Glossary of Computer Security Terms
A B C D E F H I K L M N P R S T V W
Access Point (hot spot)
A hardware device that allows wireless computers to connect over radio waves and access a network. The access point has its own unique identifier called an SSID to distinguish it from other access points.
Adware displays unwanted ads. It can track your web habits and send them back to an advertising server.
Statistical information that may be collected by a Web site or other source, but is not personally identifiable. Examples include demographics, domain names, and Web site traffic.
Basic input output system. The bios, which is a computer program, configures the computer's hardware then starts up the operating system. Pronounced bye-ose.
A malicious person who compromises another's computer.
Storage set aside on your hard drive to keep recently downloaded files. When the browser needs to display a web page, it searches the browser cache for the requested files (such as images). If not found, the browser downloads them from the Web (and puts them in the browser cache). If the browser cache is full, the oldest downloaded files are deleted until there is enough room.
Browser Helper Object
A nefarious BHO can search all pages you view in Internet Explorer and replace banner advertisements with targeted advertisements, monitor and report on your actions, and change your homepage.
A program that changes your internet homepage or search pages without your consent.
A small text file kept on a user's computer to keep track of things such as user preferences. Cookies cannot do damage to a computer since they are not executable programs. Some personally identifiable information can be stored in a cookie.
Children's Online Privacy Protection Act. A U.S. law that took effect on April 21, 2000. This law requires parental consent for certain Web sites to knowingly collect personally identifiable information on children under the age of 13.
Denial of Service (DoS)
An attempt to deny a legitimate user the use of the computer. This is done by exploiting a computer's weakness (which is usually fixed when discovered). Types of attacks include disabling ports, flooding a network connection, and filling a disk with useless information.
The unique name that identifies a Web site. Example: "mysecurepc.com" in the Web address www.mysecurepc.com.
The domain part of an email is the part after the @ sign. For example, [email protected] email address has mysecurepc.com as the domain.
The process by which data is converted into private code to ensure secure transmission
Vulnerabilities that a hacker can use to hang up a computer system.
Federal Information Processing Standards Publications (FIPS PUBS) 140-1 is a US government standard for implementations of cryptographic modules which are hardware or software that encrypts and decrypts data or performs other cryptographic operations (such as creating or verifying digital signatures). Many products sold to the US government must comply with one or more of the FIPS standards.
Specialized software and/or hardware designed to prohibit unauthorized access to information on a computer network. A firewall blocks unapproved data from/to a computer.
An access point that provides wireless service.
A program that can record every keystroke and send that information to another computer. Passwords and confidential information can be stolen.
Internet Control Message Protocol. A way to verify that an IP (computer address) exists and is accessible.
The numbers that are translated into a domain name (e.g., mysecurepc.com). The address is a string of four numbers separated by periods (such as 220.127.116.114) used to represent a computer or other device on the Internet. A newer IP address called v6 uses six numbers instead of four.
A computer network covering a small area such as a home, a floor on a building, or home office.
Media Access Control. A unique physical address that is embedded in every network card sold. Many routers, including wireless ones, can restrict which computer can use it by its MAC address.
Software designed to damage or disrupt a computer.
MegaBits Per Second. One million bits per second. Sometimes it means Megabytes Per Second (one byte = 8 bits) so it is important to know which is meant.
Multiple input, multiple output. Uses multiple antennas to send and receive data. Currently the basis for 802.11n wireless standard.
Network Address Translation is the ability to show one IP address to the world while concealing the IP addresses of the other computers on the network. A router usually performs this function.
A way to trick people into thinking they are visiting a legitimate website when in reality they are visiting a bogus one. Whatever personal information is typed in is logged by the bogus website. An example is visiting phony bank site and typing in your user name and password. Usually a phony email is sent (such as a warning that you need to update your credit card information) that appears legitimate, but when the user clicks on one of its links they are directed to the nefarious site.
A way to access a computer. Like an entry door.
A set of software tools hidden from everyone that a hacker puts on a computer to use at their discretion. Used to steal passwords, monitor keystrokes, and other malicious intent.
To make an action appear to come from a user other than the user that performed it. An example would be appearing on a wireless network as a recognized user but in reality the user is someone else.
Software that can display advertisements (such as pop-up ads), collect information about you (such as passwords or surfing habits), or change settings on your computer, generally without appropriately obtaining your consent.
Set Service Identifier. The SSID identifies a wireless network and is normally broadcast where any computer within range can pick it up. If SSID broadcast is turned off, any computer within range must know the SSID before connecting to the network. An SSID can be up to 32 characters.
Secure Socket Layer is a secure communications protocol for transmitting private documents via the Internet. SSL provides a mutually authenticated encrypted channel between the parties engaged in the communication. Conceptually, an SSL connection is like a secure data channel. Many Web sites use the protocol to transmit confidential information, such as credit card numbers, from a browser. Web pages that require an SSL connection start with "https:" instead of "http:"
Files created and used on a temporary basis. Windows has a directory set aside to keep temp files in though many times they are created outside this directory. The number of temp files can grow until there is no more disk space so they should be deleted (cleaned) on a regular basis.
A cookie used to track a user's browsing on the internet.
A malicious program that pretends to be a useful application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be destructive.
A computer virus is a manmade program or piece of code that causes an unexpected, usually negative, event. Viruses are often disguised games or images with clever marketing titles so the user will click on them.
A Virtual Private Network is a private network that uses public network (such as the internet) to communicate.
Web Bug/Web Beacon
A small image in an HTML page with all dimensions set to 1 pixel. Because of its insignificant size, it is not visible; but it is used to pass certain information anonymously to third-party sites. Mainly used by advertisers. Can also be referred to as a Web Beacon or an Invisible GIF.
Wired Equivalency Privacy is a data encryption technique designed to make wireless computers secure. It is being replaced by WPA because a skilled hacker can break into a WEP wireless system easily.
Short for wireless fidelity. A term used for wireless local area networks.
Wifi Protected Access was designed to replace WEP as a better way to encrypt data.
Computer worms are viruses that reside in the active memory of a computer and duplicate themselves. They may send copies of themselves to other computers, such as through email or Internet Relay Chat (IRC). They read your email contacts to propagate themselves.