The Steadfast Group Glossary/FAQs Image of power tower
Link to Sitemap
Link to Home
Link to About Us
Link to Services & Solutions
Link to Training
Link to Glossary/FAQs
Link to Contact Us

CIPAG
The United States' President's Critical Infrastructure Protection Advisory Group

Cipher
A cryptographic algorithm for encryption and decryption.

Ciphertext
Ciphertext is the encrypted form of the message being sent.

Collision
Finding two messages that map to the same hash value is known as a collision.

Computer Emergency Response Team (CERT)
An organization that studies computer and network information security in order to provide incident response services to victims of attacks, publishes alerts concerning vulnerabilities and threats, and offers other information to help improve computer and network security.

Confidentiality
Confidentiality is the need to ensure that information is disclosed only to those who are authorized to view it.

Cookie
Data exchanged between an HTTP server and a browser (a client of the server) to store state information on the client side and retrieve it later for server use. An HTTP server, when sending data to a client, may send along a cookie, which the client retains after the HTTP connection closes. A server can use this mechanism to maintain persistent client-side state information for HTTP-based applications, retrieving the state information in later connections.

Cracker
One who breaks security on a system. Coined by hackers in defense against journalistic misuse of the term "hacker." The term "cracker" reflects a strong revulsion at the theft and vandalism perpetrated by cracking rings. There is far less overlap between hackerdom and crackerdom than most would suspect.

Cryptanalysis
The mathematical science that deals with analysis of a cryptographic system in order to gain knowledge needed to break or circumvent the protection that the system is designed to provide. In other words, convert the cipher text to plaintext without knowing the key.

Cryptographic Algorithm (see Hash)
An algorithm that employs the science of cryptography, including encryption algorithms, cryptographic hash algorithms, digital signature algorithms, and key agreement algorithms.

Cryptography
Cryptography garbles a message in such a way that anyone who intercepts the message cannot understand it.

Cryptology
The science that deals with hidden, disguised, or encrypted communications. It includes communications security and communications intelligence

Cyberspace
The global network of interconnected computers and communication systems.



Daemon
A program which is often started at the time a system boots and runs continuously without intervention from any of the users on the system. The daemon program forwards requests to other programs (or processes) as appropriate. The term daemon is a Unix term, though many other operating systems provide support for daemons. They're sometimes called other names. Windows, for example, refers to daemons as System Agents and services.

Denial of Service Attack (DoS)
A computerized assault launched by an attacker to overload or halt a network service, such as a Web server or a file server. For example, an attack may cause the server to become so busy attempting to respond that it ignores legitimate requests for connections.

Denial of Service
The prevention of authorized access to a system resource or the delaying of system operations and functions.

DES
Data Encryption Standard

Dictionary Attack
An attack that tries all of the phrases or words in a dictionary, in an effort to crack a password or a key. A dictionary attack uses a predefined list of words compared to a brute force attack that tries all possible combinations.

Diffie-Hellman
A key agreement algorithm published in 1976 by Whitfield Diffie and Martin Hellman. Diffie-Hellman does key establishment, not encryption. However, the key that it produces may be used for encryption, for further key management operations, or for any other cryptography.

Digital Certificate
A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority. It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.

Due Diligence
Due diligence is the requirement that organizations must develop and deploy a protection plan to prevent fraud, abuse, and additional deploy a means to detect them if they occur.

Dumpster Diving
Dumpster Diving is obtaining passwords and corporate directories by searching through discarded media.

Back to Top

FAQs



Glossary

A to B

C to D

E to I

J to P

Q to S

T to Z

Home | About Us | Services & Solutions | Training
Glossary/FAQs | Contact Us

Copyright © 2002-2010 The Steadfast Group. All rights reserved.