Glossary of terms
ActiveX
A Microsoft open technology for Windows-based applications. ActiveX is not a programming language; it's a set of rules for how applications share information, often over the Internet. For example, many programs and services available on the Internet use ActiveX technology to download to your computer. See also
ActiveX control.
ActiveX_control
A specific implementation of
ActiveX technology. For security,
Microsoft developed a registration system so that your Web browser can identify and
authenticate ActiveX controls before downloading them.
ADSL
Acronym for
Assymetric
Digital
Subscriber
Line. See
DSL.
adware
Advertising that is integrated into software. Adware is often combined with
a host application that is provided at no charge as long as the user agrees
to accept the adware.
antivirus_software
A computer program designed to detect and respond to malicious software,
such as
viruses and
worms.
An antivirus program may respond by blocking access to infected files, cleaning
infected files or systems, or informing the user that it has detected an infected program or file.
attack
A deliberate attempt to compromise the security of a computer system or
deprive others of the use of the system.
authentication
On local computer networks as well as the Internet, authentication is the process by which the system checks a user's logon information.
The user name and password are compared against an authorized list, and if the system detects a match, it grants the level of access specified
in the permission list for that user. Compare with
authorization.
authorization
On local computer networks as well as the Internet, authorization is the right granted to an individual to use the system and the data stored on it.
Typically, a system administrator sets up authorization so that the computer or network can verify ("
authenticate") user
credentials (such as a code number or password) when the user logs on to the network or signs in to a Web site. Authorization is sometimes called
"access privileges" or "permission." Compare with
authentication.
back_door
A hardware or software-based hidden entrance to a computer system that can be used to bypass the system's security policies.
broadband
Communications systems in which the medium of transmission (such as wire or fiber-optic cable) can carry multiple messages at a time. Each message is
modulated on its own carrier frequency to keep it distinct from other message packets. Broadband Internet connections are the fastest currently available to home
users. A broadband connection allows the user to download large data files more quickly, or to play video and music files over the Internet or a local network.
buffer
A region of computer memory in which data is temporarily stored before it is transferred between two locations or devices. For example, video or music files,
which contain large amounts of data, are often downloaded into a buffer before your media program plays the file. This avoids gaps or interruptions in the flow of
the video or music file when it plays.
buffer_overrun
A condition that results from adding more information to a buffer than it was designed to hold. An attacker may exploit this vulnerability to take over a system.
cable_modem
A modem that sends and receives data through a coaxial cable television network,
instead of through telephone lines as a conventional modem does. Cable modems, which generally
transmit data faster than current conventional phone modems, are a type of
broadband connection.
COPPA
A U.S. law that took effect on April 21, 2000, and requires parental consent for certain Web sites to knowingly collect
personally identifiable information on children under the age of 13.
Learn more about COPPA.
compression
See
data compression.
content_advisor
A tool in Microsoft Internet Explorer that lets you control which sites
users on your computer can visit. This is particularly helpful for parents
who want to control the content their children view on the Web.
cookie
A small data file that is stored on a user's local computer for
record-keeping purposes and which contains information about the user that
is pertinent to a Web site, such as user preferences.
critical_update
A broadly released fix for a specific problem addressing a critical bug.
data_compression
A means of reducing the amount of space or bandwidth needed to store or transmit a block of data. Data compression is used in data communications, facsimile transmission, file storage and transfer, and CD-ROM publishing.
defrag
"Defrag" is slang for defragment, which is to rearrange data on a hard disk so that whole files are stored in contiguous sectors and the drive heads do not have to travel to scattered locations on the disk in order to read or write portions of a particular file. Defragmentation increases the speed of data access and retrieval.
denial_of_service_attack
A malicious attempt to prevent legitimate users from accessing a resource
(usually an Internet service) by exploiting a weakness or design limitation
in an information system. The command program for DoS attacks may be distributed through
a virus or other means. A DoS attack may flood network connections
with fake communications (such as phony e-mails and sign-in attempts), fill disk
storage, disable network ports, or remove power.
digital_certificate
1. An assurance that software downloaded from the Internet comes from a reputable source. A digital certificate provides
information about the software, such as the identity of the author and the date on which the software was registered.
2. An online identity card or "driver's license" that functions as a user's electronic credentials. Digital certificates
may be used both on the Internet and on intranets such as corporate or home networks. Digital certificates ensure the legitimate online transfer of confidential
information, money, or other sensitive materials by means of encryption technology. Compare with
digital signature.
digital_signature
Data that binds a sender's identity to the information being sent. A digital
signature may be bundled with any message, file, or other digitally encoded
information, or transmitted separately. Digital signatures are used in
public key environments and provide
nonrepudiation and integrity services. Compare with
digital certificate.
disk_cleanup
A utility in later Windows operating systems that frees space on your hard disk by cleaning out
temporary files, emptying the Recycle Bin, and removing optional, unused Windows components. Disk Cleanup can also remove unused programs and delete temporary Internet files and
ActiveX controls.
driver
A hardware device or a program that controls or regulates another device. A line driver, for example, boosts signals transmitted over a communications line. A software driver is a control program that specifically enables a computer to work with a particular device, such as a printer or a disk drive. Because the driver handles device-specific features, your operating system is freed from the burden of having to understand--and support--the needs of individual hardware devices.
DSL
Acronym for
Digital
Subscriber
Line, a recently developed (late 1990s) digital communications technology
that can provide high-speed transmissions over standard copper telephone wiring. Currently, ADSL (Asymmetric DSL) is the form
of DSL most often provided by telephone companies. DSL is a type of
broadband Internet connection.
e_mail_bomb
A
denial of service attack in which
an excessive amount of e-mail data is sent to an e-mail address in an
attempt to disrupt the e-mail service, or to prevent the recipient from
receiving legitimate messages.
encryption
The process of encoding (scrambling) electronic information in such a way that it is unreadable
to all but those individuals possessing the
key to the code.
Encrypted information is known as
cipher text.
encryption_key
A sequence of data (or key) that is used to encrypt other data. The same encryption key must be used to decrypt
or unlock the data. See
encryption.
firewall
A security solution which segregates one portion of a network from another
portion, allowing only authorized network traffic to pass through according
to traffic filtering rules.
FTP
Acronym for
File
Transfer
Protocol, a fast, application-level protocol widely used for copying files to and from remote computer systems. This protocol also allows you to use special commands to work with files directly on the remote system.
full_file_replacement
A technology used in
hotfixes that replaces the
currently installed files with new files. Compare
patching.
globally_unique_identifier
A 16-byte value generated from the unique identifier on a device, the
current date and time, and a sequence number. A GUID is used to identify a
particular device, component, user, or session.
high_priority_update
A classification used by
Microsoft Update
to recommend Microsoft software
updates and drivers that help protect against the latest publicly known
security threats and reliability issues. All software updates and drivers
that can be installed by turning on Automatic Updates on your computer are
classified as high priority. These can also be installed by visiting the
Microsoft Update Web site.
hotfix
A single cumulative package composed of one or more files used to address a
problem in a product. Hotfixes address a specific customer situation and may
not be distributed outside the customer organization. The terms
QFE, patch, and
update have been used in the past
as synonyms for hotfix.
HTTP
Acronym for
Hyper
text
Transfer
Protocol, which carries requests from a browser to a Web server and transfers pages back to the requesting browser. Although HTTP is used almost universally on the World Wide Web, it is not an especially secure protocol. HTTPS (the "S" stands for Secure) allows for secure transmission of information.
internet_content_rating_association
An international nonprofit group that has developed a content advisory
service for the Internet. ICRA's aim is to protect children from potentially
harmful material on the Internet.
IP_address
Short for Internet Protocol address, a number that uniquely identifies a host (computer) connected to the Internet for other Internet hosts to facilitate communication. An IP address is a 32-bit (4-byte) binary number expressed in "dotted quad" format, which means that the decimal values of the 4 bytes are separated with periods; for example, 127.0.0.1. The first one, two, or three numbers of the IP address identify the network the host computer is connected to; the remaining number or numbers identify the host computer itself.
IRC
Acronym for
Internet
Relay
Chat, a service that enables Internet users to chat online in real time.
An IRC server opens and maintains an IRC channel which transmits text typed by each user who has joined the channel to all
other users who have joined the channel. Invented in 1988, IRC has largely been replaced as a chat tool by instant
messaging services such as
Windows Live Messenger. However, authors of
malicious software
sometimes use IRC services to infect machines or execute
DoS attacks.
Java
A programming language developed by Sun Microsystems, Inc. Java was designed to be secure and platform-neutral (meaning that it can run
on any type of computer), which makes it a useful language for programming Web applications because users
access the Web from many types of computers. Java is popular for programming small applications, or applets, for the World Wide Web.
See also
Java applet.
Java_applet
A small
Java application that is run by a Web browser. Java applets are frequently used to add multimedia effects and interactivity to Web pages,
such as background music, real-time video displays, animations, calculators, and interactive games. Some applets are activated automatically
when you view a Web page, while others may require you to take some action, such as clicking an icon in the Web page. See
Java.
mail_relaying
A practice in which an attacker sends e-mail messages from another system's
e-mail server in order to use its resources or make it appear that the
messages originated from the other system.
malicious_code
Software that fulfills the deliberately harmful intent of an attacker when
run. For example,
viruses,
worms,
and
Trojan horses are malicious code.
malware
Short for "malicious software", malware refers to viruses, worms, Trojan horses, and other programs written by hackers to infect computers,
steal personal information, destroy files, launch
denial of service attacks,
and so on. See
malicious code.
memory
A device where information can be stored and retrieved. In the most general sense, memory can refer to external storage such as disk drives or tape drives; in common usage, it refers only to a computer’s main memory, the random access memoary (RAM) directly connected to the computer's processor.
microsoft_net_passport
The Passport Network is a Web-based service designed to make signing in to Web sites fast and easy. It enables participating Web sites to
authenticate a user with a single set of sign-in credentials (e-mail address and password), thereby alleviating the need for users to
remember numerous
passwords and user names.
microsoft_security_bulletin
A document that describes a specific security issue in Microsoft software
and directs the reader to a downloadable file that resolves the issue.
MS_update
1. A Microsoft Web site providing updates for core Windows components and Microsoft Office.
2. An application
in Windows that enables a user to download files from the Internet that are
necessary to keep a computer up to date.
microsoft_virus_alert
An announcement from Microsoft that describes a specific
virus, the
impact of potential attacks on Microsoft software, and suggestions for
preventing or recovering from such attacks.
network
A group of computers connected by communication technology. A computer network can have permanent physical connections, such as the cables between the computers in a building. A computer may also join a remotely located network through a temporary connection made through a telephone,
cable modem, or wireless communication link. A network can be as small as a LAN (local area network) consisting of a few computers, printers, and other devices. Larger networks can consist of many small and large computers distributed over a vast geographic area (known as a WAN, or wide area network). The Internet is a worldwide collection of computer networks.
opt_in
To explicitly consent to participate. Typically used in marketing programs
and offerings, whereby an action (such as the use of personal information
beyond the original, primary purpose for which it was collected) is not
undertaken unless an individual explicitly consents.
opt_out
To explicitly decline to participate. Typically used in marketing programs
and offerings, whereby an action (such as the use of personal information
beyond the original, primary purpose for which it was collected) is
undertaken unless an individual explicitly declines.
password
A string of characters entered by a user to verify his or her identity to a
network or to a local computer. See also
strong
password and
weak password.
patch
See
security update.
patching
A method of updating a file that replaces only the parts being changed,
rather than the entire file. Compare
full
file replacement.
permissions
Authorization to perform operations associated with a specific shared
resource, such as a file, directory, or printer. Permissions must be granted
by the system administrator to individual user accounts or administrative
groups.
personal_data
See
personally identifiable
information.
Any information relating to an identified or identifiable individual. Such
information may include name, country, street address, e-mail address,
credit card number, Social Security number, government ID number, IP
address, or any unique identifier that is associated with PII in another
system. Also known as personal information or personal data.
phisher
A malicious user or Web site that deceives
people into revealing personal information, such as account passwords and
credit card numbers. A phisher typically uses deceptive e-mail messages or
online advertisements as bait to lure unsuspecting users to fraudulent Web
sites, where the users are then tricked into providing personal information.
phishing
Phishing (pronounced "fishing") is a method of identity theft and one of the fastest growing threats on the Internet.
Phishers use phony Web sites or deceptive e-mail messages that mimic legitimate businesses and brands in order to steal
personally identifiable information such as usernames, passwords, credit card numbers, and Social Security numbers.
pii
See
personally identifiable
information.
pop_up_blocker
Software or application that disables any pop-up (or pop-over or pop-under) advertisement window
that you would normally get while browsing the Web. Many current Web browsers, including Internet Explorer,
come with automatic pop-up blocking features. Some pop-up blockers may try to close all pop-up windows,
while others offer the user the option to decide which pop-ups to allow. Because some legitimate Web applications
use pop-up windows, there will be times when you'll need to disable your pop-blocker, or configure it to always allow pop-ups
for the specific Web page or site.
port
A physical or virtual interface through which data is transferred between computers, other devices (such as printer, mouse, keyboard, or monitor), and networks (including the Internet). To your computer, a port appears as one or more memory addresses that it can use to send or receive data. A port can be a physical connection, such as a serial data port, a keyboard port, or a high-speed network port; these all use different connectors, so it's not possible to plug a cable into the wrong port. A port may also be virtual, such as the network ports
FTP,
HTTP,
Telnet, or
SMTP. These exist as addresses your computer recognizes for transferring and receiving data over the Internet.
privacy
The control customers have over the collection, use, and distribution of
their personal information.
privacy_compromise
A scenario in which an unauthorized individual is able to gain access to
personal or confidential information about another user.
privacy_policy
An organization's requirements for complying with
privacy
regulations and directives. The policy is expressed in a
privacy statement.
privacy_statement
A document describing a company's position on
privacy,
detailing what information its Web site collects, with whom the data is
shared, and how users can control the use of their personal data.
ransomware
A form of Internet extortion in which
malicious software
encrypts
the files on a computer so that the user cannot access them. The infection then leaves
a "ransom note" message file instructing the user to send payment to the hacker
in order to get the
encryption keys to unlock the files.
registry
A central hierarchical database used in Windows 95 and later operating systems to store information necessary to configure the system for one or more users, applications, and hardware devices. The registry contains information that Windows continually references during operation, such as your user profile, the applications installed on the computer and the types of documents each can create, property sheet settings for folders and application icons, what hardware exists on the system, and which
ports are being used.
remote_attack
An attack that targets a computer other than the one that the attacker is
interactively logged on to. For example, an attacker can log on to a
workstation and attack a server on the same network or on an entirely
different one.
sector
A portion of the data storage area on a hard disk. A disk is divided into sides (top and bottom), tracks (rings on each surface), and sectors (sections of each ring). Sectors are the smallest physical storage units on a disk. Sectors are fixed in size; typically, they're capable of holding 512 bytes of information apiece.
security_update
A broadly released fix for a product-specific, security-related
vulnerability. Security vulnerabilities are rated based on their
severity, which is indicated in the Microsoft security bulletin as
critical,
important,
moderate, or
low.
security_vulnerability
A
vulnerability in software that is addressed
by a Microsoft
security update and security
bulletin or a
service pack.
service_pack
A tested, cumulative set of all the
hotfixes,
security updates,
critical updates, and
updates created to fix defects in a piece of software found internally since the release
of the software. Service packs may also contain a limited number of
customer-requested design changes or features. For example,
Windows XP Service Pack 2 (SP2)
includes important security updates for the Windows XP operating system.
service_release
See
service pack.
signed_program
A program with a
digital certificate.
SMTP
Acronym for
Simple
Mail
Transfer
Protocol, which sends messages from one computer to another on a network. This protocol is used on the Internet to route e-mail.
software_update
Any
update, update rollup,
service pack, feature pack,
critical update,
security update, or
hotfix used to improve or fix
software released by Microsoft.
spam
Unsolicited commercial e-mail. Also known as junk e-mail.
spoof
To make a transmission appear to come from a user other than the user who
performed the action. For example, in e-mail spoofing, the spoofer forges the header of an e-mail message in order to make the message appear to come from a reliable sender.
spyware
General term for software that performs behaviors such as advertising, collecting
personal information, or changing the configuration of your computer, usually without obtaining consent. This does not mean all software that provides ads (
adware) or tracks your online activities is bad; you might sign up for an otherwise free service where you agree to "pay" for the service by receiving targeted ads. The key differentiator is whether or not you (or someone who uses your computer) understand what the software will do and have agreed to install the software on your computer.
strong_password
A
password that provides an effective defense
against unauthorized access to a resource. A strong password is at least six
characters long, does not contain all or part of the user's account name,
and contains at least three of the four following categories of characters:
uppercase letters, lowercase letters, base 10 digits, and symbols found on
the keyboard, such as !, @, and #.
sysadmin
The person responsible for administering the accounts and connections on a multiuser computer, a
network, a communications system, or all of these. A system administrator can assign user accounts and passwords, establish security access levels, allocate storage space, and watch for unauthorized access to prevent
virus or
Trojan horse programs from entering the system. The term system administrator is often shortened to "sysadmin."
Telnet
A protocol that lets you log on to and enter commands on a remote computer through the Internet, as if you were using a text-based terminal attached directly to that computer.
temp_file
A computer file created either in memory or on disk, by the operating system or some other program, to be used during a session and then discarded. Also called a "temp file" or "scratch file."
trojan_horse
A program that appears to be useful or harmless but that contains hidden
code designed to exploit or damage the system on which it is run. Trojan
horse programs are most commonly delivered to users through e-mail messages
that misrepresent the program's purpose and function. Also called
Trojan
code.
truste
An organization offering an online privacy seal program that certifies
eligible Web sites and holds Web sites to a baseline
privacy standard. This key privacy watchdog organization plays an
important enforcement role in the dispute and resolution of privacy issues.
update
A broadly released fix for a specific problem addressing a noncritical,
non-security-related bug. Compare with
service pack,
software update.
update2
To make a system or data file more current.
upgrade
A software package that replaces an installed version with a newer version
of the same software. The upgrade process typically leaves existing customer
data and preferences intact while replacing the existing software with the
newer version.
ugrade2
To change to a newer, usually more powerful or sophisticated version.
virus
Code written with the express intention of replicating itself. A virus
attempts to spread from computer to computer by attaching itself to a host
program. It may damage hardware, software, or data. Compare with
worm.
virus_definition
Also known as a
virus signature. A recognized pattern of unique computer code contained in a virus. Antivirus programs search for
these known patterns to identify infected programs and files. In the same way that new vaccines must be developed to combat different strains of flu,
antivirus software must be updated constantly with new virus definitions.
vulnerability
Any weakness, administrative process or act, or physical exposure that makes
a computer susceptible to exploit by a threat.
weak_password
A
password that does not provide an effective
defense against unauthorized access to a resource. A weak password might be
less than six characters long, contain all or part of a user's account name,
or contain fewer than three of the four following categories of characters:
uppercase letters, lowercase letters, base 10 digits, and symbols found on
the keyboard, such as !, @, and #.
worm
Self-propagating
malicious code that can
automatically distribute itself from one computer to another through network
connections. A worm can take harmful action, such as consuming network or
local system resources, possibly causing a
denial of service attack. Compare
virus.
