The FREE Cybersecurity Glossary by Thor Pedersen!

Government Information Security Reform Act of 2000: A US federal law that mandates government agencies to establish comprehensive security programs for their information systems. It requires annual reviews and reports to ensure the effectiveness of information security policies and practices, enhancing accountability and security measures in federal agencies.

Graham-Denning Model: A formal framework used to define and analyze the protection of information in a computer system. It outlines a set of eight basic rights or rules (procedures) that can be defined for a system regarding the creation and deletion of objects and subjects, providing, transferring, and deleting access rights. The model focuses on the actions that subjects can execute over objects while taking into consideration the permissions and prohibitions applied to these actions, making it a fundamental model in the study of secure systems' architecture.

Gramm-Leach-Bliley (GLBA) Act: A law passed in the United States that requires financial institutions to protect their customers' personal information. It is used to ensure that financial institutions handle personal data responsibly and that customers' information is secure. Examples of GLBA compliance include implementing security policies and procedures, conducting security audits, and providing security training to employees.

Graphical User Interface (GUI): A type of user interface that uses visual elements, such as icons and menus, to interact with a computer or device. It is used to make computer systems more user-friendly and intuitive, especially for non-technical users. Examples include using a GUI to access and manage files on a computer or to navigate and control a smartphone or tablet.

Gray Box: Gray box testing is a hybrid approach to software testing that combines elements of both black box and white box testing methodologies. Testers have partial knowledge of the internal workings of the application, which allows them to design test cases with more efficiency. Gray box testing is ideal for situations where understanding the context is essential, such as security penetration testing, where knowledge of system architecture enhances testing effectiveness.

Group-Based Privileges: A system of assigning permissions and access rights to users based on their membership in specific groups. This is commonly used in network security to control access to resources and ensure that only authorized users can access certain systems or data. Examples include assigning different levels of access to different departments within a company or allowing members of a specific group to access certain files or applications.