The Steadfast Group Glossary/FAQs Image of power tower
Link to Sitemap
Link to Home
Link to About Us
Link to Services & Solutions
Link to Training
Link to Events
Link to Industry Links
Link to Glossary/FAQs
Link to Contact Us

Red Team
A loyal group simulating adversarial attacks in an effort to identify vulnerabilities

Risk
Risk is the product of the level of threat and the level of vulnerability. It establishes the likelihood of a successful attack.

Risk Assessment
A Risk Assessment is the process by which risks are identified and the impact of those risks determined.



Script Kiddie
A hacker or cracker who uses malicious code written by others to damage a system. Usually novices, script kiddies often do not understand the complexities of the scripts they are using and can often be blind to the damage they can inflict.

Secure Channel
A communication channel that is not sensitive to certain types of threats. Depending on the situation, this might be safe from the threat of eavesdroppers and/or active adversaries (attempting impersonation, modification of transmitted data, etc).

Secure Sockets Layer (SSL)
A protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a public key to encrypt data that's transferred over the SSL connection.

Security Policy
A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.

Security through Obscurity
A hacker term for vendors' favorite way of coping with security holes -- namely, ignoring them; documenting neither any known holes nor the underlying security algorithms; or trusting that nobody will find out about them, and that people who did find about them won't exploit them. This "strategy" never works for long.

Social Engineering
A euphemism for non-technical or low-technology means - such as lies, impersonation, tricks, bribes, blackmail, and threats - used to attack information systems.

Spoofing
Impersonation, assumption of another entity's identity in a communication protocol for the purpose of gaining access to someone else's resources or distributing fake data. Examples might include faking an Internet address so that one looks like a certain kind of Internet user, or faking an enterprise's server to distribute false product pricing data).

Steganography
Methods of hiding the existence of a message or other data. This is different than cryptography, which hides the meaning of a message but does not hide the message itself. An example of a steganographic method is "invisible" ink.

Stream Cipher
A stream cipher works by encryption a message a single bit, byte, or computer word at a time.

Strong Password
A password that provides an effective defense against unauthorized access to a resource. A strong password is at least six characters long, does not contain all or part of the user's account name, and contains at least three of the four following categories of characters: uppercase letters, lowercase letters, base 10 digits, and symbols found on the keyboard, such as !, @, and #.

Back to Top

FAQs



Glossary

A to B

C to D

E to I

J to P

Q to S

T to Z

Home | About Us | Services & Solutions | Training
Events | Industry Links | Glossary/FAQs | Contact Us

Copyright © 2002-2009 The Steadfast Group. All rights reserved.