers on the network, because they never interact directly with incoming client requests.

Public Key Cryptography: A coding system in which encryption and decryption are done with public and private keys, allowing users who don’t know each other to send secure or verifiable messages. Suppose Fred wants to send a message. He would encrypt it with his private key, which no one else knows; then the recipient would decrypt it using Fred’s publicly available key, thus verifying that the message came from Fred. Alternately, suppose Fred wants to receive an encrypted message. The sender would encrypt the message with Fred’s public key and only Fred would be able to decrypt it using his private key. This method, also known as dual-key or symmetric cryptography, in which the sender and recipient must agree on and use the same private for encryption and decryption.

Public Key Infrastructure (PKI): A system for securely exchanging information that includes a method for publishing the public keys used in public key cryptography and for keeping track of keys that are no longer valid. Different industry and technical groups are developing PKI technology and the National Institute for Standards and Technology (NIST) in the US is working to make sure those technologies are compatible.

Quarantine: A method of containing viruses that a system is unable to repair. Infected files are removed and enclosed in a quarantine area – they can no longer be used by any applications. It may be possible for a user to manually repair and extract data from the file.

Return on Security Investment (ROSI): The point of maximum return on security investment is where tha total cost of security is lowest, including bothe the cost of security events and the cost of security controls designed to prevent them.

RSA cryptography: A popular, highly secure algorithm for encrypting information using public and private keys, obscurely named for the initials of its creators (MIT professors Ronald Rivest, Adi Shamir and Leonard Adleman). RSA Security’s patent on the algorithm recently expire.

Salami slicing: An embezzling method that involves removing extremely small increments of money from financial accounts on a system. This is usually done by rounding down decimal places and shuttling the tiny remainder to a ghost account. Done on a frequent enough timeable, large amounts of money can be amassed quickly. This type of fraud is difficult to detect.

SANS Institute: Co-operative research organization offers alerts, training and certification, as well as operating incidents.org and the Internet Storm Center.

Script kiddie: A hacker or cracker who uses existing programs or compiles prewritten scripts in order to find weaknesses on target systems. These users don’t always understand the complexities of the scripts they are executing and therefore do not always realize the damage they inflict.

Secure Sockets Layer (SSL): A protocol that enables encrypted – and therefore secure – communication to pass between a server and a client. This capability addresses fundamental concerns about communication over the Internet and other TCP/IP networks. An SSL-enabled server authenticates itself to an SSL-enabled client and the client authenticates itself to the server, allowing both machines to establish an encrypted connection.

Single sign-on: An access management system, usually distributed over a network, which allows users to sign on once and gain entry to multiple applications and network sessions. This works to alleviate the problems of frequent password reset requests from users who have difficulty remembering several passwords.

Smart card: A device that is often the same size as a credit card but that is ‘smart’ enough to hold its own data and applications and do its own processing. Smart cards can be used to store personal information, hold digital cash or prove identity. They are often contrasted with ‘dumb’ cards that have magnetic strips or barcodes and rely more heavily on networks.

Social engineering: Infiltrating a physical building or information systems using non-technical means. Searching user desks for passwords on notes, lying to staff to gain entry into a system and eavesdropping are all examples of social engineering.

Spam: Unsolicited electronic mail messages, regardless of content, are considered spam. The term ca also be used for ‘junk’ postings left on message boards and newsgroups. Spam usually takes the form of bulk advertising.

Steganography: A method of embedding electronic messages into a media file (for example, an image of audio file) by altering nonessential lines of code. The changes are imperceptible and the message remains undetected until unencrypted.

Stream cipher: An encryption method that applies a cryptographic key and algorithm to each binary digit of plain text in order to produce cipher (encrypted) text. This method has become less prevalent in the wake of block cipher techniques.

Systems Security Certified Practitioner (SSCP): Offered by the information Systems Security Certifications Consortium (ISC)2 , the Systems Security Certified Practitioner (SSCP) exam covers access controls, administration, audit and monitoring, risk, response, recovery, cryptography, data communications and malicious code.

Time bomb: Like a logic bomb, the purpose of a time bomb is to wreak havoc with the system it is on. Unlike the logic bomb, the time bomb is set to activate based on the system date, not user imput.

Token: Part of a two-factor authentication system to prove a user is who he us supposed to be. A token is a hardware or software device that is used in conjunction with a password login. For example, a key device that must be physically attached to a USB port before an individual is allowed to type in his password to access the network system.

Trojan horse: A malicious program that disguises itself as a beneficial or entertaining program but that actually damages a computer or installs code that can counteract security measures (perhaps by collecting passwords) or perform other tasks (Such as launching a distributed denial of service attack). Unlike a computer virus, a Trojan horse does not replicate itself.