Home > Information Security Magazine > Features > Office Politics
EMAIL THIS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Office Politics
by Marcia Savage
Issue: Jul 2007
printer-friendly
< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   9  |   10  |   NEXT PAGE  >

Lost in Translation

There's a lot of jargon in security that can turn off business executives. Here are some common terms translated into plain English.

Botnet
A group of compromised computers used without their owners' knowledge by Internet criminals to send spam, viruses, or launch DDoS attacks.

DDoS
Distributed Denial of Service. Online attackers use multiple compromised computers to send a flood of messages to a target system such as an e-commerce site, forcing it to shut down, preventing legitimate users from accessing the site.

DMZ
Demilitarized zone. A subnetwork between a company's private network and the outside public network, where organizations often place their Web servers.

Exploit
An attack on a computer system that takes advantage of a vulnerability on the system.

HIDS/NIDS
Host Intrusion Detection Systems/Network Intrusion Detection Systems. HIDS are installed on individual computers to detect attacks. NIDS monitor network traffic for potential attacks.

Penetration test
Testing the security of a system or network by trying to brea...



k its controls and gain access.

Port scan
An attacker sends a series of messages to a computer to figure out which network services it has in order to probe those services for vulnerabilities. Each service is associated with a port number.

Rootkit
A collection of programs that provides administrator-level access to a computer. An attacker that breaks through the user-access controls of a computer can install a rootkit, which can hide the intrusion and provide privileged access.

Script kiddie
Less skilled hacker; typically uses existing programs and scripts to launch attacks.

Spear phishing
Fraudulent email that targets a specific organization and aims to fool the recipient into divulging confidential data. Generally, the message will appear to come from someone within the recipient's company, such as an IT administrator.

Trojan horse
A computer program that appears harmless but contains malicious code.

Zero-day exploit
An exploit that takes advantage of a vulnerability that isn't generally known until the exploit surfaces; consequently no patch is available.

< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   9  |   10  |   NEXT PAGE  >





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts