 |
Letter: P - passive attack
- Definition: An actual assault perpetrated by an intentional threat source that attempts to learn or make use of information from a system, but does not attempt to alter the system, its resources, its data, or its operations.
- password
- Definition: A string of characters (letters, numbers, and other symbols) used to authenticate an identity or to verify access authorization.
- pen test
- Definition: A colloquial term for penetration test or penetration testing.
- penetration
- Synonym(s): intrusion
- penetration testing
- Definition: An evaluation methodology whereby assessors search for vulnerabilities and attempt to circumvent the security features of a network and/or information system.
- personal identifying information / personally identifiable information
- Definition: The information that permits the identity of an individual to be directly or indirectly inferred.
- phishing
- Definition: A digital form of social engineering to deceive individuals into providing sensitive information.
- plaintext
- Definition: Unencrypted information.
- Related Term(s): ciphertext
- precursor
- Definition: An observable occurrence or sign that an attacker may be preparing to cause an incident.
- Related Term(s): indicator
- preparedness
- Definition: The activities to build, sustain, and improve readiness capabilities to prevent, protect against, respond to, and recover from natural or man made incidents.
- privacy
- Definition: The assurance that the confidentiality of, and access to, certain information about an entity is protected.
- Extended Definition: The ability of individuals to understand and exercise control over how information about themselves may be used by others.
- private key
- Definition: A cryptographic key that must be kept confidential and is used to enable the operation of an asymmetric (public key) cryptographic algorithm.
- Extended Definition: The secret part of an asymmetric key pair that is uniquely associated with an entity.
- Related Term(s): public key, asymmetric cryptography
- protect & defend
- Definition: A NICE Framework category consisting of specialty areas responsible for the identification, analysis, and mitigation of threats to internal IT systems or networks.
- From: NICE Framework
- public key
- Definition: A cryptographic key that may be widely published and is used to enable the operation of an asymmetric (public key) cryptographic algorithm.
- Extended Definition: The public part of an asymmetric key pair that is uniquely associated with an entity and that may be made public.
- Related Term(s): private key, asymmetric cryptography
- public key cryptography
- Definition: A branch of cryptography in which a cryptographic system or algorithms use two uniquely linked keys: a public key and a private key (a key pair).
- Synonym(s): asymmetric cryptography, public key encryption
- public key encryption
- Synonym(s): public key cryptography
- public key infrastructure
- Definition: A framework consisting of standards and services to enable secure, encrypted communication and authentication over potentially insecure networks such as the Internet.
- Extended Definition: A framework and services for generating, producing, distributing, controlling, accounting for, and revoking (destroying) public key certificates.
|
|
|
