Welcome to World's No. 1 Business, Information Technology, and Financial Risk Management Resource
Recommended by Business Week, Wall Street Journal, New York Times, Fortune, Forbes, CIO, Computerworld, Information Week, Others
*
@brint.com
IT Security, Information Assurance, Controls, and Compliance Research Center
"Best web site for keeping up with hi-tech industry developments..." - InfoWorld
*

Examples: Research; Stocks; Jobs; Travel; Prices; SEO



Research Portals on 4,000 Information Assurance, IT Security, Controls, Compliance Terms & Concepts

200 Latest Articles on IT Security, Information Assurance, Controls, Compliance

Reference & Research On IT Security, Information Assurance, Controls, Compliance
Key Topics: Advisories · Directories · Portals · Applications
National Threat Advisory
Security Advisories
US-CERT: Tech Alerts, Bulletins, Alerts, Vulnerabilities, Security Tips
Bugtraq, AusCERT, Open Source, Secunia, Symantec, McAfee, Virus Map,
Microsoft, VirusRadar, Kapersky,

Directories of Key Topics

Access Control Hardware
Advisories and Patches
Anti Virus
Authentication
Authentication: Kerberos
Authentication: One Time Passwords
Authentication: RADIUS
Authentication: Single Sign-On
Biometrics
Biometrics: Software
Chats and Forums
Conferences
Consumer Information
Cryptography
Cyber Terrorism
Digital Certificates
Directories
E-Commerce
E-Mail Encryption
FAQs, Help, and Tutorials
File Encryption
Firewalls
Firewalls: Products
Forensics and Anti-Forensic Degaussers
Freeware
Hacking
Hacking Chats and Forums
Hacking Conventions
Hacking: Cracking
Hacking: Cryptography
Hacking: Ethics
Hacking: Exploits
Hacking: FAQs, Help, and Tutorials
Hacking: Hacker Speak
Hacking: Hacktivism
Hacking: Hardware
Hacking: HERF, EMP, Tempest
 Hacking: Hacktivism
Hacking: Mac OS
Hacking: Malicious Software
Hacking: News and Media
Hacking: Phreaking
Hacking: Software
Hacking: Software Piracy
Hacking: Wardriving
Hard Disk Encryption
HIPAA
Honeypots and Honeynets
Identity Theft
National Information Infrastructure: Policy, Security, and Privacy
Information Warfare
Intellectual Property: Copyrights, Trademarks, & Patents
Internet
Internet: Abuse
Internet: CAPTCHA
Internet: Cookies
Internet: Child Pornography
Internet: Child Safety
Internet: Kids and Teen Safety
Internet: Parental Control
Internet Crime
Internet: Cyberstalking
Internet: Denial of Service
Internet: Etiquette
Internet: Fraud
Internet: Law
Internet: Phishing
Internet: Policy
Internet: Privacy
Internet: Protocols
Internet: Protocols: LDAP
Internet: Protocols: SSH
Internet: Proxying and Filtering
Internet: Spam E-mail
Internet: WWW
Internet: WWW: Cross Site Scripting
Intrusion Detection Systems
Java
Keyloggers
Linux
Mac OS
Mailing Lists
Malicious Software
Malicious Software: Spyware and Adware
Malicious Software: Trojan Horses
Malicious Software: Viruses
Microsoft Windows
Monitoring
News and Media
Organizations
Operating Systems
Password Recovery
Password Tools
Policy
PGP
Privacy Seal Programs
Products and Tools
Programming Libraries
Public Key Infrastructure
PKI Tools and Services
Research on Security
Secure Programming
Security Scanners
Software Protection and License Control
Steganography
SSH
Unix
Virtual Private Networks
Wireless Networks

Research Portals on Selected Topics

Adware · Anti-Virus Software · Backing Up · Badware · Blocking Software ·
Browser Hijacker · CAN-SPAM Act · COPPA · Cyberbullying
Drive-by Download · Encryption · Firewall · Hacking · Hidden Dialers · Keystroke Logger
Malware · Monitoring Software · Netiquette · Online Profiling · Parental Controls
Software Patch · Peer-to-peer (P2P) file-sharing · Phishing · Privacy Settings
Security Software · Sexting · Spam · Spammer · Spam Zombies · Spyware · Trojans · Virus
Wi-Fi Protected Access (WPA) · Wired Equivalent Privacy (WEP) · Worm ·
Information Infrastructure · National Information Infrastructure · Global Information Infrastructure
e-Governance · Digital Governance· Internet Governance· e-Government· Digital Government
Information Policy · Internet Policy · Privacy Policy
Information Privacy · Internet Privacy · Internet Cookies
Information Security · Computer Security · Internet Security
Information Ethics · Computer Ethics · Internet Ethics
Internet Etiquette · Internet Trust · Internet Abuse · Internet Scams
Internet Economics · Internet Metering · Internet Regulation · Universal Access
Telecommunications Policy · Internet Law · Computer and Technology Law
Internet Crime · Computer Crime · Computer Fraud · Internet Fraud
Information Warfare · Internet Warfare
Cyber-Terrorism · Internet Terrorism
Intellectual Property Policy · Virtual Communities
Intellectual Property · Copyrights · Patents · Trade Marks
Trade Secrets · Software Patents · Internet Patents
Software Piracy · Copyright Infringement
Copyright Law · Patent Law · Trademark Law
Cyberspace Law · Internet Law · Computer Law
Fair Use · Digital Rights · Digital Assets · Digital Asset Management
Computer Fraud · Internet Fraud · Internet Abuse
Internet Scams · Internet Spam · Denial Of Service Attacks
File Sharing · Peer-to-Peer (P2P)


Industrywise Applications
*Information Assurance (IA)
*IT Security (IS)
*IT Governance (IG)

Working Knowledge: Think! Apply!

"In contrast to the traditional factors of production that were governed by diminishing returns, every additional unit of knowledge used effectively results in a marginal increase in performance."
- Yogesh Malhotra

200 Latest Articles on IT Security, Information Assurance, Controls, Compliance
CSOONLINE.com Feed - Articles
  • Moving day: How to protect your company during a relocation
  • Enterprise risk management: Get started in six steps
  • On the job
  • What security can learn from the $15M Sprint employee breach
  • Krebs: FCC must make ISPs crack down on spammers and malware
  • Executive protection: Why the private sector model is broken
  • Organizing sensitive data in the cloud
  • Security at the Little League World Series
  • Preserving the integrity of software through the supply chain
  • 3 areas where FUD needs to stop
    		•
    CIO.com - Security
  • After Google Incident, Wi-Fi Data Collection Goes on
  • Norton Releases 2011 Security Products
  • Hackers Create 57,000 Malicious Pages Per Week
  • Email is 'Counter-Productive' Says Salesforce.Com
  • 65 Percent of Web Users Are Victims of Cybercrime
  • Symantec: Most Hacking Victims Blame Themselves
  • What Happens in D.C. Can Help Or Hurt the Security Industry
  • Getting Your Data Safely Across the Border
  • Spammers Exploit Second Facebook Bug in a Week
  • Symantec Updates Enterprise Vault, Ties to Microsoft Cloud Apps
    		•
    InformationWeek Security News
  • Gov 2.0 Summit: NSA Chief Outlines Cybersecurity Plans
  • Twitter Patches Account Hijacking Vulnerability
  • InformationWeek's RSS Feed is brought to you by
  • Symantec Finds 65% Have Been Hit By Cybercrime
  • Cisco Launches Virtual Machine Firewall
  • Lawsuit Challenges DHS Laptop Search Policy
  • Craigslist Adult Services Asked To Close Outside U.S.
  • Symantec Releases Enterprise Vault, NetBackup Deduplication Appliance
  • Quantum Cryptography Breached With Lasers
  • HP Sues Mark Hurd Over Oracle Competition
    		•
    CSOONLINE.com - Physical Security
  • Enterprise risk management: Get started in six steps
  • Executive protection: Why the private sector model is broken
  • Security at the Little League World Series
  • Mexican trucking, tariffs, security and safety
  • Whodunnit? 5 free or cheap tools to manage investigations
  • Security blunders 'dumber than dog snot'
  • Stanley vs. Verizon: the integrated security smackdown
  • Artful security: Design elements that ensure security, but also emphasize style
  • Happy vacation! Security at tourist spots
  • Covert investigations 3: covert surveillance setup
    		•
    CSOONLINE.com - Data Protection
  • Moving day: How to protect your company during a relocation
  • Mozilla fixes Firefox's DLL bug
  • Symantec: Hacking victims blame themselves
  • Enterprise risk management: Get started in six steps
  • Microsoft investigates two-year-old IE bug
  • Police in Europe conduct raids over file-sharing sites
  • Women ace Defcon social engineering test
  • For security, Facebook adds remote logout
  • What security can learn from the $15M Sprint employee breach
  • As Earl Looms, Tips to Batten Down IT
    		•
    CSOONLINE.com - Security Leadership
  • On the job
  • Sticks and stones: Picking on users AND security pros
  • Put down the pink stickies to improve your career
  • SANS Boston 2010: Never too old to learn
  • Brand protection and abuse: Keeping your company image safe on social media
  • A striking disconnect between CSOs and hackers
  • Security Careers: Responding to questions successfully
  • 4 reasons why executives are the easiest social engineering targets
  • State of the CSO 2010: Progress and peril
  • Code Security: SAFECode report highlights best practices
    		•
    CSOONLINE.com - Identity & Access
  • Credit and debit card skimming: Look out for fraudulent readers at gas stations
  • The 4 tiers of a secure B2B framework
  • Data Mapping: Domesticating the Wild Rabbit
  • Biometrics: What, Where and Why
  • Free Lunch 2010: Why Public Algorithms Beat the Alternative
  • Take a Walking Tour of Your Company's Security
  • Groundhog Day: The Gartner IAM 2009 Event in Review
  • Top Microsoft Security Architect: Windows 7 Will Slash Malware
  • 6 Ways We Gave Up Our Privacy
  • Where Defense in Depth Falls Short
    		•
    CSOONLINE.com - Business Continuity
  • Moving day: How to protect your company during a relocation
  • Enterprise risk management: Get started in six steps
  • What the Gulf Oil Spill can teach CIOs about disasters
  • Happy vacation! Security at tourist spots
  • A Daily Dashboard for security and business continuity
  • Business continuity, not data breaches, a top concern for tech firms
  • What if the smart grid has stupid security?
  • Offshore banking more secure? You're dreaming
  • Super Duper Tabletop Disaster Scenarios
  • Travel Security: What to Pack to Survive a Natural Disaster
    		•
    CIO.com - Security
  • After Google Incident, Wi-Fi Data Collection Goes on
  • Norton Releases 2011 Security Products
  • Hackers Create 57,000 Malicious Pages Per Week
  • Email is 'Counter-Productive' Says Salesforce.Com
  • 65 Percent of Web Users Are Victims of Cybercrime
  • Symantec: Most Hacking Victims Blame Themselves
  • What Happens in D.C. Can Help Or Hurt the Security Industry
  • Getting Your Data Safely Across the Border
  • Spammers Exploit Second Facebook Bug in a Week
  • Symantec Updates Enterprise Vault, Ties to Microsoft Cloud Apps
    		•
    Computerworld Security News
  • Apple matches Mozilla, patches DLL hijacking bug in Safari
  • Mozilla fixes Firefox's DLL load hijacking bug
  • Symantec: Most hacking victims blame themselves
  • Spammers exploit second Facebook bug in a week
  • On the job
  • Zoomerang vs. SurveyMonkey: Who has the better privacy?
  • More Security News
    		•
    Computerworld App Security News
  • Google disputes bug patching report
  • Visa offers new guidance on securing payment applications
  • Zero-day Windows bug problem worse than first thought, says expert
  • Update: 40 Windows apps contain critical bug, says researcher
  • Mozilla downplays Firefox bug, passes on fix
  • HP's Fortify buy puts spotlight on obscure -- but important -- niche
  • More App Security News
    		•
    Computerworld Business Continuity News
  • Symantec releases de-duplication appliance, cloud storage for backup
  • Security program automatically tracks down missing patches
  • How to modernize your backup infrastructure
  • As Earl looms, tips to batten down IT
  • More IT managers plan to spend less, survey finds
  • Update: Virginia's IT outage continues, 3 agencies still affected
  • More Business Continuity News
    		•
    Computerworld Cybercrime and Hacking News
  • Symantec: Most hacking victims blame themselves
  • Nigerian advance-fee scammer gets 12 years
  • Investigators find famous DJ's credit card details for sale
  • Discover to get $5M from Heartland for '08 data breach
  • DARPA launches insider threat detection effort for military
  • Miami man pleads guilty in ID theft case
  • More Cybercrime and Hacking News
    		•
    Computerworld DRM and Legal Issues News
  • Update: HP sues Hurd over confidentiality issues
  • ACLU, other groups sue U.S. over border laptop searches
  • Police in Europe conduct raids over file-sharing sites
  • Secret copyright treaty draft leaked after Washington talks
  • Google settles Buzz privacy lawsuit
  • Facebook glitch let spammer post to walls
  • More DRM and Legal Issues News
    		•
    Computerworld Data Security News
  • Security program automatically tracks down missing patches
  • NSS Labs: Testing shows most AV suites fail against exploits
  • Changes to PCI Data Security Standard leave questions unanswered
  • Heartland denies systems involved in new data breach
  • Security Manager's Journal: 400 sensitive documents get downloaded, showing that IP is still at risk
  • BlackBerry maker to UAE, Saudis: No 3rd party can access encrypted data, not even us
  • More Data Security News
    		•
    Computerworld Malware and Vulnerabilities News
  • Apple matches Mozilla, patches DLL hijacking bug in Safari
  • Mozilla fixes Firefox's DLL load hijacking bug
  • Spammers exploit second Facebook bug in a week
  • Microsoft investigates years-old IE bug
  • Facebook glitch let spammer post to walls
  • HP buys 3Par, Apple rolls out new gear
  • More Malware and Vulnerabilities News
    		•
    Computerworld Privacy News
  • After Google incident, Wi-Fi data collection goes on
  • ACLU, other groups sue U.S. over border laptop searches
  • Zoomerang vs. SurveyMonkey: Who has the better privacy?
  • Google settles Buzz privacy lawsuit
  • Consumer group lampoons Google CEO over privacy issues
  • Security program automatically tracks down missing patches
  • More Privacy News
    		•
    Computerworld Security Hardware and Software News
  • Can a Relative or Roommate Spy on Me?
  • Security program automatically tracks down missing patches
  • Security-as-a-service growing
  • Twitter API adds OAuth sign-on method
  • Cisco patches bug that crashed 1% of Internet
  • 3M offers $943M for biometric security vendor Cogent Systems
  • More Security Hardware and Software News
    		•
    Security Central - Infoworld
  • Firefox among first browsers to fix DLL load hijacking bug
  • Microsoft investigating long-known vulnerability in IE
  • Imagine a world with no cyber secrets
  • Microsoft kills Windows SteadyState
  • Microsoft upgrades free app security tool
  • Women perform well on Defcon social engineering test
  • Secunia security program automatically tracks down, applies patches
  • Skyrocketing viruses, less danger?
  • Global spam hits all-time high
  • Microsoft still mum on programs prone to DLL hijacking attacks
    		•
    Network World on Security
  • Mozilla fixes Firefox's DLL load hijacking bug
  • Home working spreads among office workers
  • Craigslist urged to ban 'adult services' across all sites
  • Symantec launches Norton 2011 security products
  • Symantec: Most hacking victims blame themselves
  • Hackers create 57,000 malicious pages per week
  • Trend Micro Revamps Entire Product Line With 'Titanium'
  • Email is 'counter-productive' says Salesforce.com
  • Apple matches Mozilla, patches DLL hijacking bug in Safari
  • Norton Releases 2011 Security Products
    		•
    Security Alert
  • Mozilla Pushes Out Last Update to Firefox 3.0
  • Emergency IE Patch Fixes Zero-Day Flaw
  • Firefox Fix Heads Off Font Attack
  • Attack Samples Show Targeted Sophistication
  • Excel, Movie Maker Flaws Fixed by Microsoft
  • IE 6 and 7 Bug Allows for Attacks via Poisoned Sites
  • Microsoft Warns of F1 Site Attack
  • Blue Screen Reboots After Microsoft Patch Could Mean Malware
  • Firefox 3.5.8 Closes Security Holes
  • Stay Ahead of Malicious PDFs With Latest Adobe Update
    		•
    PCWorld
  • Trend Micro Revamps Entire Product Line With 'Titanium'
  • Norton Releases 2011 Security Products
  • Fake Antivirus Software Uses Ransom Threats
  • Presented By:
  • Germany to Launch Antibotnet Program for Consumers
  • Privacy in iTunes Ping
  • Huge Spamming Botnet Injured but Still Alive
  • Rustock Botnet Changes Tactics
  • Gaming Skills Become a College Course
  • Murder by Malware: Can a Computer Virus Kill?
    		•
    DarkReading - All Stories
  • String Of Deals Shows Demand for Cloud-Based Authentication
  • Tech Insight: Retooling Vulnerability Scanning, Penetration Testing For IPv6
  • Five Ways To Stop Mass SQL Injection Attacks
  • IPv6 Transition Poses New Security Threats
  • Networked Scanners Offer A Window Into The Enterprise, Researcher Says
  • U.S. Businesses Could Lose Up To $1 Billion In Online Banking Fraud This Year
  • Product Watch: Verizon, VMware Team Up With Hybrid Cloud Service
  • Could USB Flash Drives Be Your Enterprise's Weakest Link?
  • Delaware Contractor Mistakenly Posts Personal Data Of 22,000 Employees
  • IBM Corrects Unpatched Vulnerability Numbers After Google Challenge
    		•
    Dr.Dobb's Security Articles
  • NSF Announces Future Internet Architecture Awards
  • ActivePython Upgrades Announced
  • Pay-As-You-Go Backup for SMBs
  • Steganography Detection Tool Released
  • XIA Internet Architecture Project Underway
  • USB Drive Virus Attack Verified
  • Context-Based Privacy Model
  • SMT Boosters Recognized at Verification Event
  • Keyloggers Evade Anti-Spyware
  • Survey: Cloud Hacking Is On a 'Vast' Scale
    		•
    Research Portals on 4,000 IT Security, Information Assurance, Controls, Compliance Terms & Concepts

    Click on any term to see related Definitions, Articles, News, Presentations, Videos, Discussions, Blogs, Q&A, Books, Jobs, and More

    # .exe · .NET Passport · /etc/passwd · 0 day · 128 bit encryption · 128 bit keys · 2600 The Hackers Quarterly · 3 way handshake · 3DES: Triple DES · 40 bit encryption · 56 bit encryption · 64 bit encryption · 64 bit keys · 802.1 · 802.11i · 802.11x · "

    A A3 Algorithm · A3/A8 · A5 Algorithm · A8 Algorithm · AAA · AAA server · Abend · Abend Crash · Abort · Acceptable Interruption Window · Acceptable Use Policy · Acceptance · Access · Access Control · Access Control List · Access Control List (ACL) · Access Control Mechanism · Access Control Service · Access Control Table · Access control Authorization and Auditing · Access Level · Access list · Access Management · Access mask · Access Matrix · Access Network · Access Path · Access Point · access point mapping · Access Profile · Access Rights · Access Servers · Access Token · Access Type · Accidental Damage · Account · Account Harvesting · Account lockout · Account lockout policy · Account policy · Accountability · Accounting Legend Code · Accounting Number · Accreditation · Accreditation Boundary · Accreditation Package · Accrediting Authority · ACE: Access Control Entry · ACF2 · ACF2: Access Control Facility 2 · Achilles Heel · ACK Piggybacking · ACK Storm · Acknowledgement (ACK) · ACL: Access Control List · AclDiag: ACL Diagnostics · ACPA: Anticybersquatting Consumer Protection Act · ACSA: Applied Computer Security Associates · ACSAC: Annual Computer Security Applications Conference · Active Attacks · Active Content · active man in the middle attack · Active Recovery Site (Mirrored) · Active Response · ActiveX · Activity · Activity Monitors · Adaptive proxy · Add on Security · Address harvester · Address munging · Address Space · Address spoofing · Address based authentication · Addressing · Adequate Security · Adjusting Period · Administrative Controls · Administrative Function · Admintool · Admissible Evidence · Admission Control · Admnlock · ADMworm · ADSL · Advanced Encryption Standard · Advice of Charge · Advisory · AdvWare · Adware · AE: Authenticated Encryption · AES · AES CMAC · AES CMAC PRF 128 · AES: Advanced Encryption Standard · AFIS · AFIS: Automated Fingerprint Identification System · Agent · Aggressive Mode · AH: Authentication Header · AI · AIM (AOL Instant Messenger) · AirSnort · AKE: Augmented Key Exchange · ALBB: Application Level Behavior Blocking · Alert · Alert flooding · Alert Situation · Alias · Allocation Entry · Allow list · Alpha · Alpha Geek · Alpha Software · Alternate COMSEC Custodian · Alternate Facilities · Alternate Process · Alternative Routing · Alternative Work Site · Amap · American Standard Code for Information Interchange · Amortization · Amplification attack · Analog · Analogue · Analogue Computer · Analyst · Analytical Technique · Anna · Anna Kournikova virus · Anna or Anna Kournikova virus · Anomaly · Anomaly Detection · Anomaly based IDS · Anonymity · Anonymous access · Anonymous FTP · Anonymous P2P · Anonymous proxy · Anonymous remailer · Anonymous Web browsing · Anoraks · ANSI · Anti Adware · Anti Jam · Anti Phishing · Anti Spam · anti spam cocktail · Anti Spoof · Anti Spyware · Anti Virus (Antivirus) Software · Anti virus databases · Anti virus engine · Anti Virus Program · anti virus software · Anti virus update · Anti virus upgrade · Anti X · Antigen · AntiSniff · antivirus software · API (Application Program Interface) · Appearance · Appearance of Independence · Applet · Application · Application Acquisition Review · Application Control · Application Crash · Application Development Review · Application Filtering · Application Hardening · Application Implementation Review · Application Layer · Application Layer Firewall · Application Level Gateway · Application Maintenance Review · Application or Managed Service Provider (ASP/MSP) · Application Programming · Application Programming Interface (API) · Application Proxy · Application Security · Application Service Provider (ASP) · Application software · Application Software Tracing and Mapping · Application System · Application Tracing and Mapping · Application level proxy · AppSec: Application Security Tool · APS: Application Protection System · Apsend · APSR · Arbitrary code execution attack · Archie · Architecture · Architecture Technical and Applications · Archive · Archive bomb · Archive file · Archiving · Archivist · Argus · Arithmetic Logic Unit (ALU) · ARP Address Resolution Protocol · ARP Cache Poisoning · ARP Poisoning · ARP redirection · ARP Spoofing · ARP: Address Resolution Protocol · ARPAnet · ARPANET: Advanced Research Projects Agency Network · Arpwatch · Artificial Intelligence · AS: Authentication server · ASA: Adaptive Security Algorithm · ASAX: Advanced Security Audit Trail Analysis on UNIX · ASCII (American Standard Code for Information Interchange) · ASP · ASP.NET Forms authentication · Assembler · Assembly Language · Assessment · Asset · Assurance · Assurance Initiative · Assured Software · asymmetric algorithm · asymmetric cryptography · Asymmetric Key (Public Key) · Asymmetric key algorithm · Asymmetric Warfare · Asynchronous Transfer Mode (ATM) · Asynchronous Transmission · ATLAS: Advanced Transaction Look up and Signaling · ATM Security · ATR string · Attack · Attack map · Attack Sensing and Warning · Attack signature · attack vector · Attest Reporting Engagement · Attitude · Attribute BLOB · Attribute Sampling · AUC: Authentication Centre · Audit · Audit (or Auditing) · Audit Accountability · Audit Authority · Audit Charter · Audit Evidence · Audit Expert Systems · Audit Log · Audit logl · Audit Objective · Audit Plan · Audit policy · Audit Program · Audit Responsibility · Audit Risk · Audit Sampling · audit trail · Audit Universe · Auditability · Auditable Unit · Auditor · Auditpol · AUP: Acceptable Use Policy · AusCERT: Australian Computer Emergency Response Team · authenticate · authentication · Authentication Algorithm · Authentication and Key Agreement · Authentication Center · Authentication package · Authentication Protocol · authentication server · Authentication Spoofing · Authentication System · authentication ticket · authentication authorization and accounting · Authenticator · Authenticity · Authenticode · Authorisation · authorization · Authorization creep · Authorized Vendor · Authorized Vendor Program · Auto Dial back · Autologon · Automated Application Control · Automated Fingerprint Identification System · Automated Information System · Automated Security Monitoring · Automatic Remote Rekeying · Autonomous System · Autorooter · Availability · Availability · Availability of Data · Awareness · "

    B back door · Back Orifice · Backbone · backdoor · Backdoor Trojans · backscatter · backscatter body scanning · backscatting · backtracking · Backup · Backup and Recovery · Backup and Restore · Backup authority · Backup Center · Backup Files · backup on the Web · Backup plan · Backup Power Generators · backup with DAT USB · Backward secrecy · Badge · Badtrans.B · Balanced Scorecard · Bandwidth · Bandwidth consumption attack · Banner · Banner grabbing · Bar Code · barnacle · Base Case · Base content type · Base cryptographic functions · Base Station Controller · Base Station Subsystem Application Part · Base Station System · Base Tranceiver Station · Baseband · Basic Authentication · Bastille · bastion host · Batch · Batch Control · Batch file · Batch Processing · Baud Rate · Bayesian Analysis · Bayesian filter · Bayesian filtering · Bayesian Logic · BBBOnLine · BBS · BCP · BCP: Business Continuity Plan · beaming · Behavior Blocking · Behavior blocking software · Behavioral analysis · Bell LaPadula Security Model · Bench Testing · Benchmark · Benchmarking · Benefit · Benign · Benign Environment · BER: Basic Encoding Rules · Bespoke · Bess · Best Practice · Beta Software · BGP VPN · BIA: Business Impact Analysis · Biba Model · BiDiBlah · bifurcation · Big Blue · Binary code · BIND: Berkeley Internet Name Domain · Binders · Binding · BinHex · Biometric Access Controls · biometric authentication · biometric identification · Biometric Locks · biometric payment · biometric verification · Biometrics · BIOS · BIOS attack · BIOS cracking · Birthday Attack · Birthday Paradox · Bit · Bit Error Rate · Bit stream Image · BitLocker · Bitloss · BLACK · Black Box Testing · black hat · Black Hat Briefings · Black Hat Hackers · Black hole list · Black Magic · Blackholing · Blacklist · blended attack · blended exploit · blended threat · Blind Spoofing Attack · Bloatware · BLOB · block cipher · Block list · Blowfish · blue bomb · Blue Screen of Death · Bluejacking · bluesnarf · Bluesnarf · Bluesnarfing · Bluetooth · BMUS · BO2K · BO2K: Back Orifice 2000 · Boeing Syndrome · Boink attack · Bonk attack · Boot · Boot disk · Boot Record Infector · Boot sector · Boot sector virus · BOOTP · Bootstrap · Borg · Bot · bot network · bot worm · BotHunter · Botnet · Botrunner · Bottlenecking · botworm · Bounce Attack · Boundary · BPCP · BPCP: Business Process Contingency Plan · bps · brain fingerprinting · Brain Scanning · Brainwave Detector · brand spoof · Brand Spoof or Brand Spoofing · brand spoofing · Brevity List · Bridge · British Standard 7799 · Broadband · Broadcast · Broadcast Address · Brochureware · Brooks' Law · Brouters · Brown Orifice · Browser · Browser Helper Object · browser hijacker · Browsing · BRP: Business resumption plan · brute force · Brute Force Attack · Brute force attacking · brute force cracking · BS 7799 · bucket brigade · Bucket Brigade Attack · Budget · Budget Formula · Budget Hierarchy · Budget Organization · Buffer · buffer overflow · Buffer overrun · Bug · Bugbear · BugTraq · Bulk Data Transfer · Bulk Encryption · Bulk encryption key · Bus · Bus Configuration · Business Assets · Business Balanced Scorecard · Business Case · Business Continuity and Disaster Recovery (BCDR) · business continuity plan · Business Continuity Plan (BCP) · Business Controls · Business Dependency Assessment · business event management · Business Function · Business Impact Analysis (BIA) · Business Impact Assessment (BIA) · Business Interruption · Business Process · business process contingency plan · Business Process Integrity · Business Process Reengineering (BPR) · Business Requirements · Business Service Provider (BSP) · Business Sponsor · Business to Business (B2B) · Business to Consumer (B2C) · Business to Consumer E Commerce · bypass · Bypass Label Processing (BLP) · Byte Cache · "

    C C2: Class C2 · CA · CA certificate · CA hierarchy · CA ACF2 · CA ACF2: Computer Associates Access Control Facility · CA: Certification Authority · cable modem · Cache · cache cramming · cache poisoning · Cadbury · Cain & Abel · CALEA: Communications Assistance for Law Enforcement Act · California Security Breach Information Act · Call Back · Call Data Record · Callback · caller ID spoofing · CAN SPAM: Controlling the Assault of Non Solicited Pornography and Marketing Act · Canister · Canonicalization error · CAP: Certification and Accreditation Professional · Capability · Capability Maturity Model (CMM) · Capacity Planning · Capacity Stress Testing · CAPI: Crypto API · CAPICOM · Capital Expenditure · Capital Expense · captive portal · capture · Card Swipes · carding · Carnivore · CARO (Computer Anti Virus Research Organization) · CAS: Code access security · Cascading · CAST · Category · Cathode Ray Tube (CRT) · CBAC: Context based Access Control · CBC · CBC: Cipher Block Chaining · CCA: Common Cryptographic Architecture · CCI Assembly · CCI Component · CCI Equipment · CCITS: Canadian Centre for Information Technology Security · CCM: Counter mode with Cipher block chaining Message authentication code · CCMP: Counter mode with Cipher block chaining Message authentication code Protcol · CCSP · CCTV · CD · CD ROM · cDc: Cult of the Dead Cow · CDMA Division Multiple Access · CDROM · Cell Global Identity · cell phone spam · Cellular Message Encryption Algorithm · Central Equipment Identity Register · Central Office Of Record · Central Processing Unit (CPU) · Centralized Data Processing · Centre for the Protection of National Infrastructure · CER: Crossover Error Rate · CERIAS: Center for Education and Research in Information Assurance and Security · CERT · CERT: Computer Emergency Response Team · Certificate · certificate authority · Certificate Authority (CA) · Certificate BLOB · Certificate Management · Certificate policy · Certificate request · Certificate Revocation List (CRL) · Certificate server · Certificate Service · Certificate store · Certificate store functions · Certificate template · Certificate Based Authentication · certification · Certification and Accreditation Process · Certification Authority · Certification Authority Workstation · Certification Package · Certification Practice Statement (CPS) · Certification Request Syntax Standard · Certification Test And Evaluation · Certified Information Systems Security Professional · Certifier · CET: Cisco Encryption Technology · CFB · CFB: Ciphertext Feedback · cgi bin · CGI: Common Gateway Interface · chaffing · chaffing and winnowing · Chain of Custody · Chaining mode · Challenge · Challenge And Reply Authentication · Challenge response authentication · Challenge Token · Challenge Response · challenge response authentication mechanism · Change Control · Change Management · Channel Service Unit/Digital Service Unit (CSU/DSU) · CHAP: Challenge Handshake Authentication Protocol · Chargeback · Chat Room · Check Digit · Check Digit Verification (Self checking Digit) · Check Word · Checklist · Checkpoint Restart Procedures · Checksum · Chernobyl virus · Chief Executive Officer (CEO) · Chief Financial Officer (CFO) · Chief Information Officer (CIO) · Chief Technology Officer (CTO) · Chinese Wall Model · Chip and PIN · Chosen Ciphertext Attack · Chosen Plaintext Attack · Chroot jail · CIAC: Computer Incident Advisory Capability · cipher · cipher block chaining · Cipher Feedback · Cipher Key Sequence Number · Cipher mode · Cipher Text · Cipher Text Auto Key · Ciphering Algorithm · Ciphering Key · Ciphering Key Generating Algorithm · ciphertext · ciphertext feedback · Ciphertext Only Attack · Ciphony · Circuit Level Firewall · Circuit Level Gateway · Circuit Switched Network · Circular Routing · CIS: Center for Internet Security · CISA: Certificate Information Systems Auditor · CISC · Cisco Certified Security Professional (CCSP) · Cisco Information Security Specialist (CISS) · CISO: Chief Information Security Officer · CISP PCI · CISP: Cardholder Information Security Program · CISSP: Certified Information System Security Professional · CITU: Central Information Technology Unit · Clark Wilson Model · Class C2 · Classic virus · Classified Information · Classified Information Spillage · Clear Desk Policy · Clear Screen Policy · Clearance · Clearing · Cleartext · Clerical Systems · CLI (Command Line Interface) · clickjacking · Client · Client certificate · Client server · Clipper · Clipper Chip · cloak of invisibility · Clogging attack · Closed Security Environment · Closed User Group · Cloud Cover · Cluster Controller · CMA · CMAC: Cipher based Message Authentication Code · CMYK · CNSSI 4009 Terms · Coaxial Cable · COBIT · COCO · cocooning · Code · Code Book · Code Group · Code of Connection (CoCo) · Code Red · Code signing · Code Vocabulary · Codeaccesspermissions · CODEC · Coevolving · Coherence · Cohesion · cold site · Cold Start · Collaborative Computing · Collision · Combined Code on Corporate Governance · Command Authority · command injection · Command line · Command Line Prompt · Command Prompt · Commercial COMSEC Evaluation Program · Commission · Common Criteria · Common Criteria & Methodology for Information Technology Security Evaluation · Common Fill Device · Common Gateway Interface CGI · Common Weakness Enumeration · Communication Processor · Communications Controller · Communications Cover · Communications Deception · Communications Equipment · Communications Line · Communications Network · Communications Profile · Communications Security · Community Risk · Community Strings · Companion virus · Comparison Program · Compartmentalization · Compartmented Mode · Compensating Control · Competencies · Competitive Intelligence · Compiler · Completely Connected (Mesh) Configuration · Completeness Check · Complex dictionary checking · Compliance Testing · Component · Compound threat · Comprehensive Audit · Compressed file · Compression · Compressors · Compromise · Compromised system · Compromising Emanations · Computationally Greedy · Computer Abuse · computer barnacle · Computer Cryptography · Computer Emergency Response Team (CERT) · Computer forensics · Computer Fraud · Computer Misuse Act 1990 · Computer Security · Computer Security Incident · Computer Security Subsystem · Computer Sequence Checking · Computer Server · Computer System · Computer virus · Computer Viruses · Computer worm · Computer Aided Software Engineering (CASE) · Computer Assisted Audit Technique (CAAT) · Computer based Discovery · Computing Environment · COMSEC Account · COMSEC Account Audit · COMSEC Aid · COMSEC Assembly · COMSEC Boundary · COMSEC Chip Set · COMSEC Control Program · COMSEC Custodian · COMSEC Demilitarization · COMSEC Element · COMSEC End Item · COMSEC Equipment · COMSEC Facility · COMSEC Incident · COMSEC Insecurity · COMSEC Manager · COMSEC Material · COMSEC Material Control System · COMSEC Modification · COMSEC Module · COMSEC Monitoring · COMSEC Profile · COMSEC Survey · COMSEC System Data · COMSEC Training · Concept Of Operations · Concurrency Control · Concurrent Access · Conficker · confidentiality · Confidentiality agreement · Confidentiality Integrity and Availability · Configuration Control · Configuration Item (CI) · Configuration Management · Confinement Channel · Connection Hijacking · Consensus baseline security settings · Console · Console Log · Consulted · Consumables · Consumer Data Privacy · consumer privacy · Contamination · Content Discovery · Content Filtering · Content of Communication · Content Protection for Removable Media · Content Security · Contention · Context · Contingency Arrangements · Contingency Key · Contingency Plan · Contingency Planning · Continuity · Continuity of Operations Plan · Continuous Auditing Approach · Continuous Availability · Continuous Improvement · Control Center · Control Framework · Control Group · Control Objective · Control Objectives for Enterprise Governance · Control Objectives for Information and Related Technology · Control Perimeter · Control Practice · Control Risk · Control Risk Self Assessment · Control Section · Control Total · Control Weakness · Controlled Access Area · Controlled Access Protection · Controlled Cryptographic Item · Controlled Interface · Controlled Space · Controlling Authority · Controls · Cookie · cookie poisoning · Cooperative Key Generation · Cooperative Remote Rekeying · COPPA: Children's Online Privacy Protection Act · Copy Protection · Copyright · corporate area network (CAN) · Corporate Exchange Rate · Corporate Governance · Corporate Security Officer (CSO) · Corrective Controls · Correctness Proof · Corrupt Data · Corruption · COSO · COTS Software · Countermeasure · Countersignature · Coupling · Coverage · Covert Channel · Covert Channel Analysis · Covert Channels · Covert Storage Channel · Covert Timing Channel · CPRM · CPRM: Content Protection for Removable Media · CPS: Certification Practice Statement · Crack · cracker · cracking · CRAM · CRAM: Challenge Response Authentication Mechanism · CRAMM: CCTA Risk Analysis and Management Method · Crash · Crawler · CRC: Cyclic Redundancy Check · Credentialed Analysis · Credentials · crimeware · Crippled · Crippleware · Criteria · Critical Functions · Critical Infrastructure · Critical Infrastructures · Critical Success Factors (CSFs) · Criticality Analysis · CRL · CRL: Certificate Revocation List · Cron · Cross Domain Solution · Cross Certification · Cross realm authentication · CRT · Cryptanalysis · CRYPTO · Crypto Alarm · Crypto Algorithm · Crypto Ancillary Equipment · Crypto Equipment · Crypto Ignition Key · Cryptographic · Cryptographic Algorithm · cryptographic checksum · Cryptographic Component · Cryptographic Coprocessor · Cryptographic hash function · Cryptographic Initialization · Cryptographic key · Cryptographic Logic · Cryptographic Message Syntax Standard · Cryptographic Token Interface Standard · cryptography · cryptology · Cryptonet · cryptoperiod · Cryptosecurity · Cryptosynchronization · Cryptosystem · Cryptosystem Analysis · Cryptosystem Evaluation · Cryptosystem Review · Cryptosystem Survey · Cryptosystem: Cryptographic System · CSD: Computer Security Division · CSI: Computer Security Institute · CSIRT: computer security incident response team · CSO · CSO: Chief Security Officer · CSP family · CSP name · CSP type · CSP: Cryptographic service provider · CSR: Certificate Signing Request · CSS spam · CSS: Content Scrambling System · CSS: Cross Site Scripting (or XSS cross site malicious content) · CTCI (Computer to computer interface) · CTCPEC: Canadian Trusted Computer Product Evaluation Criteria · CTL: Certificate trust list · Customer Care and Billing System · Customer Data Privacy · customer privacy · Customer Relationship Management (CRM) · Customise · Customized Application for Mobile Enhanced Logic · Cutover · CVE: Common Vulnerabilities and Exposures · CWE · Cyber Attack · Cyber Storm · Cybercops · Cybercrime · cyberextortion · cyberextortionist · Cybersitter · Cyberslacker · Cyberterrorism or Cyberwarfare · Cyberwar · Cyberwoozle · cyborg insect · Cybrarian · Cyclic Redundancy Check · Cypherpunk anonymous remailer · "

    D DAC: Discretionary Access Control · DACL: Discretionary access control list · Daemon · daisy chain · Damage Evaluation · Dashboard · DAT USB drive · DAT USB tape drive · Data / Information · Data Aggregation · Data Analysis · data availability · Data Capture · Data Classification · Data Classification Scheme · Data Communications · Data Custodian · data decryption · data decryption IC · Data Decryption Integrated Circuits · Data Dictionary · Data Diddling · data encryption · data encryption IC · Data Encryption Standard (DES) · Data Flow · Data Flow Control · data integrity · data key · Data Leakage · Data Mart · data masking · Data Mining · Data Normalization · Data Origin Authentication · Data Owner · Data Privacy · Data Protection Act 1984/1998 · Data Retention · Data Safe · Data Security · data splitting · Data Structure · Data Transfer Device · Data Warehouse · Data Warehousing · Data Oriented Systems Development · Database · Database Administrator (DBA) · Database Management System (DBMS) · Database Replication · Database Specifications · Datagram · Datascope · DCS 1000 · DDoS · DDoS attack · DDoS: Distributed Denial of Service Attack · de perimeterisation · de perimeterization · DEA: Data Encryption Algorithm · Dead Tree Edition · Debug · Decapsulation · Decentralization · Decertification · decipher · Deciplegic · Decision Support Systems (DSS) · decode · decoding · decrypt · decryption · Decryption Key · DED · Dedicated Mode · Deep Packet Inspection · Defacement · Defamation Act 1997 (UK) · Default · Default Classification · Default Deny Policy · Default ID or Default Password · Default Password · Defcon · Defense Acquisition Regulatory Council (DARC) · defense in depth · Defense In Depth · Defense Message System · Defense In Depth · Degauss · Degaussing · Degaussing Media · DEK: Data Encryption Key · Delegated Development Program · demilitarized zone · Demodulation · Demographic · deniable encryption · Denial of Service · Denial of Service (DoS) attack · Denial of Service Attack (DOS) · Deny · deperimeterisation · deperimeterization · depository · Depreciation · DERA: Defence Evaluation and Research Agency · DES · DES / AES · DES: Data Encryption Standard · Descriptive Top Level Specification · Designated Approval Authority · Desktop · desktop administration · desktop management · desktop security · DESX or DES X · Detailed IS Controls · Detective Controls · Development Library · Development Machine · Device · DH: Diffie Hellman · DHA · DHA (Directory Harvest Attack) · DHA: Directory Harvest Attack · DHCP spoofing · DHCP Starvation · DHTML · Dial Back · Dial back · Dial in Access Controls · Dial up · Dial up connection · dictionary attack · Differential Cryptanalysis · Diffie Hellman · Diffie Hellman Key Agreement Standard · Diffie Hellman key exchange · Diffing · digest authentication · DigiCrime · Digital · Digital Certificate · Digital Certification · Digital Code Signing · Digital Discovery · Digital Envelope · Digital Evidence · Digital Evidence Discovery · Digital Fingerprint · Digital forensics · Digital Signature · Digital Signature Algorithm · Digital Signature Standard · Digital Silhouettes · Digital Versatile Disk DVD · digital watermark · Digital watermarking · Direct Reporting Engagement · Direct Shipment · Directive 95/46/EC · directory climbing · Directory Harvest Attack (DHA) · directory traversal · DISA: Defense Information Systems Agency · Disassembler · Disassembly · Disaster · Disaster Declaration · Disaster Notification Fee · disaster recovery · disaster recovery plan · Disaster Recovery Plan Desk Checking · Disaster Recovery Plan DRP · Disaster Recovery Plan Walk through · disaster recovery planning · Disaster Tolerance · Disclosure Controls and Procedures · Discount Rate · Discovery Sampling · Discretionary Access Control · Discretionary Access Control (DAC) · Disk Mirroring · Disk sector · Diskless Workstations · disposable email · Disruption · Distinguished Name · Distributed Data Processing Network · distributed denial of service attack · Distributed Denial of Service Attack (DDoS) · distributed DoS attack · Distributed Processing · Distributed Scans · DITSCAP: Department of Defense Information Technology Security · Diverse Routing · DLL: Dynamic Link Library · DMCA: Digital Millennium Copyright Act · DMS · DMS: Defense Message System · DMZ · DMZ: DeMilitarized Zone · DNS · DNS (Domain Name System) server · DNS Attack · DNS cache poisoning · DNS cache poisoning Pharming · DNS poisoning · DNS Poisoning or DNS Cache Poisoning · DNS Spoofing · DNS: Domain Name System · DOI: Domain of Interpretation · Domain · Domain Hijacking · Domain name · Domain Name Server (DNS) · Domain Name System (DNS) · Domain Name System (DNS) Poisoning · Domain Name System Block Lists (DNSBL) · domain name system poisoning · DomainKeys · dongle · DoS (Denial of Service) attack · DoS Attack: Denial of Service Attack · DOS prompt · DoS: Denial of Service · Dot bug vulnerability · Double loop Step · Down · Download · download · Downloading · Downtime · Downtime Report · DPAPI: Data Protection API · DPI · Drill Down · Drive by Hacking · drive by pharming · drive by spamming · Driver · Driver (Value and Risk) · DRM: Digital Rights Management · Drop Accountability · DRP · DRP: Disaster Recovery Plan · Dry pipe Fire Extinguisher System · DSA: Digital Signature Algorithm · DSL · dsl modem · DSniff · DSO exploit · DSO Exploit: Data Source Object Exploit · DSS · DSS: Digital Signature Standard · Dual Control · Dual International Mobile Subscriber Identity · Dual Homed Gateway · Due Care · due diligence · Due Professional Care · dumb · dumb network · Dumb Terminal · Dumb Terminal · dump site · DumpSec · Dumpster Diving · Duplex Routing · Duress Feature · Dynamic Analysis · Dynamic Host Configuration Protocol (DHCP) · Dynamic Key Derivation · dynamic packet filter · Dynamic proxy · Dynamic Routing Protocol · "

    E E 911 · e Business · e Commerce · e commerce · e discovery · e mail · e Mail Discoverability · e mail extractor · e mail forgery · E mail Signature file · E SIGN Act: Electronic Signatures in Global and National Commerce Act · E Signature · e Trading · EAP TLS: Extensible Authentication Protocol Transport Layer Security · EAP TTLS: Extensible Authentication Protocol–Tunneled Transport Layer Security · EAP: Extensible Authentication Protocol · EAPoL: Extensible Authentication Protocol over LAN · EAPoW: Extensible Authentication Protocol over Wireless · EAR: Export Administration Regulations · Earwigging · eavesdropping · ECB · ECB: Electronic Code Book · ECC: Elliptical Curve Cryptography · ECDSA: Elliptic Curve Digital Signature Algorithm · Echelon · Echo Checks · Echo Reply · Echo Request · Economic Value Add (EVA) · ECSS: Extended Certificate Syntax Standard · EDD · ediscovery · Edit Controls · Editing · Editor · EES · EES: Escrowed Encryption Standard · EFS · EFS: Encrypting File System · EGA · Egress Filtering · EICAR (European Institute for Computer Anti Virus Research) · EICAR test file · EICAR: European Institute of Computer Anti Virus Research · EIM · Einstein · EKE: Encrypted Key Exchange · El Gamal · electro optical fingerprint recognition · Electrohippies Collective · Electronic Code Book · Electronic Content Discovery · Electronic Data Discovery · Electronic Data Interchange (EDI) · Electronic Data Management · electronic discovery · Electronic Document · Electronic Document Discovery · Electronic Eavesdropping · Electronic Evidence · Electronic Evidence Discovery · Electronic Funds Transfer (EFT) · electronic health record (EHR) · Electronic Information Discovery · Electronic Mail E mail · electronic medical record (EMR) · Electronic Messaging Services · Electronic Security · Electronic Signature · Electronic Vaulting · Electronic discovery · Electronically Generated Key · Elk Cloner · elliptical curve cryptography · EMAIL Attack · EMAIL Authentication · Email Discoverability · eMail Evidence Discovery · EMAIL Forgery · eMail Search and Discovery · email spoofing · Email worm · emanation monitoring · Emanations Analysis · Embedded Audit Module · Embedded Computer · Embedded Cryptographic System · Embedded Cryptography · Emissions Security · EMR shielding · Encapsulation · Encapsulation (objects) · Encipher · Enclave · Enclave Boundary · Encode · encoding · encoding and decoding · encrypt · Encrypted data · Encrypting File System · encryption · Encryption algorithm · encryption and decryption · Encryption Certificate · Encryption Key · End of Day eod · End User · End User License Agreement EULA · End Item Accounting · End to end Encryption · End To End Security · End User Computing · Endorsed For Unclassified Cryptographic Item · Endorsement · endpoint security · Enforced Path · Engagement Letter · Enhanced Data GSM Environment · Enhanced Messaging Service · Enhancement · Enterprise · Enterprise Architecture · Enterprise Architecture for IT · Enterprise Governance · Enterprise Identity Mapping · Enterprise Resource Planning (ERP) · Enterprise Search and Discovery · Entrapment · Enumeration · Environment · EoP: Elevation of privileges · Ephemeral Key · Ephemeral Port · EPIC: Electronic Privacy Information Center · Equipment Identity Register · Erasure · ERP (Enterprise Resource Planning) System · Error · Error Log · Escrow · Escrow Agent · Escrow Agreement · Escrow Passwords · Escrowed Encryption Standard · ESP · ESP: Encapsulating Security Payload · Ethereal · Ethernet · ethical hacker · ethical hacking · ethical worm · EU Data Protection Directive · European Conference of Post and Telecommunication Administrations · European Telecommunications Standards Institute · Evaluation Assurance Level · Event · event handler · event handling · Event logs · event stream processing (ESP) · Evidence · evil twin · Exception Reports · Exclusive OR (XOR) · EXE files · Executable · Executable Code · Executable file · Executable files · Executive State · Exercise Key · Expectations Mismatch · Expert Systems · Expiry · exploit · Exploitable Channel · Exponential Backoff Algorithm · exponential key exchange · Exposure · Extended ACLs · Extended Binary coded Decimal Interchange Code (EB · Extended Enterprise · Extensible Markup Language (XML) · External Router · External Storage · Extraction Resistance · Extranet · Extranet · extrusion prevention · "

    F Facsimile · FACTA · Fail Safe · Fail Soft · Fail over · Fail safe · Failure Access · Failure Control · Fair and Accurate Credit Transactions Act · Fair Credit Reporting Act · FairPlay · Fall through Logic · Fallback procedures · false acceptance · False Authorization · False Enrollment · False negative · False positive · false rejection · false rejection rate · FAR · FAR: False Acceptance Rate · Faraday cage · Fast File System · Fast packet keying · FAT (File Allocation Table) · Fault Line Attacks · Fault Tolerance · Fax / Facsimile Machines · FCRA · Feasibility Study · Features / Glitches (Bugs) · FedCIRC: Federal Computer Incident Response Center · federated identity management · FERPA · FFIEC compliance · FH CDMA · FH CDMA: Frequency Hopping Code Division Multiple Access · Fiber Optic Cable · Field · File · File Allocation Table (FAT) · File integrity checker · File Layout · File Protection · File Security · File Server · File slack · File system traversal attack · File Transfer Protocol (FTP) · File virus · files · Fill Device · Filter · Filtering Router · FIM · FIN (Final) · Finagle's Law · Financial Audit · Financial Services Authority · Finger · finger image · finger vein ID · fingernail storage · fingerprint scanning · Fingerprinting · fingerscanning · FIP: Fair Information Practices · FIPS PUB 197 · FIPS: Federal Information Processing Standard · Fire Fighters · fire fighting · Fire Resistant Storage Cabinet · firefighting · FIREFLY · Firefox 3.5 · Firestarter · firewall · Firewall · firewall · Firewall Appliance · Firewall Builder · Firewalls · Firmware · first computer virus · FIRST: Forum of Incident Response and Security Teams · Fiscal Year · fishing · Fit for Purpose · FITSAF: Federal Information Technology Security Assessment Framework · Fix · Fixed COMSEC Facility · Fixed Storage · Flag · Flame · Flame Bait · Flash · Flaw · Flaw Hypothesis Methodology · Flexible Mandatory Access Control (FMAC) · Flooding · Flooding Attack · Floppy disks · Fluhrer Martin and Shamir Attack · footbath · footprinting · Foreign Key · forensic · Forensic Analysis · Forensic Examination · forensic watermark · Forensics · Forest · Fork Bomb · Form Based Authentication · Formal Access Approval · Formal Development Methodology · Formal Method · Formal Proof · Formal Security Policy · Formal Top Level Specification · Formal Verification · Format · Format Checking · Format String Attack · FORTEZZA · Forward Lookup · Forward Proxy · Forward Secrecy · Fourth Generation Language (4GL) · Fping · FPipe · Fport · Fragment Offset · Fragment Overlap Attack · Fragmentation · Frame Relay · Freedom of Information Act 2000 · Freeware · Freeze · Frequency Hopping · frequency hopping spread spectrum · Friendly Termination · Friode · Front End Security Filter · FRR: False Rejection Rate · FSA · FSV: File Signature Verification · FTP (File Transfer Protocol) · FTP bounce attack · FTP: File Transfer Protocol · Full Disclosure · Full Maintenance · Full Monte · Full Monty · full disk encryption (FDE) · Fully Qualified Domain Name · Function Point Analysis · Functional Proponent · Functional Requirements Specification · Functional Testing · Future Proof · fuzz testing · fuzzing · Fwbuilder · "

    G Games · garbage in garbage out · garbage in gospel out · Gateway · Gateway Mobile Services Switching Center · Gaussian Minimum Shift Keying · Geek · General Computer Controls · General Packet Radio System · Generalized Audit Software (GAS) · Generic detection · Generic Process Control · Geographic Disk Mirroring · Geographical Information System (GIS) · geolocation · GetAdmin · Gethostbyaddr · Gethostbyname · Ghost · GIAC: Global Information Assurance Certification · Gigabyte · GINA · GLBA: Gramm Leach Bliley Act · Glitch Attack · glob · Global Information Grid · Global Information Infrastructure · global spy network · Global System for Mobile communication · Global Title Translation · globbing · GNU · GnuPG: GNU Privacy Guard · Gnutella · GnuTLS: GNU Transport Layer Security Library · goat · Goner · Good Times · good worm · Googledork · GooPot · Gooscan · Gopher · Governance · GPG: GNU Privacy Guard · GPO · GPO: Group Policy Object · graphical password · graphical user authentication · Grass Line · gray hat · graynet · grey hat · grey net · Greylist · greynet · Group Policy · Group Policy Object · GSI: Government Secure Intranet · GSM EDGE Radio Access Network · GSM Interworking Unit · GSS: Generic Security Service · GTAC: Government Technical Assistance Centre · GUA · GUA: Graphic User Authentication · Guard · Guest · Guest account · Guideline · "

    H hacker · Hacking · hacktivism · hacktivist · half open scanning · Ham · Handle · Handprint Scanner · Handshake · Handshaking Procedures · Hang · Harassment · Hard Copy · Hard Copy Key · hard disk · hard drive overwriter · hard drive encryption · Harden · Hardening · Hardware · Hardware Inventory · Hardware Platform · Hardwired Key · Harrison Ruzzo Ullman Model · Harvesting · hash · hash function · Hash Total · hashing · Hashing algorithm · Hashword · Health and Safety · Help Desk · Heritage System · Heuristic analysis · Heuristic Filter · heuristics · heuristics · HEX · Hex Editor · Hex encoding URL attack · Hexadecimal · HFNetChk · HI MEMS cyborg insects · Hidden file · HIDS: Host Based IDS · Hierarchical Database · Hierarchy of trust · High Assurance Guard · High Speed Circuit Switched Data · Hijack Attack · hijacking · hijackware · HIPAA: Health Insurance Portability & Accountability Act · HMAC MD5: Hashed Message Authentication Codes with MD5 · HMAC: Keyed Hash Message Authentication Code · hoax · Hoax Virus · home automation · Home Environment · Home Location Register · Homeland Security Act · honey monkey · honey pot · Honey Pot or Honeypot · honeynet · Honeynet Project · honeypot · HOPE: Hackers On Planet Earth · Hops · Hose and Close · Host · host file hijack · Host Based IDS · Host based security · Hosts file · Hot Desking · hot site · hot site and cold site · Hot spot · Hot Standby · Hotel ICQ · Hotfixe · Housekeeping · Hping · Hping2 · HSM: Hardware security module · htaccess · HTML (Hypertext Markup Language) · HTTP · HTTP (Hypertext Transfer Protocol) · HTTP Attack · HTTP over SSL · HTTP Proxy · HTTPS · HTTPS and SSL · Hub · Hurdle Rate · Hybrid Attack · Hybrid Encryption · hybrid Insect MEMS · hybrid virus · Hyper Hasher · Hyper Text Transfer Protocol Secure (HTTPS) · Hyperlink · Hyperlink Spoofing · Hypertext · Hypertext markup language (HTML) · Hypertext Transfer Protocol (HTTP) · "

    I I SPY Act · IA Architecture · IA Enabled Information Technology Product · IA: Information Assurance · IAE: Information Assurance Engineering · IASE: Information Assurance Support Environment · IATF: Information Assurance Technical Framework · IATTF: Information Assurance Technical Framework Forum · IceNewk · ICMP Attack · ICMP bug · ICMP enumeration · ICMP fingerprinting · ICMP Flood · ICMP sweep · ICMP tunneling · ICMP: Internet Control Message Protocol · ICRL: Indirect Certificate Revocation List · ICV: Integrity Check Value · IDEA · IDEA: International Data Encryption Algorithm · Identification · Identification · Identity · identity card · identity chaos · identity federation · Identity Hacking · Identity Management · identity theft · Identity Token · Identity Validation · Idle host scan · Idle Standby · IDS · IDS (Intrusion Detection Systems) · IEEE · IETF: Internet Engineering Task Force · IFrame · IIS Lockdown Tool · IISP (Institute of Information Security Professionals) · iJacking · IKE · IKE: Internet Key Exchange · IKEv2: Internet Key Exchange version 2 · ILOVEYOU · IM (Instant Messaging) · IM spam · IM worm · Image Processing · IMAP (Internet Message Access Protocol) · IMAP: Internet Message Access Protocol · Imitative Communications Deception · Impact Analysis · Impact Assessment · Impersonating · Impersonation · Implant · Implement · Implementation Life Cycle Review · in the wild · Inadvertent Disclosure · incident · Incident Handling · incident response · incident response plan · incident response policy · Incident response team · Incomplete Parameter Checking · Incremental Backups · Incremental Testing · Incursion · Independence · Independent Appearance · Independent Attitude · Indexed Sequential Access Method (ISAM) · Indexed Sequential File · Indicator · Individual Accountability · Individual Subscriber Authentication Key · Inetd: Internet Daemon · Infection · Inference Attack · Informal Security Policy · Information Architecture · Information Asset · Information Assurance · Information Assurance Manager · Information Assurance Officer · Information Assurance Product · Information Custodian · Information Engineering · Information Environment · Information Flow Control · Information leakage · Information Operations · Information Owner · Information Processing Facility (IPF) · Information Security · Information Security Governance · Information Security Guidelines · Information Security Incident · Information Security Plan · Information Security Policy · Information Security Program · Information Security Risk Assessment · information signature · Information Sniffing · Information System · Information Systems · Information Systems Security · Information Systems Security Engineering · Information Systems Security Equipment Modification · Information Systems Security Manager · Information Systems Security Officer · Information Systems Security Product · Information Technology (IT) · Information Technology Information Sharing and Analysis Center · Information User · Information Warfare · Informed · Infosec: Information security · Infowar · InfraGard · Infranet Initiative · Ingress Filtering · Inherent Risk · Inheritance (objects) · Initial Program Load (IPL) · initialization vector · Initialization Vector (IV) Collisions · Initialize · Input · Input Controls · Input Validation Attacks · Insider attack · insider threat · Inspectable Space · Instant Messaging · instant messaging · instant spam · integer overflow · integrated access management (IAM) · integrated circuit for encryption/decryption integrated circuit for encryption/decryption · Integrated Services Digital Network (ISDN) · Integrated Test Facilities (ITF) · integrated threat management · integrity · Integrity Check Value · integrity check value · Integrity Checker · Integrity Star Property · Intelligent Network · Intelligent Network Application Part · intelligent video · Intercept Related Information · Interconnection Security Agreement · Interface · Interface Control Document · Interface Testing · Interim Approval To Operate · Interim Approval To Test · Internal Control · Internal Control Environment · Internal Control Over Financial Reporting · Internal Control Structure · Internal Penetrators · Internal Rate of Return (IRR) · Internal Security Controls · Internal Storage · International Data Encryption Algorithm · International Mobile Equipment Identifier · International Mobile Subscriber Identity · International Organization for Standardization ISO · Internet · Internet Banking · Internet Control Message Protocol (ICMP) · Internet Engineering Task Force (IETF) · Internet Inter ORB Protocol (IIOP) · Internet Key Exchange · Internet Packet (IP) Spoofing · Internet Protocol · Internet Protocol (IP) · Internet Protocol Security · Internet Protocol Security (IPSec) · Internet Security and Acceleration (ISA) Server · Internet Security and Acceleration Server · Internet Service Provider (ISP) · Internet Service Provider ISP · Internet Trail · Internet worm · Internetwork Private Line Interface · Interruption Window · Intervention · Intranet · intruder · intrusion · intrusion detection · intrusion detection system · Intrusion Detection System (IDS) · Intrusion Detection System IDS · intrusion prevention · Intrusive Monitoring · inverse mapping · IP Address · IP address forgery · IP address restriction · IP address spoofing · IP address JavaScript · IP address based authentication · IP camera · IP Flood · IP Forwarding · IP Fragmentation Attack · IP fragmentation attack · IP Sequence Prediction Attack · IP spoofing · IP surveillance · IP tables · IP: Internet Protocol · Iplog · IPS · IPS (Intrusion Prevention Systems) · IPS: Intrusion Prevension System · IPsec · IPSec filter · IPSec policy · IPsec VPN · IPsec: Internet Protocol Security · IPSO: IP Security Option · iptables · IPX Spoofing · IRC (Internet Relay Chat) · Iron Box · Irregularities · Irregularity · ISA Server · ISA Server: Internet Security and Acceleration Server · ISACA: Information Systems Audit and Control Association · ISAKMP: Internet Security Association and Key Management Protocol · ISAPI: Internet Server Application Programming Interface · ISC2: International Information Systems Security Certification Consortium · ISDN · Island hopping · ISO 17799 · ISO 27001 · ISO 9001:2000 · ISO/AISO · ISO/IEC 17799 · ISP (Internet Service Provider) · ISSA: Information Systems Security Association · ISSEP: Information Systems Security Engineering Professional · ISSMP: Information Systems Security Management Professional · Issue specific Policy · IT Architecture · IT Governance · IT Governance Framework · IT Governance Institute (ITGI) · IT Incident · IT Infrastructure · IT Investment Dashboard · IT Plan · IT Security · IT Security Policy · IT Steering Committee · IT Strategic Plan · IT Strategy · IT Strategy Committee · IT Systems · IT Tactical Plan · IT User · IT ISAC · IT ISAC: Information Technology Information Sharing and Analysis Center · ITIL · Itrace: ICMP Traceback · ITSEC: Information Technology Security Evaluation Criteria · IV · IV: Initialization Vector . · IWA: Integrated Windows Authentication · "

    J Jabber · Java · Java Beans · Java Stripping · JavaScript · JavaScript hijacking · JFK: Just Fast Keying · Jitter · Job (IT Operations) · Job Control Language (JCL) · Joe job · Joe Job · John the Ripper · Joke program · Jolt2 · JOOTT · Journal Entry · Judgment Sampling · Jump Bag · Junk e mail · JVM: Java Virtual Machine · "

    K KBR: Key Based Routing · KCA: Key certification authority · KDC: Key Distribution Center · KDF: Key Derivation Function · KEK: Key encrypting key · Kensington security slot · Kerberos · Kerberos policy · Kernel · key · Key BLOB · Key BLOB format · key chain · Key container · Key database · Key Disk · Key Distribution · Key Distribution Center · Key Escrow · Key Establishment algorithm · Key exchange · Key exchange algorithm · Key Exchange Protocol · Key File · key fob · Key generation functions · Key Goal Indicators (KGIs) · Key length · Key List · key logger · Key Management · Key Management Infrastructure · Key Management Practices · Key Pair · Key performance indicators (KPIs) · Key Production Key · Key Recovery · Key Retrieval · Key ring · Key rollover · Key search attack · Key Stream · key string · Key Tag · Key Tape · Key Updating · Key Auto Key · Key Encryption Key · key value pair · Keyed Hash · Keyed hash message authentication code · Keygen: Key Generator · Keying Material · keylogger · keylogging software · Keyspace · keystroke dynamics · keystroke logger · Keystroke logger · Kilgetty · Kilobyte · KISS · Klaxon · Klez Virus · Knark · Knowledge Portal · knowledge based authentication (KBA) · Known plaintext attack · KRI: Key Recovery Information · Kriz virus · KryptoKnight · KSA: Key Scheduling Algorithm · "

    L L0phtcrack · L2F: Layer 2 Forward Protocol · L2TP: Layer 2 Tunneling Protocol · Label · Labeled Security Protections · Laboratory Attack · lamb · Land Attack · LANMAN: LAN Manager authentication · Laptop · Latency · Lattice Techniques · Law Enforcement Agency · Lawful Interception · Layered Defense · Layered Security · LCD · LDAP · LDAP: Lightweight Directory Access Protocol · Leadership · LEAP (Lightweight Extensible Authentication Protocol) · LEAP: Lightweight Extensible Authentication Protocol · Leapfrog Attack · Learn IT: Instant messaging in the Workplace · Learning Guide: Spyware · Leased Lines · Least Privilege · LED · Legacy System · Legacy Tech · Legal Discovery · Legion · Letterbomb · Level of Concern · Level of Protection · Lexical Analysis · LFM: Log file monitor · Librarian · Library · Licensing Agreement · Life Cycle · lifestyle polygraph · Limit Check · Limited Maintenance · Line Conditioning · Line Conduction · Linear Feedback Shift Register · Linear Predictive Coding · Link Editor (Linkage Editor) · link encryption · Link by link Encryption · Link virus · Linsniff · List Based Access Control · List Oriented · Listening port · Listwashing · Literals · Live / Production · live capture · LKM: Loadable Kernel Modules · LM authentication · Load / Systems Loading · Local Area Network · Local Area Network (LAN) · Local Authority · Local exploit · Local Management Device/Key Processor · Local security policy · Location Area · Location Area Identity · location poisoning · Lock And Key Protection System · Lock and key · Locking · Lockout · Log · Log analysis software · Log cleaning · Log Clipping · Log file · Logging · logic bomb · Logical Access · Logical Access Controls · Logical Completeness Measure · Logical Security · Loginlog · Logoff · Logon · Logon identifier · Logon session · Logon SID · Logs · Loki · long ICMP · Long Title · Loopback Address · LoveLetter · Low Probability of Detection · Low Probability of Intercept · LRA: Local registration authority · LSA Secrets · LSA: Local Security Authority · Lsadump2 · Lsof: Listing open files · LT: LaGrande Technology · Lucifer Algorithm · Luhn Check Digit Algorithm · LUHN Formula · LUID: Locally unique identifier · Lunchtime Attack · Luring attack · Luser · "

    M MAC Address · MAC Address Spoofing · MAC duplication · MAC key · MAC spoofing · MAC: Mandatory Access Control · MAC: Message Authentication Code · Machine Language · Macro · Macro Virus · Mafia Boy · Magic Smoke · Magnetic Card Reader · Magnetic Ink Character Recognition (MICR) · Magnetic Remanence · Mail Bomb · Mail drop · Mail Relay Server · Mail relaying · Mainframe · Maintenance Hook · Maintenance Key · Maintenance pack · Malformed packet attack · Malformed URL attack · Malicious Applets · Malicious code · Malicious Logic · Malicious program · Malicious software · malvertizement · malware · Malware related programs · man in the middle · man in the middle attack · Man in the Middle Attack · Man Machine Language · managed file transfer (MFT) · managed security service provider · Management Controls · Management Information System (MIS) · Mandatory Access Control · Mandatory Access Control (MAC) · Mandatory Modification · Mangled Packet · Manhole · Manipulative Communications Deception · Manual Cryptosystem · Manual Journal Entry · Manual Remote Rekeying · Mapping · Masking · masquerade · Masquerade Attack · Masqueraders · Masquerading · Mass mailer · Massachusetts data protection law · Massaging Data · Master Crypto Ignition Key · Master File · Master key · Materiality · Maturity · Maturity Model · Maximum Tolerable Outages (MTO) · MBR (Master Boot Record) · MBSA: Microsoft Baseline Security Analyzer · MD2 · MD2: Message Digest Algorithm 2 · MD4 · MD4: Message Digest Algorithm 4 · MD5 · MD5: Message Digest Algorithm 5 · MD: Message digest · MDC: Modification Detection Code · Measure · Media · media · Media Access Control (MAC) · Media Oxidation · Megabyte · Melissa virus · Memorandum of Understanding · Memory · Memory Dump · Memory Scavenging · message authentication code · Message Center · Message Digest · Message Externals · Message Indicator · message integrity code · Message Switching · Message Transfer Part · Metasploit · Methodology · Metric · MICR · MICR: Magnetic Ink Character Recognition · MicroFiche · micropayment · Microsoft Antigen · Microsoft Management Console · Microsoft Point to Point Encryption · Microsoft Security Notification Service · Microsoft Security Toolkit · Microsoft Security Update · Microsoft System Center Mobile Device Manager (MSCMDM) · Microsoft Windows AntiSpyware · Microwave Transmission · Middleware · Migration · Milestone · Mimicking · minutiae · Mirrored Site · Mirroring · Mission Critical · Mission Critical Application · Misuse Detection · MITM: Man in the Middle Attack · MMC: Microsoft Management Console · Mobile Application Part · Mobile Code · Mobile Computing · Mobile Execution Environment · Mobile Multimedia Services · Mobile Network Code · mobile phone spam · Mobile Service Node · Mobile Services Switching Center · Mobile Site · Mobile Station · Mobile Station Equipment · Mobile Station Roaming Number · Mobile Subscriber Identity Number · Mobile Subscriber ISDN · Mockingbird · Mode of Operation · Modeling · Modem · Modem (Modulator Demodulator) · Modes of Attack · modification detection code · Modulation · Modulus 10 · MOE: Measures of Effectiveness · Monetary Unit Sampling · Monitoring Policy · Monoculture · Moore's Law · Morph · Morris Worm · MOSS: MIME Object Security Services · Mouse Potato · Mousetrapping · MPLS VPN · MPLS: Multiprotocol Label Switching · MPPE · MPPE: Microsoft Point to Point Encryption · MPSA: Microsoft Personal Security Analyzer · MS CHAP: Microsoft Challenge Handshake Authentication Protocol · MS DOS · MSN Messenger · MSRC: Microsoft Security Response Center · MSSP · MSSP: Managed Security Service Provider · Mstream · Multi Factor Authentication · Multi Homed · multi part virus · Multi Part Virus or Multipartite Virus · Multi Security Level · Multi tasking · Multicast · multifactor authentication (MFA) · Multilevel Device · Multilevel Mode · Multilevel Security · multipartite virus · Multipartite Network · Multiple Key Pairs · Multiplexor · Multizone Network · Munging · Murphy's Law · mutual authentication · Mutual SSL · Mutual Suspicion · Mutual Takeover · Mytob · "

    N NAPT: Network Address Port Translation · NAT: Network Address Translation · National Communications System · National Computer Security Center · national ID card · national identity card · National Information Assurance Partnership · National Information Infrastructure · National Institute of Standards and Technology · National Security Information · National Security System · National Strategy to Secure Cyberspace · Native Format · Natural Disaster · NBA · NBAD · NBAR (Network Based Application Recognition) · Nbtscan · Nbtstat · NCSC · NCSC: National Computer Security Center · NDR spam · Near Field Communication · Need To Know Determination · Need To Know · Nemesis · NEOSSat (Near Earth Object Surveillance Satellite) · Nerds · Nessus · net filter · Net Present Value (NPV) · Net Return · Net Centric Technologies · Netbus · Netcat · Netcat · netfilter · netfilter/iptables netfilter/iptables · Netmask · Netstat · NetStumbler · Netwar · Netware · Network · Network Administrator · Network and Switching Subsystem · Network Attached Storage (NAS) · network behavior analysis · network behavior anomaly detection · Network check · network encryption · Network Firewall · network forensics · Network Front End · Network Hardening · Network Hop · Network Interface Card (NIC) · Network Layer Firewall · Network Mapping · network perimeter · Network Reference Monitor · network scanning · Network Security · Network Security Hotfix Checker · Network Security Officer · Network Sniffing · Network Sponsor · Network System · Network Taps · Network Weaving · Network worm · Network Based IDS · Network based security · News Group · Newsgroup · Newtear · Next Generation Secure Computing Base · NFAT · NFC · NFC: Near Field Communication · NFIC: National Fraud Information Center S · NFS and NIS Attacks · NFS Attack · Ngrep · NGSCB · NIACAP: National Information Assuranc Certification and Accreditation Process · NIAP: National Information Assurance Partnership · NIDS: Network based intrusion detection system · NIETP: National INFOSEC Education & Training Program · Nimda · NIPC: National Infrastructure Protection Center · NIS Attack · NIST 800 Series · NIST: National Institute of Standards and Technolog · NMAP: Network Mapper · No Lone Zone · NO2ID · Node · Node Spoofing · Noise · Non Disclosure Agreement NDA · non repudiation · Non Repudiation Service · nonce · Nondisclosure Agreement (NDA) · Nonintrusive Monitoring · Nonrepudiable Transactions · nonrepudiation · Normalization · Notwork · Npasswd · NSA: National Security Agency · NSAKEY · Nslookup · NTBugtraq · NTFS (New Technology File System) · NTLM: NT LAN Manager · Ntrights · Nuke Attack or Nuking · nuking · Null · NULL Encryption Algorithm · Null Session · Null session attack · Numeric Check · Nym server: pseudonym server · "

    O O'Toole's Corollary · OAKLEY Key Determination Protocol · OATH: Open Authentication · Obfuscation · Object · Object code · Object Management Group (OMG) · Object Orientation · Object Reuse · Object Oriented System Development · Objectivity · Obscurity · OCSP · OCSP: Online Certificate Status Protocol · OCTAVE · OFB · OFB: Output Feedback · Off Line Cryptosystem · Official Information · Offline Files · Offsite Storage · On Line Cryptosystem · onboarding and offboarding · One Part Code · One Time Cryptosystem · one time pad · One Time Tape · One way authentication · One Way Encryption · One way encryption algorithm · One Way Function · One Way Hash · Onion Routing · online backup · Online Certificate Security Protocol · Online Customer Privacy · Online Data Processing · Online Personal Privacy Protection Act · Onward transfer · open id · Open relay · Open Source Hardening Project · Open Source Security Testing Methodology · Open source software · Open Storage · Open system · Open System Authentication (OSA) · Open Systems · OpenBSD · OpenHack · OpenID · OpenPGP · OpenSSH: Open Secure Shell · OpenSSL · OpenVPN · Operating system · operating system · Operating System Audit Trails · Operating System Hardening · Operation and Support System · Operation Controls · Operational Audit · Operational Control · operational costs · Operational Key · Operational Level Agreement (OLA) · Operational Vulnerability · Operational Waiver · Operations and Maintenance Center · Operations Code · Operations Security · Operator Console · Opt In · Opt Out · Opt in · Opt out · Optical Character Recognition · Optical Scanner · Optional Modification · Orange Book · Organization · Organization for Economic Cooperation and Developm · Organizational Maintenance · Organizational Registration · OS Hardening · OTP: One Time Password · Out of band management · Outcome · Outcome Measures · Output · Output Analyzer · output feedback · OutSourcing · Outsourcing · Over The Air · Over The Air Key Distribution · Over The Air Key Transfer · Over The Air Rekeying · Overhead · Overlapping Fragment Attack · Overload · Overt channel · Overwrite Procedure · Overwriting media · Overwriting virus · ownership tag · "

    P P and NP · P equals NP · P versus NP · P2P · P3P: Platform for Privacy Preferences Project · PABX / PBX · Package Software · Packed file · Packers · Packet · packet · Packet Data Protocol · Packet Filtering · Packet Internet Groper (PING) · packet mangling · Packet modification · packet monkey · Packet replay · Packet Sniffing · Packet Switching · Padded Cell · Padding · PAE: Port Access Entity · Page jacking · Palladium · PAM: Pluggable authentication module · PAN truncation · PAP: Password Authentication Protocol · Paper Test · Parallel Processing · Parallel Running · Parallel Simulation · Parallel Testing · parameter tampering · Parity · Parity Check · Parking lot attack · Parkinson's Law of Data · Paros Proxy · Partition · Partition sector · Partitioned File · Partitioned Security Mode · partner portal · pass phrase · Pass Phrase or Passphrase · Passfilt.dll · Passive Assault · Passive attack · passive FTP · Passive Response · passphrase · password · password · Password Aging · Password Attack · password chaos · password cracker · password cracking · Password grinding · password hardening · Password hash · Password Management Package · Password policy · Password recovery · Password shadowing · Password Sniffing · password synchronization · Password Based Crystography Standard · Password stealing Trojans · Passwords Choosing · Passwords Use and Best Practice · Passwords: Do you speak geek? · PASV FTP · PASV FTP: Passive FTP · Patch · patch · Patch Management · Patching · Path · Path Discovery · Path Validation · Payback Period · Payload · Payment System · Payroll System · PBE: Password based encryption · PBX · PCBC: Plaintext cipher block chaining · PCI DSS · PCI DSS (Payment Card Industry Data Security Standard ) · PCI CISP · PCT: Private Communication Technology · PDA (Personal Digital Assistant) · PE EXE files · PEAP (Protected Extensible Authentication Protocol) · PEAP: Protected Extensible Authentication Protocol · Peer · Peer Review · Peer to peer · PEM: Privacy Enhanced Mail · Penet remailer · Penetration · penetration testing · Per Call Key · Percussive Maintenance · Performance · Performance Drivers · Performance Indicators · Performance Management · performance testing · perimeter · Perimeter network · Periods Processing · Peripheral Device · Peripherals · Perl: Practical Extraction and Reporting Language · Permissions · Permutation · Permuter · Personal Communications Service · Personal data · Personal Data Privacy · Personal Digital Assistant (PDA) · personal firewall · Personal Firewalls · personal health record (PHR) · Personal Identification Number (PIN) · Personal information · personally identifiable financial information · Pervasive IS Controls · PFS: Perfect Forward Secrecy or Public Key Forward Secrecy · PGP · PGP: Pretty Good Privacy · pharming · Phase of BCP · phish · phisher · phishing · Phishing season (quiz) · phlashing · Phrack · phreak · Phreakers · phreaking · Phreaking · physical security · PIC: Pre IKE Credential Provisioning Protocol · Pi